myhottersearachbox

#1 Hi

Bin neu im Forum. Habe eine Frage: Ist "my hottersearchbox.com" ein Virus oder Trojaner ? Oder eine Google-Website ???

Sollte es ein Virus und Co. sein, bitte ganz einfach-verständliche Anleitungen zur Entfernung geben, da ich ein bloody beginner bin.

Danke
mycomputer

#2 ja spyware ist das, arbeite folgende anleitung ab:
http://board.protecus.de/t23187.htm
logs posten

#3 Hi

Wie kann ich den Logreport von Combofix in meinen thread hineinkopieren ?

Danke
mycomputer

#4 einfach die texte markieren, kopieren, dann auf neue antwort klicken und einfügen.

#5 Leider lassen sich die logs von Malwarebytes und ComboFix NICHT markieren.
Das ist ja das Problem.....

mycomputer

#6 dass sollten sie aber, einfach öffnen dann strg+a drücken alles ist markiert, dann strg+c drücken, kopiert.
dann hier auf neue antwort klicken und strg+v drücken und eingefügt

#7 Also ein logfile von Malwarebyes-Anti-Malware hätte ich.
Wurde zuerst zu Spyware-Doctor weitergeleitet. Deswegen klappte es nicht.
Werde jetz versuchen das ComboFix logfile hier zu posten.

mMalwarebytes' Anti-Malware 1.37
Datenbank Version: 2207
Windows 6.0.6001 Service Pack 1

01.06.2009 18:56:37
mbam-log-2009-06-01.txt

Scan-Methode: Vollständiger Scan (C:\|D:\|E:\|)
Durchsuchte Objekte: 197045
Laufzeit: 1 hour(s), 14 minute(s), 41 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Weather Services (Adware.Hotbar) -> No action taken.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\wxfw.dll (Adware.Hotbar) -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)


computer

#8 hallo, die funde hast du gelöscht?
du kannst combofix.txt auch einfach als datei anhängen

#9 So, hat endlich geklappt

mycomputer

ComboFix 09-05-31.06 - Silvia 01.06.2009 19:58.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.43.1031.18.3327.1919 [GMT 2:00]
ausgeführt von:: c:\users\Silvia\Desktop\cf.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
/wow section - STAGE 41


(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\100% Free Spades Toolbar\v3.3.0.1\100%_Free_Spades_Toolbar.dll
c:\users\Silvia\AppData\Local\Temp\cmd.execf
c:\users\Silvia\AppData\Roaming\.#
c:\windows\100%_Free_Spades_Toolbar_Uninstaller_1791.exe
c:\windows\TEMP\logishrd\LVPrcInj02.dll

.
((((((((((((((((((((((( Dateien erstellt von 2009-05-01 bis 2009-06-01 ))))))))))))))))))))))))))))))
.

2009-06-01 17:32 . 2009-06-01 17:32 -------- d-----w- c:\program files\RegCure
2009-06-01 17:06 . 2009-06-01 17:09 -------- d-----w- C:\SDFix
2009-06-01 15:24 . 2009-06-01 15:26 3371383 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-06-01 15:24 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-01 15:24 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-01 15:24 . 2009-06-01 15:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-01 13:55 . 2009-06-01 13:56 -------- d-----w- c:\program files\The Weather Channel FW
2009-06-01 13:50 . 2009-06-01 13:50 -------- d-----w- c:\users\Silvia\AppData\Roaming\Sammsoft
2009-06-01 13:49 . 2009-06-01 14:02 -------- d-----w- c:\program files\Advanced Registry Optimizer
2009-06-01 13:48 . 2009-06-01 13:55 -------- d-----w- c:\users\Silvia\AppData\Local\The Weather Channel
2009-05-31 18:04 . 2009-05-13 06:23 750 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090531.003\hub.scr
2009-05-31 18:04 . 2009-05-13 06:23 89104 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090531.003\NAVENG.SYS
2009-05-31 18:04 . 2009-05-13 06:23 876144 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090531.003\NAVEX15.SYS
2009-05-31 18:04 . 2009-05-13 06:23 371248 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090531.003\EECTRL.SYS
2009-05-31 18:04 . 2009-05-13 06:23 259368 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090531.003\ECMSVR32.DLL
2009-05-31 18:04 . 2009-05-13 06:23 2414128 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090531.003\CCERASER.DLL
2009-05-31 18:04 . 2009-05-13 06:23 177520 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090531.003\NAVENG32.DLL
2009-05-31 18:04 . 2009-05-13 06:23 1181040 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090531.003\NAVEX32A.DLL
2009-05-31 18:04 . 2009-05-13 06:23 101936 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20090531.003\ERASER.SYS
2009-05-31 17:53 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-05-31 17:53 . 2009-03-24 14:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-05-31 17:53 . 2009-05-31 17:53 -------- d-----w- c:\programdata\Avira
2009-05-31 17:53 . 2009-05-31 17:53 -------- d-----w- c:\program files\Avira
2009-05-31 09:24 . 2009-05-31 09:24 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-05-31 09:24 . 2009-05-31 17:55 -------- d-----w- c:\program files\Norton Security Scan
2009-05-30 19:36 . 2009-05-30 19:36 -------- d-----w- C:\rsit
2009-05-30 18:38 . 2009-05-30 18:38 368640 ----a-w- c:\programdata\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_de_EAA4EFE40616FD3C.dll
2009-05-30 18:08 . 2009-05-30 18:08 -------- d-----w- c:\windows\system32\Adobe
2009-05-27 17:15 . 2009-05-27 17:15 -------- d-----w- c:\program files\Common Files\Logitech
2009-05-27 17:15 . 2009-05-27 17:15 -------- d-----w- c:\users\Silvia\AppData\Local\Downloaded Installations
2009-05-26 10:41 . 2007-11-17 21:22 3636 ----a-w- c:\windows\system32\drivers\nvphy.bin
2009-05-20 10:25 . 2009-05-20 10:25 -------- d-----w- c:\program files\Trend Micro
2009-05-20 10:14 . 2009-05-20 10:14 -------- d-----w- c:\program files\Navilog1
2009-05-20 09:57 . 2008-12-11 06:38 159600 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-05-20 09:57 . 2009-04-03 09:18 130936 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-05-20 09:57 . 2008-12-18 10:16 73840 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-05-20 09:57 . 2009-05-20 10:00 -------- d-----w- c:\program files\Common Files\PC Tools
2009-05-20 09:57 . 2008-12-10 09:36 64392 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-05-20 09:56 . 2009-06-01 08:15 -------- d-----w- c:\program files\Spyware Doctor
2009-05-20 09:56 . 2009-05-20 09:56 -------- d-----w- c:\users\Silvia\AppData\Roaming\PC Tools
2009-05-20 09:56 . 2009-05-20 09:56 -------- d-----w- c:\programdata\PC Tools
2009-05-20 06:42 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-05-20 06:42 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll
2009-05-20 06:42 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll
2009-05-20 06:42 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe
2009-05-20 06:42 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2009-05-20 06:42 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2009-05-20 06:42 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2009-05-20 06:37 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll
2009-05-20 06:37 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-05-20 06:37 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll
2009-05-20 06:37 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll
2009-05-20 06:37 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll
2009-05-19 20:16 . 2009-05-19 20:16 -------- d-----w- c:\users\Silvia\AppData\Roaming\Malwarebytes
2009-05-19 20:16 . 2009-05-19 20:16 -------- d-----w- c:\programdata\Malwarebytes
2009-05-19 19:46 . 2009-05-19 19:47 -------- d-----w- c:\program files\AGEIA Technologies
2009-05-19 19:46 . 2009-05-19 19:46 -------- d-----w- c:\windows\system32\AGEIA
2009-05-19 19:46 . 2009-05-19 19:46 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-05-19 19:45 . 2009-05-19 19:45 -------- d-----w- C:\NVIDIA
2009-05-19 19:20 . 2009-05-19 19:20 -------- d-----w- c:\program files\SystemRequirementsLab
2009-05-19 19:11 . 2009-05-19 19:11 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2009-05-19 13:31 . 2009-05-19 17:43 -------- d-----w- c:\programdata\NOS
2009-05-19 13:31 . 2009-05-19 17:43 -------- d-----w- c:\program files\NOS
2009-05-18 14:07 . 2009-05-18 14:07 -------- d-----w- c:\program files\Yahtzee
2009-05-18 14:07 . 2009-05-18 14:07 -------- d-----w- c:\users\Silvia\AppData\Roaming\SpinTop
2009-05-18 13:59 . 2009-05-18 13:59 -------- d-----w- c:\program files\ReflexiveArcade
2009-05-14 21:03 . 2009-05-14 21:03 805888 ----a-w- c:\users\Silvia\AppData\Roaming\Techno Design IP\LiveSearch Notification.exe
2009-05-14 21:03 . 2009-05-14 21:03 -------- d-----w- c:\users\Silvia\AppData\Roaming\Techno Design IP
2009-05-13 18:10 . 2009-05-13 18:10 -------- d-----w- c:\programdata\Zylom
2009-05-13 18:08 . 2009-03-25 09:42 114688 ----a-w- c:\users\Silvia\AppData\Roaming\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
2009-05-13 18:08 . 2009-05-13 18:10 -------- d-----w- c:\users\Silvia\AppData\Roaming\Zylom
2009-05-13 18:08 . 2006-09-26 11:03 161976 ----a-w- c:\users\Silvia\AppData\Roaming\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll
2009-05-13 18:08 . 2009-05-30 19:10 -------- d-----w- c:\users\Silvia\AppData\Local\Zylom Games
2009-05-06 19:56 . 2009-05-31 18:09 -------- d-----w- c:\users\Silvia\AppData\Local\Google
2009-05-06 19:49 . 2009-05-31 09:17 -------- d-----w- c:\program files\Google

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-01 14:22 . 2008-04-09 09:14 618204 ----a-w- c:\windows\system32\perfh007.dat
2009-06-01 14:22 . 2008-04-09 09:14 122636 ----a-w- c:\windows\system32\perfc007.dat
2009-05-07 20:10 . 2009-04-23 17:37 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2009-05-07 20:10 . 2009-04-23 17:37 -------- d-----w- c:\program files\DVDVideoSoft
2009-04-30 22:08 . 2009-04-30 22:08 1505824 ----a-w- c:\windows\system32\nvcpluir.dll
2009-04-30 22:08 . 2009-04-30 22:08 1194528 ----a-w- c:\windows\system32\nvcplui.exe
2009-04-30 22:08 . 2009-04-30 22:08 1358368 ----a-w- c:\windows\system32\nvsvsr.dll
2009-04-30 22:08 . 2009-04-30 22:08 1292832 ----a-w- c:\windows\system32\nvsvs.dll
2009-04-30 20:02 . 2009-04-30 20:02 9850016 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2009-04-30 20:02 . 2009-04-30 20:02 663552 ----a-w- c:\windows\system32\nvcuvid.dll
2009-04-30 20:02 . 2009-04-30 20:02 457248 ----a-w- c:\windows\system32\nvudisp.exe
2009-04-30 20:02 . 2009-04-30 20:02 4224 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2009-04-30 20:02 . 2009-04-30 20:02 3128320 ----a-w- c:\windows\system32\nvwgf2um.dll
2009-04-30 20:02 . 2009-04-30 20:02 1704960 ----a-w- c:\windows\system32\nvcuda.dll
2009-04-30 20:02 . 2009-04-30 20:02 143360 ----a-w- c:\windows\system32\nvcod146.dll
2009-04-30 20:02 . 2009-04-30 20:02 143360 ----a-w- c:\windows\system32\nvcod.dll
2009-04-30 20:02 . 2009-04-30 20:02 1314816 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-04-30 20:02 . 2009-04-30 20:02 10366976 ----a-w- c:\windows\system32\nvoglv32.dll
2009-04-30 20:02 . 2008-10-08 21:30 983552 ----a-w- c:\windows\system32\nvapi.dll
2009-04-30 20:02 . 2008-10-08 21:30 7593472 ----a-w- c:\windows\system32\nvd3dum.dll
2009-04-28 15:40 . 2009-04-28 15:40 0 ----a-w- c:\users\Silvia\AppData\Roaming\wklnhst.dat
2009-04-28 15:34 . 2009-04-28 15:34 -------- d-----w- c:\program files\Serif
2009-04-28 15:22 . 2009-04-23 15:52 90272 ----a-w- c:\users\Silvia\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-27 16:43 . 2009-04-27 16:43 -------- d-----w- c:\program files\MSXML 4.0
2009-04-27 14:12 . 2009-04-27 14:00 167916 ----a-w- c:\windows\hpoins32.dat
2009-04-27 14:07 . 2009-04-23 16:11 -------- d-----w- c:\program files\HP
2009-04-27 14:06 . 2009-04-23 16:09 -------- d-----w- c:\programdata\HP
2009-04-27 14:02 . 2009-04-27 14:02 -------- d-----w- c:\program files\Common Files\HP
2009-04-27 14:02 . 2009-04-27 14:02 -------- d-----w- c:\program files\Hewlett-Packard
2009-04-27 13:59 . 2009-04-23 15:53 -------- d-----w- c:\programdata\HDBR31
2009-04-27 12:02 . 2009-04-27 12:02 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-04-26 22:42 . 2008-10-08 21:29 457248 ----a-w- c:\windows\system32\nvuninst.exe
2009-04-26 21:06 . 2009-04-26 17:44 -------- d-----w- c:\users\Silvia\AppData\Roaming\LimeWire
2009-04-26 18:55 . 2009-04-26 17:31 -------- d-----w- c:\users\Silvia\AppData\Roaming\vlc
2009-04-26 17:29 . 2009-04-26 15:45 -------- d-----w- c:\users\Silvia\AppData\Roaming\MozillaControl
2009-04-26 17:26 . 2009-04-26 16:09 -------- d-----w- c:\users\Silvia\AppData\Roaming\Spadester
2009-04-26 17:25 . 2009-04-24 19:13 -------- d-----w- c:\program files\Hardwood Spades
2009-04-26 15:43 . 2009-04-26 15:38 -------- d-----w- c:\program files\Graboid
2009-04-26 15:43 . 2009-04-26 15:43 -------- d-----w- c:\program files\VideoLAN
2009-04-26 14:30 . 2009-04-23 17:27 -------- d-----w- c:\programdata\Logishrd
2009-04-24 20:11 . 2009-04-23 17:27 -------- d-----w- c:\program files\Common Files\LogiShrd
2009-04-24 19:44 . 2009-04-24 19:44 -------- d-----w- c:\program files\100% Free Spades Toolbar
2009-04-24 19:44 . 2009-04-24 19:44 -------- d-----w- c:\program files\DreamQuest
2009-04-24 19:13 . 2009-04-24 19:13 -------- d-----w- c:\program files\SilverCreekCommonFiles
2009-04-24 19:05 . 2009-04-24 19:05 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-04-24 19:05 . 2009-04-24 19:05 -------- d-----w- c:\program files\Java
2009-04-24 18:16 . 2009-04-23 17:30 -------- d-----w- c:\program files\Common Files\InstallShield
2009-04-24 18:16 . 2009-04-24 17:57 -------- d-----w- c:\program files\Maxis
2009-04-24 18:16 . 2009-04-23 17:30 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-04-24 17:48 . 2009-04-24 17:48 648520 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-04-24 08:35 . 2009-04-24 08:35 -------- d-----w- c:\program files\Panasonic
2009-04-23 20:09 . 2009-04-23 20:09 -------- d-----w- c:\program files\Microsoft
2009-04-23 20:09 . 2009-04-23 20:08 -------- d-----w- c:\program files\Windows Live
2009-04-23 20:08 . 2009-04-23 20:08 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-04-23 20:06 . 2009-04-23 20:04 -------- d-----w- c:\users\Silvia\AppData\Roaming\HP
2009-04-23 20:05 . 2009-04-23 20:05 -------- d-----w- c:\programdata\WEBREG
2009-04-23 17:37 . 2009-04-23 17:37 -------- d-----w- c:\program files\AskBarDis
2009-04-23 17:34 . 2009-04-23 17:34 -------- d-----w- c:\program files\Common Files\Windows Live
2009-04-23 17:30 . 2009-04-23 17:30 127034 ------r- c:\windows\bwUnin-8.1.1.50-8876480SL.exe
2009-04-23 17:30 . 2009-04-23 17:27 -------- d-----w- c:\program files\Logitech
2009-04-23 17:30 . 2009-04-23 17:30 -------- d-----w- c:\users\Silvia\AppData\Roaming\Leadertech
2009-04-23 17:27 . 2009-04-23 17:27 -------- d-----w- c:\programdata\Logitech
2009-04-23 16:48 . 2009-04-23 16:48 -------- d-----w- c:\users\Silvia\AppData\Roaming\Apple Computer
2009-04-23 16:48 . 2009-04-23 16:48 -------- d-----w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-23 16:48 . 2009-04-23 16:48 -------- d-----w- c:\program files\iTunes
2009-04-23 16:48 . 2009-04-23 16:48 -------- d-----w- c:\program files\iPod
2009-04-23 16:48 . 2009-04-23 16:47 -------- d-----w- c:\program files\Common Files\Apple
2009-04-23 16:48 . 2009-04-23 16:48 -------- d-----w- c:\programdata\Apple Computer
2009-04-23 16:48 . 2009-04-23 16:48 -------- d-----w- c:\program files\Bonjour
2009-04-23 16:48 . 2009-04-23 16:48 -------- d-----w- c:\program files\QuickTime
2009-04-23 16:47 . 2009-04-23 16:47 -------- d-----w- c:\program files\Apple Software Update
2009-04-23 16:47 . 2009-04-23 16:47 -------- d-----w- c:\programdata\Apple
2009-04-23 16:13 . 2009-04-23 16:12 -------- d-----w- c:\program files\tele.ring
2009-04-23 16:12 . 2009-04-23 16:12 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2009-04-23 15:52 . 2009-04-23 15:47 -------- d-----w- c:\program files\Microsoft Works
2009-04-23 15:52 . 2009-04-23 15:52 -------- d-----w- c:\programdata\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2009-04-23 15:52 . 2009-04-23 15:52 -------- d-----w- c:\program files\Activation Assistant for the 2007 Microsoft Office suites
2009-04-23 15:48 . 2009-04-23 15:48 -------- d-----w- c:\program files\Common Files\Fujitsu Siemens Computers
2009-04-23 15:48 . 2009-04-23 15:41 -------- d-----w- c:\program files\Fujitsu Siemens Computers
2009-04-23 15:47 . 2009-04-23 15:47 -------- d-----w- c:\program files\Microsoft.NET
2009-04-23 15:43 . 2009-04-23 15:43 -------- d-----w- c:\program files\Common Files\Nero
2009-04-23 15:43 . 2009-04-23 15:43 -------- d-----w- c:\programdata\Nero
2009-04-23 15:43 . 2009-04-23 15:43 -------- d-----w- c:\program files\Nero
2009-04-03 10:39 . 2009-04-03 10:39 70936 ----a-w- c:\windows\system32\PhysXLoader.dll
2009-04-02 14:29 . 2009-04-02 14:29 75048 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-03-26 13:23 . 2009-03-26 13:23 36864 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-03-26 13:23 . 2009-03-26 13:23 1900544 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-03-19 14:32 . 2009-04-23 16:48 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-19 14:32 . 2009-03-19 14:32 23400 ----a-w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2009-03-17 03:38 . 2009-04-27 11:41 13824 ----a-w- c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-27 11:41 24064 ----a-w- c:\windows\system32\amxread.dll
2009-03-08 11:34 . 2009-05-27 17:22 914944 ----a-w- c:\windows\system32\wininet.dll
2009-03-08 11:34 . 2009-05-27 17:22 43008 ----a-w- c:\windows\system32\licmgr10.dll
2009-03-08 11:33 . 2009-05-27 17:22 18944 ----a-w- c:\windows\system32\corpol.dll
2009-03-08 11:33 . 2009-05-27 17:22 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-03-08 11:33 . 2009-05-27 17:22 109568 ----a-w- c:\windows\system32\PDMSetup.exe
2009-03-08 11:33 . 2009-05-27 17:22 132608 ----a-w- c:\windows\system32\ieUnatt.exe
2009-03-08 11:33 . 2009-05-27 17:22 107520 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 11:33 . 2009-05-27 17:22 107008 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 11:33 . 2009-05-27 17:22 103936 ----a-w- c:\windows\system32\SetDepNx.exe
.

(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-26 08:32 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"fsc-reg"="c:\fsc-reg\fscreg.exe" [2008-08-01 380688]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-30 39408]
"AROReminder"="c:\program files\Advanced Registry Optimizer\ARO.exe" [2008-04-01 2084480]
"DW4"="c:\program files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe" [2007-12-20 715888]
"WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2008-01-21 2153472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EnergySettings"="c:\program files\Fujitsu Siemens Computers\Energy Settings\EnergySettings.exe" [2008-09-19 113664]
"FSCRecovery"="c:\program files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe" [2008-06-18 268096]
"KeyConfiguration"="c:\program files\Fujitsu Siemens Computers\Key Configuration Tool\KeyConfigurationTool.exe" [2008-09-04 413184]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-24 148888]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-30 13781536]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2008-12-08 1173384]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-08-27 6281760]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"fsc-reg"="c:\fsc-reg\fscreg.exe" [2008-08-01 380688]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2009-4-23 66864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{D1C8A4D2-1ACF-44C8-92A7-2ED3E268F4FE}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{D6DE8177-DAA2-4908-9EEB-4B8F3F95ACF1}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{66BCA7FB-9FD9-45AF-805B-2670D3706A4C}"= c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{89163711-304B-4BF5-88BD-2B7DA37BB564}"= c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{B64615E8-8C88-460D-AE87-150542D231ED}"= c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{FE8A7BC7-FA1E-40C9-AB52-B5B5C0FBA27E}"= c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{6F5E4016-F136-4510-86A6-55868F538F8E}"= c:\program files\HP\Digital Imaging\bin\hpfccopy.exe:hpfccopy.exe
"{66978BAA-A6F1-44B7-AC85-772E723FBC5D}"= c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{C806FA4D-A1DC-4195-9538-954CC92BAABC}"= c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{E9A795F0-EEC1-447D-8130-C338A71FA516}"= c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{9A100D6B-C183-4E2B-B074-9104CC26CF5D}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{71FE27DE-7CFA-4846-9251-C4D829C8AFC5}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"{9EAB52A9-D4F6-46A0-87F8-6FBB8A403E9B}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{2E740397-32D8-47CC-9590-77CF19EC6392}"= c:\program files\HP\Digital Imaging\bin\hpqgplgtupl.exe:hpqgplgtupl.exe
"{2855B0D6-F548-4CAA-BCEE-A04BD1565D4C}"= c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe:hpqgpc01.exe
"{8BDBFEDA-5CC0-4285-88EB-A75122B10D2D}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{A0202306-4AA0-4BD0-96A0-C5B3FA3305CF}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{6EDF539F-3F9E-4174-A57A-20F59B61172F}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{C36CE9EB-40E2-43AE-85DE-B0796915E3AF}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{FE5704C2-7EEB-4D67-9CF8-1C9A524D315C}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{DEB220B7-0C07-4855-87A9-6EA6ED96CA1D}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{107FB174-B7BC-4FC1-A8D8-84A6A22AA5B2}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{A1EC49DC-EFCE-4EFE-9468-9A0B414758D4}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{C1C959A3-211D-417C-BEEA-FF3C7662958C}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{84399040-255F-4F1C-B246-F4E566457BF3}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{B0BB05D7-70BC-4D6C-96BE-084F7A9CF935}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{789DCD47-5FBB-4029-B5DF-29AD641C5000}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire

R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [20.05.2009 11:57 130936]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [31.05.2009 19:53 108289]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [20.05.2009 11:56 348752]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\drivers\mbamswissarmy.sys [01.06.2009 17:24 40160]
S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\System32\drivers\netr28u.sys [08.10.2008 23:31 641024]

--- Andere Dienste/Treiber im Speicher ---

*Deregistered* - mchInjDrv

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Inhalt des "geplante Tasks" Ordners

2009-06-01 c:\windows\Tasks\Norton Security Scan for Silvia.job
- c:\program files\Norton Security Scan\Nss.exe [2009-03-13 18:20]

2009-06-01 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2008-12-29 17:58]

2009-06-01 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2008-12-29 17:58]

2009-06-01 c:\windows\Tasks\User_Feed_Synchronization-{107E6E20-73F6-4305-AE3A-92B1AC090A6A}.job
- c:\windows\system32\msfeedssync.exe [2009-05-27 11:31]
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

HKCU-Run-CCleaner - c:\program files\CCleaner\CCleaner.exe
SafeBoot-procexp90.Sys


.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.at/
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-01 20:06
Windows 6.0.6001 Service Pack 1 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'Explorer.exe'(10436)
c:\program files\Spyware Doctor\pctgmhk.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\System32\audiodg.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Spyware Doctor\pctsSvc.exe
c:\program files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
c:\windows\System32\WUDFHost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\windows\System32\wbem\WMIADAP.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2009-06-01 20:10 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2009-06-01 18:10

Vor Suchlauf: 24 Verzeichnis(se), 62.425.862.144 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 62.316.359.680 Bytes frei

Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
351 --- E O F --- 2009-05-28 20:07

#10 was hast du mit sdfix gelöscht? bitte nutze keine solche tools ohne anweisung, poste das log von sdfix

#11 Hik

Leider konnten jeweils nur 3 Fehler behobenwerden.
Wahrscheinlich, weil es eine Gratisversion ist.

Hm

mycomputer

#12 sdfix ist immer gratis, du musst mit rechtsklick und als administrator ausfüren wählen, aber ich möchte jetzt erst mal ein hjt-log sehen und wissen, wie dein pc läuft. welche version von avira ist instaliert?

#13 Hi

Ich habe Avira AntiVir Personal. Das ist für 1 Jahr kostenlos. Werde versuchen, jetzt ein HJT logfile zu bekommen.

So long,
mycomputer

#14 Ja, dass weis ich... aber version 8 oder neun?

#15 Habe Avira Version 9

Werde jetzt HJT versuchen.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:44:06, on 30.05.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Fujitsu Siemens Computers\Energy Settings\EnergySettings.exe
C:\Program Files\Fujitsu Siemens Computers\Key Configuration Tool\KeyConfigurationTool.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\tele.ring\tele.ring Mobile Internet.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Silvia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CHW664C8\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\Silvia.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.at/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: 100% Free Spades Toolbar Helper - {17DF7D60-3575-497F-8D11-F8882E3E1CE9} - C:\Program Files\100% Free Spades Toolbar\v3.3.0.1\100%_Free_Spades_Toolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: 100% Free Spades Toolbar - {02F7A7EB-89F8-47FF-A75C-52C1060EC144} - C:\Program Files\100% Free Spades Toolbar\v3.3.0.1\100%_Free_Spades_Toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [EnergySettings] C:\Program Files\Fujitsu Siemens Computers\Energy Settings\EnergySettings.exe
O4 - HKLM\..\Run: [FSCRecovery] c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe
O4 - HKLM\..\Run: [KeyConfiguration] C:\Program Files\Fujitsu Siemens Computers\Key Configuration Tool\KeyConfigurationTool.exe /silent
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\RunOnce: [NSSInstallation] C:\Windows\system32\Adobe\Shockwave 11\nssstub.exe /RunOnce
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [fsc-reg] C:\fsc-reg\fscreg.exe 20090526
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - DefaultPrefix: http://www.myhottersearchbox.com/not_found_de/?url=
O13 - WWW Prefix: http://www.myhottersearchbox.com/not_found_de/?url=
O13 - Gopher Prefix:
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Yahtzee/Images/stg_drm.ocx
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-09.sun.com/s/ESD7/JSCDL/jdk/6u13-b03/jinstall-6u13-windows-i586-jc.cab?e=1240599875897&h=293bf992edaac48b836cb4a97769450e/&filename=jinstall-6u13-windows-i586-jc.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Yahtzee/Images/armhelper.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{002ECBC5-1097-4D93-9980-BA6418B94DD0}: NameServer = 213.162.69.169 213.162.65.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{002ECBC5-1097-4D93-9980-BA6418B94DD0}: NameServer = 213.162.69.169 213.162.65.1
O17 - HKLM\System\CS4\Services\Tcpip\..\{002ECBC5-1097-4D93-9980-BA6418B94DD0}: NameServer = 213.162.69.169 213.162.65.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe

--
End of file - 12836 bytes


Hier kommt noch die Uninstall Liste

100% Free Spades 7.18
100% Free Spades Toolbar
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
32 Bit HP CIO Components Installer
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.1 - Deutsch
Adobe Shockwave Player 11.5
Advanced Registry Optimizer
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Avira AntiVir Personal - Free Antivirus
Bonjour
Choice Guard
Compatibility Pack für 2007 Office System
Energy Settings
Free Video to Mp3 Converter version 3.1
Free YouTube Download 2.2
Free YouTube to Mp3 Converter version 3.1
Fujitsu Siemens Computers Recovery
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Graboid Video 1.5
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 12.0
HP Imaging Device Functions 12.0
HP Photosmart C5300 All-In-One Driver Software 12.0 Rel .4
HP Photosmart Essential 3.5
HP Smart Web Printing
HP Solution Center 12.0
HP Update
iTunes
Java(TM) 6 Update 13
Key Configuration Tool
Logitech Desktop Messenger
Logitech QuickCam
Logitech QuickCam-Treiberpaket
Logitech Updater
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Office Excel MUI (German) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (German) 2007
Microsoft Office PowerPoint MUI (German) 2007
Microsoft Office PowerPoint Viewer 2007 (German)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proofing (German) 2007
Microsoft Office Shared MUI (German) 2007
Microsoft Office Word MUI (German) 2007
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Works
MSVCRT
Nero 8 Essentials
neroxml
Norton Security Scan
Norton Security Scan (Symantec Corporation)
NVIDIA Drivers
NVIDIA PhysX
PrintMaster® Silber
QuickTime
Realtek High Definition Audio Driver
RegCure 1.5.2.7
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB960003)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB959997)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Serif DrawPlus 3.0
Shop for HP Supplies
Spelling Dictionaries Support For Adobe Reader 9
System Requirements Lab
SystemDiagnostics
tele.ring Mobile Internet
The Weather Channel Desktop
Uninstall 1.0.0.1
Update for 2007 Microsoft Office System (KB967642)
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
VCRedistSetup
VideoLAN VLC media player 0.8.6d
Weather Services
Windows Live Anmelde-Assistent
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
Windows Live-Uploadtool
Yahtzee

Brauchen Sie noch was ?


mycomputer