- #1
E
Erik
Guest
Ich kann meinen Desktop nicht ändern da die Schaltfläche grau hinterlegt ist. Dieses Problem wurde hier schon mal behandelt im Post
Desktop lässt sich nicht ändern!!! von BaStI101 am: 05.03.06 um 21:32:32 »
Ich hab den tipp von Mopao mal durch geführt bis auf das mit
Ewido Security Suite (http://www.ewido.net/de/download) da dieser link mich zu AVG führt und ich bei der Installertion vom Tool immer hängen bleibe.
Denn noch habe ich keine Änderung leider. kann mir einer weiter helfen??
Logfile of HijackThis v1.99.1
Scan saved at 13:11:33, on 12.05.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Dokumente und Einstellungen\Michaela Waldera\Desktop\HijackThis.exe
R3 - Default URLSearchHook is missing
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] C:\Programme\Acer\Acer Arcade\PCMService.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [eRecoveryService] C:\Programme\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ACU] C:\Programme\Atheros\ACU.exe -nogui
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] C:\Programme\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Spybot - Search & Destroy\TeaTimer.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra->Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\ICQLite\ICQLite.exe (file missing)
O9 - Extra->Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\SPYBOT~1\SDHelper.dll
O9 - Extra->Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra->Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra->Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~3\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~3\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Atheros-Konfigurationsdienst (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe -d -f %ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
smitRem © log file
version 3.2
by noahdfear
Microsoft Windows XP [Version 5.1.2600]
IE=6.0000
Running from
C:\Dokumente und Einstellungen\Michaela Waldera\Desktop\smitRem
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Pre-run SharedTask Export
(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright(C) 2006 BleepingComputer.com
Registry Pseudo-Format Mode (Not a valid reg file):
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
{438755C2-A8BA-11D1-B96B-00A0C90312E1}=Browseui preloader
{8C7461EF-2B13-11d2-BE35-3078302C2030}=Component Categories cache daemon
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@=%SystemRoot%\system32\browseui.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@=%SystemRoot%\system32\browseui.dll
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Appinitdll check ........ Thank you Grinler!
dumphive.exe (C)2000-2004 Markus Stephany
REGEDIT4
[Windows]
AppInit_DLLs=
DeviceNotSelectedTimeout=15
GDIProcessHandleQuota=dword:00002710
Spooler=yes
swapdisk=
TransmissionRetryTimeout=90
USERProcessHandleQuota=dword:00002710
LoadAppInit_DLLs=dword:00000001
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
XP Firewall allowed access
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\\system32\\sessmgr.exe=%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019
C:\\Programme\\Acer\\Acer Arcade\\PCMService.exe=C:\\Programme\\Acer\\Acer Arcade\\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program
C:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLacsd.exe=C:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLacsd.exe:*:Enabled:AOL
C:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLDial.exe=C:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLDial.exe:*:Enabled:AOL
C:\\Programme\\AOL 9.0\\waol.exe=C:\\Programme\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0
D:\\World of Warcraft\\BackgroundDownloader.exe=D:\\World of Warcraft\\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader
D:\\World of Warcraft\\WoW-1.10.2.5302-to-1.11.0.5428-deDE-downloader.exe=D:\\World of Warcraft\\WoW-1.10.2.5302-to-1.11.0.5428-deDE-downloader.exe:*:Enabled:Blizzard Downloader
D:\\World of Warcraft\\WoW-1.11.1.5462-to-1.11.2.5464-deDE-downloader.exe=D:\\World of Warcraft\\WoW-1.11.1.5462-to-1.11.2.5464-deDE-downloader.exe:*:Enabled:Blizzard Downloader
C:\\WINDOWS\\System32\\dpvsetup.exe=C:\\WINDOWS\\System32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test
C:\\WINDOWS\\System32\\rundll32.exe=C:\\WINDOWS\\System32\\rundll32.exe:*:Enabled:Eine DLL-Datei als Anwendung ausfhren
D:\\World of Warcraft\\WoW-1.11.2.5464-to-1.12.0.5595-deDE-downloader.exe=D:\\World of Warcraft\\WoW-1.11.2.5464-to-1.12.0.5595-deDE-downloader.exe:*:Enabled:Blizzard Downloader
D:\\World of Warcraft\\WoW-1.12.0.5595-to-1.12.1.5875-deDE-downloader.exe=D:\\World of Warcraft\\WoW-1.12.0.5595-to-1.12.1.5875-deDE-downloader.exe:*:Enabled:Blizzard Downloader
D:\\BitLord\\BitLord.exe=D:\\BitLord\\BitLord.exe:*:Enabled:BitLord
D:\\World of Warcraft\\WoW-1.12.x-to-2.0.1-deDE-patch-downloader.exe=D:\\World of Warcraft\\WoW-1.12.x-to-2.0.1-deDE-patch-downloader.exe:*:Enabled:Blizzard Downloader
D:\\World of Warcraft\\WoW-2.0.3-deDE-downloader.exe=D:\\World of Warcraft\\WoW-2.0.3-deDE-downloader.exe:*:Enabled:Blizzard Downloader
D:\\World of Warcraft\\Repair.exe=D:\\World of Warcraft\\Repair.exe:*:Enabled:Blizzard Repair Utility
D:\\World of Warcraft\\WoW-2.0.3.6299-to-2.0.5.6320-deDE-downloader.exe=D:\\World of Warcraft\\WoW-2.0.3.6299-to-2.0.5.6320-deDE-downloader.exe:*:Enabled:Blizzard Downloader
D:\\World of Warcraft\\WoW-2.0.5.6320-to-2.0.6.6337-deDE-downloader.exe=D:\\World of Warcraft\\WoW-2.0.5.6320-to-2.0.6.6337-deDE-downloader.exe:*:Enabled:Blizzard Downloader
D:\\World of Warcraft\\WoW-2.0.6.6337-to-2.0.7.6383-deDE-downloader.exe=D:\\World of Warcraft\\WoW-2.0.6.6337-to-2.0.7.6383-deDE-downloader.exe:*:Enabled:Blizzard Downloader
D:\\World of Warcraft\\WoW-2.0.7.6383-to-2.0.8.6403-deDE-downloader.exe=D:\\World of Warcraft\\WoW-2.0.7.6383-to-2.0.8.6403-deDE-downloader.exe:*:Enabled:Blizzard Downloader
C:\\Programme\\Skype\\Phone\\Skype.exe=C:\\Programme\\Skype\\Phone\\Skype.exe:*:Enabled:Skype
C:\\Programme\\uTorrent\\uTorrent.exe=C:\\Programme\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent
C:\\Dokumente und Einstellungen\\Michaela Waldera\\Desktop\\utorrent.exe=C:\\Dokumente und Einstellungen\\Michaela Waldera\\Desktop\\utorrent.exe:*:Enabled:æTorrent
C:\\WINDOWS\\Temp\\~os26.tmp\\ossproxy.exe=C:\\WINDOWS\\Temp\\~os26.tmp\\ossproxy.exe:*:Enabledssproxy.exe
C:\\BitLord\\BitLord.exe=C:\\BitLord\\BitLord.exe:*:Enabled:BitLord
C:\\Programme\\Octoshape Streaming Services\\Michaela Waldera\\OctoshapeClient.exe=C:\\Programme\\Octoshape Streaming Services\\Michaela Waldera\\OctoshapeClient.exe:*:Enabled:OctoshapeClient
C:\\Programme\\Messenger\\msmsgs.exe=C:\\Programme\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger
C:\\ICQLite\\ICQLite.exe=C:\\ICQLite\\ICQLite.exe:*:Enabled:ICQ Lite
C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe=C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\\Programme\\Windows Live\\Messenger\\livecall.exe=C:\\Programme\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)
C:\\Programme\\ICQ6\\ICQ.exe=C:\\Programme\\ICQ6\\ICQ.exe:*:Enabled:ICQ6
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
checking for ShudderLTD key
ShudderLTD key not present!
checking for PSGuard.com key
PSGuard.com key not present!
checking for WinHound.com key
WinHound.com key not present!
checking for drsmartload2 key
drsmartload2 key not present!
spyaxe uninstaller NOT present
Winhound uninstaller NOT present
SpywareStrike uninstaller NOT present
AlfaCleaner uninstaller NOT present
SpyFalcon uninstaller NOT present
SpywareQuake uninstaller NOT present
SpywareSheriff uninstaller NOT present
Trust Cleaner uninstaller NOT present
SpyHeal uninstaller NOT present
VirusBurst uninstaller NOT present
BraveSentry uninstaller NOT present
AntiVermins uninstaller NOT present
VirusBursters uninstaller NOT present
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Existing Pre-run Files
~~~ Program Files ~~~
~~~ Shortcuts ~~~
Hoffe mir kann jemand helfen
mfg Erik
Desktop lässt sich nicht ändern!!! von BaStI101 am: 05.03.06 um 21:32:32 »
Ich hab den tipp von Mopao mal durch geführt bis auf das mit
Ewido Security Suite (http://www.ewido.net/de/download) da dieser link mich zu AVG führt und ich bei der Installertion vom Tool immer hängen bleibe.
Denn noch habe ich keine Änderung leider. kann mir einer weiter helfen??
Logfile of HijackThis v1.99.1
Scan saved at 13:11:33, on 12.05.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Dokumente und Einstellungen\Michaela Waldera\Desktop\HijackThis.exe
R3 - Default URLSearchHook is missing
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] C:\Programme\Acer\Acer Arcade\PCMService.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [eRecoveryService] C:\Programme\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ACU] C:\Programme\Atheros\ACU.exe -nogui
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster2] C:\Programme\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Spybot - Search & Destroy\TeaTimer.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra->Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\ICQLite\ICQLite.exe (file missing)
O9 - Extra->Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\SPYBOT~1\SDHelper.dll
O9 - Extra->Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra->Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra->Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~3\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~3\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Atheros-Konfigurationsdienst (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe -d -f %ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
smitRem © log file
version 3.2
by noahdfear
Microsoft Windows XP [Version 5.1.2600]
IE=6.0000
Running from
C:\Dokumente und Einstellungen\Michaela Waldera\Desktop\smitRem
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Pre-run SharedTask Export
(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright(C) 2006 BleepingComputer.com
Registry Pseudo-Format Mode (Not a valid reg file):
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
{438755C2-A8BA-11D1-B96B-00A0C90312E1}=Browseui preloader
{8C7461EF-2B13-11d2-BE35-3078302C2030}=Component Categories cache daemon
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@=%SystemRoot%\system32\browseui.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@=%SystemRoot%\system32\browseui.dll
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Appinitdll check ........ Thank you Grinler!
dumphive.exe (C)2000-2004 Markus Stephany
REGEDIT4
[Windows]
AppInit_DLLs=
DeviceNotSelectedTimeout=15
GDIProcessHandleQuota=dword:00002710
Spooler=yes
swapdisk=
TransmissionRetryTimeout=90
USERProcessHandleQuota=dword:00002710
LoadAppInit_DLLs=dword:00000001
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
XP Firewall allowed access
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
%windir%\\system32\\sessmgr.exe=%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019
C:\\Programme\\Acer\\Acer Arcade\\PCMService.exe=C:\\Programme\\Acer\\Acer Arcade\\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program
C:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLacsd.exe=C:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLacsd.exe:*:Enabled:AOL
C:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLDial.exe=C:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLDial.exe:*:Enabled:AOL
C:\\Programme\\AOL 9.0\\waol.exe=C:\\Programme\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0
D:\\World of Warcraft\\BackgroundDownloader.exe=D:\\World of Warcraft\\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader
D:\\World of Warcraft\\WoW-1.10.2.5302-to-1.11.0.5428-deDE-downloader.exe=D:\\World of Warcraft\\WoW-1.10.2.5302-to-1.11.0.5428-deDE-downloader.exe:*:Enabled:Blizzard Downloader
D:\\World of Warcraft\\WoW-1.11.1.5462-to-1.11.2.5464-deDE-downloader.exe=D:\\World of Warcraft\\WoW-1.11.1.5462-to-1.11.2.5464-deDE-downloader.exe:*:Enabled:Blizzard Downloader
C:\\WINDOWS\\System32\\dpvsetup.exe=C:\\WINDOWS\\System32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test
C:\\WINDOWS\\System32\\rundll32.exe=C:\\WINDOWS\\System32\\rundll32.exe:*:Enabled:Eine DLL-Datei als Anwendung ausfhren
D:\\World of Warcraft\\WoW-1.11.2.5464-to-1.12.0.5595-deDE-downloader.exe=D:\\World of Warcraft\\WoW-1.11.2.5464-to-1.12.0.5595-deDE-downloader.exe:*:Enabled:Blizzard Downloader
D:\\World of Warcraft\\WoW-1.12.0.5595-to-1.12.1.5875-deDE-downloader.exe=D:\\World of Warcraft\\WoW-1.12.0.5595-to-1.12.1.5875-deDE-downloader.exe:*:Enabled:Blizzard Downloader
D:\\BitLord\\BitLord.exe=D:\\BitLord\\BitLord.exe:*:Enabled:BitLord
D:\\World of Warcraft\\WoW-1.12.x-to-2.0.1-deDE-patch-downloader.exe=D:\\World of Warcraft\\WoW-1.12.x-to-2.0.1-deDE-patch-downloader.exe:*:Enabled:Blizzard Downloader
D:\\World of Warcraft\\WoW-2.0.3-deDE-downloader.exe=D:\\World of Warcraft\\WoW-2.0.3-deDE-downloader.exe:*:Enabled:Blizzard Downloader
D:\\World of Warcraft\\Repair.exe=D:\\World of Warcraft\\Repair.exe:*:Enabled:Blizzard Repair Utility
D:\\World of Warcraft\\WoW-2.0.3.6299-to-2.0.5.6320-deDE-downloader.exe=D:\\World of Warcraft\\WoW-2.0.3.6299-to-2.0.5.6320-deDE-downloader.exe:*:Enabled:Blizzard Downloader
D:\\World of Warcraft\\WoW-2.0.5.6320-to-2.0.6.6337-deDE-downloader.exe=D:\\World of Warcraft\\WoW-2.0.5.6320-to-2.0.6.6337-deDE-downloader.exe:*:Enabled:Blizzard Downloader
D:\\World of Warcraft\\WoW-2.0.6.6337-to-2.0.7.6383-deDE-downloader.exe=D:\\World of Warcraft\\WoW-2.0.6.6337-to-2.0.7.6383-deDE-downloader.exe:*:Enabled:Blizzard Downloader
D:\\World of Warcraft\\WoW-2.0.7.6383-to-2.0.8.6403-deDE-downloader.exe=D:\\World of Warcraft\\WoW-2.0.7.6383-to-2.0.8.6403-deDE-downloader.exe:*:Enabled:Blizzard Downloader
C:\\Programme\\Skype\\Phone\\Skype.exe=C:\\Programme\\Skype\\Phone\\Skype.exe:*:Enabled:Skype
C:\\Programme\\uTorrent\\uTorrent.exe=C:\\Programme\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent
C:\\Dokumente und Einstellungen\\Michaela Waldera\\Desktop\\utorrent.exe=C:\\Dokumente und Einstellungen\\Michaela Waldera\\Desktop\\utorrent.exe:*:Enabled:æTorrent
C:\\WINDOWS\\Temp\\~os26.tmp\\ossproxy.exe=C:\\WINDOWS\\Temp\\~os26.tmp\\ossproxy.exe:*:Enabledssproxy.exe
C:\\BitLord\\BitLord.exe=C:\\BitLord\\BitLord.exe:*:Enabled:BitLord
C:\\Programme\\Octoshape Streaming Services\\Michaela Waldera\\OctoshapeClient.exe=C:\\Programme\\Octoshape Streaming Services\\Michaela Waldera\\OctoshapeClient.exe:*:Enabled:OctoshapeClient
C:\\Programme\\Messenger\\msmsgs.exe=C:\\Programme\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger
C:\\ICQLite\\ICQLite.exe=C:\\ICQLite\\ICQLite.exe:*:Enabled:ICQ Lite
C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe=C:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\\Programme\\Windows Live\\Messenger\\livecall.exe=C:\\Programme\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)
C:\\Programme\\ICQ6\\ICQ.exe=C:\\Programme\\ICQ6\\ICQ.exe:*:Enabled:ICQ6
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
checking for ShudderLTD key
ShudderLTD key not present!
checking for PSGuard.com key
PSGuard.com key not present!
checking for WinHound.com key
WinHound.com key not present!
checking for drsmartload2 key
drsmartload2 key not present!
spyaxe uninstaller NOT present
Winhound uninstaller NOT present
SpywareStrike uninstaller NOT present
AlfaCleaner uninstaller NOT present
SpyFalcon uninstaller NOT present
SpywareQuake uninstaller NOT present
SpywareSheriff uninstaller NOT present
Trust Cleaner uninstaller NOT present
SpyHeal uninstaller NOT present
VirusBurst uninstaller NOT present
BraveSentry uninstaller NOT present
AntiVermins uninstaller NOT present
VirusBursters uninstaller NOT present
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Existing Pre-run Files
~~~ Program Files ~~~
~~~ Shortcuts ~~~
Hoffe mir kann jemand helfen
mfg Erik