internet explorer hat ein probl. festgestellt und muss geschlossen werden

Dieses Thema internet explorer hat ein probl. festgestellt und muss geschlossen werden im Forum "Viren, Trojaner, Spyware etc." wurde erstellt von zauber 1976, 19. März 2009.

Thema: internet explorer hat ein probl. festgestellt und muss geschlossen werden Hallo Ihr lieben Helfer!! Leider habe ich seit einigen Tagen folgendes Problem.. Ich kann werder mein IE öffnen...

  1. Hallo Ihr lieben Helfer!!

    Leider habe ich seit einigen Tagen folgendes Problem..

    Ich kann werder mein IE öffnen geschweigeden mir das neuen IE7 runterladen.
    Außerdem öffen sich im offline Modus einige Internetseiten auf... Mein Anti Virus entfernt diesen Trojana JS AGENT FA doch der kommt immer wieder... leider :'(
    Zur Zeit kann ich das Internet nur durch den Firefox nutzen.

    sobald ich den Internet Explorer anklicke folgt folgende Fehlermeldung:
    AppName: iexplore.exe AppVer: 6.02900.2180 ModName: unknown ModVer: 0.0.0.0 Offset:0012bffe

    Zur Zeit habe ich versucht durch einen neues Anti Virus (Kaspersky) den Trojana zu löschen.. vergebens...
    durch die Window XP CD den IE neu zu installieren...

    Leider alles ohne Erfolg... :|

    Ich hoffe sehr, das Ihr mir als Nichtfach-(frau) helfen könnt... Danke schonmal im Vorraus


    [br][blue]*PCDpan_fee: Verschoben aus "Web-Browser"*[/blue]
     
  2. Also ich empfehle das System komplett neu aufzusetzen, da Du einen hartnäckigen Schädling an Bord hast. Du kannst auch warten, bis unser schrauber das hier liest und Dir bei der Bereinigung hilft.

    Lies vorher bitte schon mal hier:

    http://www.wintotal-forum.de/index.php/topic,33317.0.html

    und hier:

    http://www.wintotal-forum.de/index.php/topic,147847.0.html

    Die Mods werden diesen Thread sicherlich im Laufe des Tages ins richtige Unterforum schieben. Hast Du evtl noch einen alternativen Rechner zur Hand. Mit diesem würde ich auf keinen Fall mehr ins Netz gehen. Aber auf jeden Fall keine Geschäfte mehr online tätigen, solange der Rechner nicht bereinigt ist.

    MfG

    Nick
     
  3. hallo nochmal

    Ich habe mir Hijack jetzt runtergeladen und der hat jetzt folgendes angezeigt:

    Code:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:43:36, on 19.03.2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal
    
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programme\Java\jre6\bin\jusched.exe
    D:\Programme\CyberLink PowerDVD\PDVDServ.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
    C:\Programme\Windows Live\Messenger\msnmsgr.exe
    C:\Programme\Java\jre6\bin\jqs.exe
    C:\Programme\CyberLink\Shared Files\RichVideo.exe
    C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
    C:\WINDOWS\system32\advhost.exe
    C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexStoreSvr.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Programme\Windows Live\Contacts\wlcomm.exe
    C:\WINDOWS\system32\advhost.exe
    C:\Programme\Java\jre6\bin\jucheck.exe
    C:\Programme\Mozilla Firefox\firefox.exe
    C:\WINDOWS\explorer.exe
    C:\Programme\Trend Micro\HijackThis\HijackThis.exe
    
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.explorerstartpage.com/wspage.php[/url]
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.explorerstartpage.com/wspage.php[/url]
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
    R3 - URLSearchHook: (no name) - - (no file)
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre6\bin\jusched.exe
    O4 - HKLM\..\Run: [RemoteControl] D:\Programme\CyberLink PowerDVD\PDVDServ.exe
    O4 - HKLM\..\Run: [LanguageShortcut] D:\Programme\CyberLink PowerDVD\Language\Language.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
    O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [msnmsgr] C:\Programme\Windows Live\Messenger\msnmsgr.exe /background
    O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Programme\Uniblue\RegistryBooster\RegistryBooster.exe /S
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User->LOKALER DIENST')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User->NETZWERKDIENST')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User->SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User->Default user')
    O4 - Global Startup: Microsoft Office OneNote 2003 Schnellstart.lnk = D:\Programme\Microsoft Office\OFFICE11\ONENOTEM.EXE
    O8 - Extra context menu item: Add to Windows &Live Favorites - [url]http://favorites.live.com/quickadd.aspx[/url]
    O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
    O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Statistik für den Schutz des Web-Datenverkehrs - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
    O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra->Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra->Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
    O9 - Extra->Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
    O9 - Extra->Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
    O13 - DefaultPrefix: [url]http://www.myhottersearchbox.com/not_found_de/?url=[/url]
    O13 - WWW Prefix: [url]http://www.myhottersearchbox.com/not_found_de/?url=[/url]
    O16 - DPF: CabBuilder - [url]http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab[/url]
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Programme\Yahoo!\Common\Yinsthelper200711281.dll
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - [url]http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab[/url]
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [url]http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1225186739728[/url]
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [url]http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[/url]
    O20 - AppInit_DLLs: C:\WINDOWS\system32\adlaunch32.dll,C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd.dll,C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd3.dll,C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\adialhk.dll,C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\kloehk.dll
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
    O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Programme\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
    
    --
    End of file - 9207 bytes
    Jetzt weiss ich erstrecht nicht weiter! Wenn mir Schrauber weiterhelfen könnte warte ich gerne! Möchte mir ungern die Festplatte neu formatieren! Ich bin wirklich total verzweifel... hin kommt noch das ich garkeine Ahnung vom PC hab... :-\
     
  4. Diese Einträge solltest erstmal sofort mit Hijackthis fixen:


    O13 - DefaultPrefix: http://www.myhottersearchbox.com/not_found_de/?url=
    O13 - WWW Prefix: http://www.myhottersearchbox.com/not_found_de/?url=

    Den hier eventuell auch:

    R3 - URLSearchHook: (no name) - - (no file)

    Findet Dein Scanner diesen Trojaner zufällig immer in den Temporary Internet Files? Dann solltest Du auf jeden Fall Deine Surfgewohnheiten ernsthaft überdenken, denn wenn ich das richtig gelesen habe, kommt dieser Schädling von einer infizierten Webseite auf den Rechner.

    Und jetzt warte ich mal mit auf den Schrauber
     
  5. Teil 2

    Code:
    ======List of files/folders created in the last 1 months======
    
    2009-03-19 21:30:20 ----D---- C:\rsit
    2009-03-19 16:15:29 ----D---- C:\Programme\Trend Micro
    2009-03-19 16:06:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
    2009-03-19 15:48:32 ----A---- C:\WINDOWS\IE4 Error Log.txt
    2009-03-19 13:03:45 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2009-03-19 12:49:54 ----D---- C:\WINDOWS\Prefetch
    2009-03-19 12:47:21 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
    2009-03-19 12:45:04 ----A---- C:\WINDOWS\setuplog.txt
    2009-03-19 12:33:10 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2009-03-19 12:28:40 ----D---- C:\Programme\Online Services
    2009-03-19 12:28:31 ----A---- C:\WINDOWS\system32\write.exe
    2009-03-19 12:28:06 ----A---- C:\WINDOWS\system32\sndvol32.exe
    2009-03-19 12:28:05 ----A---- C:\WINDOWS\system32\hticons.dll
    2009-03-19 12:28:05 ----A---- C:\WINDOWS\system32\avwav.dll
    2009-03-19 12:28:05 ----A---- C:\WINDOWS\system32\avtapi.dll
    2009-03-19 12:28:05 ----A---- C:\WINDOWS\system32\avmeter.dll
    2009-03-19 12:28:04 ----A---- C:\WINDOWS\system32\winchat.exe
    2009-03-19 12:27:52 ----A---- C:\WINDOWS\system32\getuname.dll
    2009-03-19 12:27:52 ----A---- C:\WINDOWS\system32\charmap.exe
    2009-03-19 12:27:51 ----A---- C:\WINDOWS\system32\sol.exe
    2009-03-19 12:27:51 ----A---- C:\WINDOWS\system32\calc.exe
    2009-03-19 12:27:50 ----A---- C:\WINDOWS\system32\winmine.exe
    2009-03-19 12:27:50 ----A---- C:\WINDOWS\system32\mshearts.exe
    2009-03-19 12:27:50 ----A---- C:\WINDOWS\system32\freecell.exe
    2009-03-19 12:27:30 ----A---- C:\WINDOWS\system32\sndrec32.exe
    2009-03-19 12:27:30 ----A---- C:\WINDOWS\system32\accwiz.exe
    2009-03-19 12:27:29 ----A---- C:\WINDOWS\system32\mplay32.exe
    2009-03-19 12:27:29 ----A---- C:\WINDOWS\system32\hypertrm.dll
    2009-03-19 12:27:28 ----A---- C:\WINDOWS\system32\spider.exe
    2009-03-19 12:27:28 ----A---- C:\WINDOWS\system32\mspaint.exe
    2009-03-19 12:27:28 ----A---- C:\WINDOWS\system32\clipbrd.exe
    2009-03-19 12:27:27 ----A---- C:\WINDOWS\system32\snmptrap.exe
    2009-03-19 12:27:27 ----A---- C:\WINDOWS\system32\snmp.exe
    2009-03-19 12:27:27 ----A---- C:\WINDOWS\system32\evntwin.exe
    2009-03-19 12:27:27 ----A---- C:\WINDOWS\system32\evntcmd.exe
    2009-03-19 12:27:27 ----A---- C:\WINDOWS\system32\evntagnt.dll
    2009-03-19 12:27:26 ----A---- C:\WINDOWS\system32\snmpmib.dll
    2009-03-19 12:27:26 ----A---- C:\WINDOWS\system32\hostmib.dll
    2009-03-19 12:27:24 ----A---- C:\WINDOWS\system32\lmmib2.dll
    2009-03-19 12:11:03 ----D---- C:\Programme\Adobe
    2009-03-19 10:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
    2009-03-19 10:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
    2009-03-19 09:00:17 ----D---- C:\Programme\WinZix
    2009-03-17 23:49:05 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
    2009-03-17 23:48:57 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2009-03-17 23:48:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2009-03-17 23:48:43 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
    2009-03-17 23:48:28 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
    2009-03-17 23:48:14 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2009-03-17 23:48:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
    2009-03-17 23:47:50 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
    2009-03-17 23:47:44 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
    2009-03-17 23:47:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
    2009-03-17 23:47:22 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
    2009-03-17 23:47:14 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
    2009-03-17 23:47:07 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
    2009-03-17 23:46:58 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
    2009-03-17 23:46:40 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2009-03-17 23:46:34 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2009-03-17 23:46:26 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
    2009-03-17 23:46:06 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
    2009-03-17 23:45:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2009-03-17 23:45:50 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
    2009-03-17 23:45:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2009-03-17 23:45:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
    2009-03-17 23:45:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2009-03-17 23:45:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
    2009-03-17 23:45:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2009-03-17 23:45:06 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2009-03-17 23:44:58 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
    2009-03-17 23:44:54 ----A---- C:\WINDOWS\imsins.BAK
    2009-03-17 23:44:50 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
    2009-03-17 22:41:15 ----A---- C:\WINDOWS\Active Setup Log.txt
    2009-03-17 22:41:15 ----A---- C:\WINDOWS\Active Setup Log.BAK
    2009-03-17 21:24:15 ----D---- C:\Dokumente und Einstellungen\MIMO\Anwendungsdaten\Uniblue
    2009-03-17 19:19:21 ----D---- C:\Programme\msn gaming zone
    2009-03-17 19:13:37 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
    2009-03-17 19:06:50 ----A---- C:\WINDOWS\system32\spxcoins.dll
    2009-03-17 19:06:50 ----A---- C:\WINDOWS\system32\irclass.dll
    2009-03-17 19:06:45 ----RA---- C:\WINDOWS\SETF8.tmp
    2009-03-17 19:06:45 ----RA---- C:\WINDOWS\SETF7.tmp
    2009-03-17 19:06:45 ----RA---- C:\WINDOWS\SETF6.tmp
    2009-03-17 19:06:45 ----RA---- C:\WINDOWS\SETF5.tmp
    2009-03-17 19:06:45 ----RA---- C:\WINDOWS\SETF4.tmp
    2009-03-17 19:06:45 ----RA---- C:\WINDOWS\SETF3.tmp
    2009-03-17 19:06:45 ----RA---- C:\WINDOWS\SETF2.tmp
    2009-03-17 19:06:45 ----RA---- C:\WINDOWS\SETF1.tmp
    2009-03-17 19:06:45 ----RA---- C:\WINDOWS\SETF0.tmp
    2009-03-17 19:06:45 ----RA---- C:\WINDOWS\SETEF.tmp
    2009-03-17 19:06:45 ----RA---- C:\WINDOWS\SETEE.tmp
    2009-03-17 19:06:45 ----RA---- C:\WINDOWS\SETED.tmp
    2009-03-17 19:06:44 ----RA---- C:\WINDOWS\SETEC.tmp
    2009-03-17 19:06:44 ----RA---- C:\WINDOWS\SETEB.tmp
    2009-03-17 19:06:44 ----RA---- C:\WINDOWS\SETEA.tmp
    2009-03-17 19:06:44 ----RA---- C:\WINDOWS\SETAF.tmp
    2009-03-17 19:06:44 ----RA---- C:\WINDOWS\SETAE.tmp
    2009-03-17 19:06:44 ----RA---- C:\WINDOWS\SETAD.tmp
    2009-03-17 19:06:44 ----RA---- C:\WINDOWS\SETAC.tmp
    2009-03-17 19:06:44 ----RA---- C:\WINDOWS\SETAB.tmp
    2009-03-17 19:06:44 ----RA---- C:\WINDOWS\SETAA.tmp
    2009-03-17 19:06:44 ----RA---- C:\WINDOWS\SETA9.tmp
    2009-03-17 19:06:44 ----RA---- C:\WINDOWS\SETA8.tmp
    2009-03-17 19:06:43 ----RA---- C:\WINDOWS\SETA7.tmp
    2009-03-17 19:06:43 ----RA---- C:\WINDOWS\SETA6.tmp
    2009-03-17 19:06:43 ----RA---- C:\WINDOWS\SETA5.tmp
    2009-03-17 19:06:43 ----RA---- C:\WINDOWS\SETA4.tmp
    2009-03-17 19:06:43 ----RA---- C:\WINDOWS\SETA3.tmp
    2009-03-17 19:06:43 ----RA---- C:\WINDOWS\SETA2.tmp
    2009-03-17 19:06:36 ----RA---- C:\WINDOWS\SET6F.tmp
    2009-03-17 19:06:32 ----RA---- C:\WINDOWS\SET62.tmp
    2009-03-17 19:06:30 ----RA---- C:\WINDOWS\SET5F.tmp
    2009-03-17 12:23:10 ----D---- C:\Programme\Kaspersky Lab
    2009-03-17 12:23:09 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab
    2009-03-17 12:19:50 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files
    2009-03-17 12:06:12 ----A---- C:\WINDOWS\system32\DfSdkBt64.exe
    2009-03-17 12:06:12 ----A---- C:\WINDOWS\system32\DfSdkBt.exe
    2009-03-17 12:01:44 ----D---- C:\Programme\Ashampoo
    2009-03-17 10:52:16 ----RA---- C:\WINDOWS\SETE9.tmp
    2009-03-17 10:52:16 ----RA---- C:\WINDOWS\SETE8.tmp
    2009-03-17 10:52:16 ----RA---- C:\WINDOWS\SETE7.tmp
    2009-03-17 10:52:16 ----RA---- C:\WINDOWS\SETE6.tmp
    2009-03-17 10:52:16 ----RA---- C:\WINDOWS\SETE5.tmp
    2009-03-17 10:52:16 ----RA---- C:\WINDOWS\SETE4.tmp
    2009-03-17 10:52:16 ----RA---- C:\WINDOWS\SETE3.tmp
    2009-03-17 10:52:15 ----RA---- C:\WINDOWS\SETE2.tmp
    2009-03-17 10:52:15 ----RA---- C:\WINDOWS\SETE1.tmp
    2009-03-17 10:52:15 ----RA---- C:\WINDOWS\SETE0.tmp
    2009-03-17 10:52:15 ----RA---- C:\WINDOWS\SETDF.tmp
    2009-03-17 10:52:15 ----RA---- C:\WINDOWS\SETDE.tmp
    2009-03-17 10:52:15 ----RA---- C:\WINDOWS\SETDD.tmp
    2009-03-17 10:52:15 ----RA---- C:\WINDOWS\SETDC.tmp
    2009-03-17 10:52:15 ----RA---- C:\WINDOWS\SETDB.tmp
    2009-03-17 10:52:15 ----RA---- C:\WINDOWS\SETDA.tmp
    2009-03-17 10:52:15 ----RA---- C:\WINDOWS\SETD9.tmp
    2009-03-17 10:52:15 ----RA---- C:\WINDOWS\SETD8.tmp
    2009-03-17 10:52:15 ----RA---- C:\WINDOWS\SETD7.tmp
    2009-03-17 10:52:15 ----RA---- C:\WINDOWS\SETD6.tmp
    2009-03-17 10:52:15 ----RA---- C:\WINDOWS\SETD5.tmp
    2009-03-17 10:52:14 ----RA---- C:\WINDOWS\SETD4.tmp
    2009-03-17 10:52:14 ----RA---- C:\WINDOWS\SETD3.tmp
    2009-03-17 10:52:14 ----RA---- C:\WINDOWS\SETD2.tmp
    2009-03-17 10:52:14 ----RA---- C:\WINDOWS\SETD1.tmp
    2009-03-17 10:52:14 ----RA---- C:\WINDOWS\SETD0.tmp
    2009-03-17 10:52:14 ----RA---- C:\WINDOWS\SETCF.tmp
    2009-03-17 10:52:14 ----RA---- C:\WINDOWS\SETCE.tmp
    2009-03-17 10:52:14 ----RA---- C:\WINDOWS\SETCD.tmp
    2009-03-17 10:52:09 ----RA---- C:\WINDOWS\SET88.tmp
    2009-03-17 10:52:06 ----RA---- C:\WINDOWS\SET7C.tmp
    2009-03-17 10:52:04 ----RA---- C:\WINDOWS\SET79.tmp
    2009-03-17 00:25:03 ----DC---- C:\WINDOWS\$NtUninstallKB940157$
    2009-03-17 00:24:33 ----DC---- C:\WINDOWS\$NtUninstallKB915800-v4$
    2009-03-17 00:11:59 ----D---- C:\Programme\Registry Doktor 2009
    2009-03-16 13:27:09 ----A---- C:\WINDOWS\system32\MFC71.dll
    2009-03-16 13:27:05 ----D---- C:\Programme\Alwil Software
    2009-03-16 07:28:07 ----D---- C:\MFT 15314
    2009-03-16 07:28:07 ----D---- C:\MFT 15311
    2009-03-16 07:28:06 ----D---- C:\MFT 2699
    2009-03-16 07:28:06 ----D---- C:\MFT 15326
    2009-03-16 07:28:06 ----D---- C:\MFT 126
    2009-03-16 07:28:05 ----D---- C:\MFT 5108
    2009-03-16 07:28:05 ----D---- C:\MFT 27748
    2009-03-16 07:28:05 ----D---- C:\MFT 129
    2009-03-16 07:28:01 ----D---- C:\MFT 66
    2009-03-16 07:28:00 ----D---- C:\MFT 45
    2009-03-16 07:27:38 ----D---- C:\MFT 29
    2009-03-16 07:27:38 ----D---- C:\MFT 143
    2009-03-16 07:27:38 ----D---- C:\MFT 141
    2009-03-16 07:27:38 ----D---- C:\MFT 104
    2009-03-16 07:27:36 ----D---- C:\MFT 5433
    2009-03-16 07:27:31 ----D---- C:\MFT 27244
    2009-03-16 07:26:43 ----D---- C:\MFT 24747
    2009-03-16 07:26:41 ----D---- C:\MFT 28
    2009-03-15 20:52:44 ----D---- C:\NVIDIA
    2009-03-15 14:47:16 ----RA---- C:\WINDOWS\SETCC.tmp
    2009-03-15 14:47:16 ----RA---- C:\WINDOWS\SETCB.tmp
    2009-03-15 14:47:16 ----RA---- C:\WINDOWS\SETCA.tmp
    2009-03-15 14:47:16 ----RA---- C:\WINDOWS\SETC9.tmp
    2009-03-15 14:47:16 ----RA---- C:\WINDOWS\SETC8.tmp
    2009-03-15 14:47:16 ----RA---- C:\WINDOWS\SETC7.tmp
    2009-03-15 14:47:16 ----RA---- C:\WINDOWS\SETC6.tmp
    2009-03-15 14:47:16 ----RA---- C:\WINDOWS\SETC5.tmp
    2009-03-15 14:47:16 ----RA---- C:\WINDOWS\SETC4.tmp
    2009-03-15 14:47:15 ----RA---- C:\WINDOWS\SETC3.tmp
    2009-03-15 14:47:15 ----RA---- C:\WINDOWS\SETC2.tmp
    2009-03-15 14:47:15 ----RA---- C:\WINDOWS\SETC1.tmp
    2009-03-15 14:47:15 ----RA---- C:\WINDOWS\SETC0.tmp
    2009-03-15 14:47:15 ----RA---- C:\WINDOWS\SETBF.tmp
    2009-03-15 14:47:15 ----RA---- C:\WINDOWS\SETBE.tmp
    2009-03-15 14:47:15 ----RA---- C:\WINDOWS\SETBD.tmp
    2009-03-15 14:47:15 ----RA---- C:\WINDOWS\SETBC.tmp
    2009-03-15 14:47:15 ----RA---- C:\WINDOWS\SETBB.tmp
    2009-03-15 14:47:15 ----RA---- C:\WINDOWS\SETBA.tmp
    2009-03-15 14:47:14 ----RA---- C:\WINDOWS\SETB9.tmp
    2009-03-15 14:47:14 ----RA---- C:\WINDOWS\SETB8.tmp
    2009-03-15 14:47:14 ----RA---- C:\WINDOWS\SETB7.tmp
    2009-03-15 14:47:14 ----RA---- C:\WINDOWS\SETB6.tmp
    2009-03-15 14:47:14 ----RA---- C:\WINDOWS\SETB5.tmp
    2009-03-15 14:47:14 ----RA---- C:\WINDOWS\SETB4.tmp
    2009-03-15 14:47:14 ----RA---- C:\WINDOWS\SETB3.tmp
    2009-03-15 14:47:14 ----RA---- C:\WINDOWS\SETB2.tmp
    2009-03-15 14:47:13 ----RA---- C:\WINDOWS\SETB1.tmp
    2009-03-15 14:47:13 ----RA---- C:\WINDOWS\SETB0.tmp
    2009-03-15 14:47:06 ----RA---- C:\WINDOWS\SET7D.tmp
    2009-03-15 14:47:03 ----RA---- C:\WINDOWS\SET71.tmp
    2009-03-15 14:47:01 ----RA---- C:\WINDOWS\SET6E.tmp
    2009-03-15 14:33:29 ----A---- C:\WINDOWS\UPGRADE.TXT
    2009-03-15 14:33:27 ----D---- C:\WINDOWS\setup.pss
    2009-03-15 12:02:07 ----D---- C:\Dokumente und Einstellungen\MIMO\Anwendungsdaten\PC Tools
    2009-03-15 11:58:50 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Tools
    2009-03-15 00:28:06 ----D---- C:\WINDOWS\CD95F661A5C444F5A6AAECDD91C240B7.TMP
    2009-03-15 00:12:23 ----D---- C:\Programme\Windows Live Safety Center
    2009-03-15 00:00:00 ----AD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
    2009-03-14 00:36:25 ----A---- C:\WINDOWS\system32\adlaunch32.dll
    2009-03-14 00:36:22 ----A---- C:\WINDOWS\system32\advhost.exe
    2009-03-13 22:24:28 ----D---- C:\Dokumente und Einstellungen\MIMO\Anwendungsdaten\teamspeak2
    2009-03-09 00:07:29 ----A---- C:\WINDOWS\IE7Setup_G_DE.exe
    2009-03-08 08:19:09 ----D---- C:\Programme\AskBarDis
    2009-03-08 08:19:07 ----A---- C:\WINDOWS\system32\msvcr70.dll
    2009-03-08 08:18:59 ----D---- C:\Programme\Gemeinsame Dateien\DVDVideoSoft
    2009-03-08 08:18:58 ----D---- C:\Programme\DVDVideoSoft
    2009-03-07 12:00:48 ----A---- C:\debug.txt
    2009-03-07 12:00:15 ----A---- C:\WINDOWS\system32\c_dll.dll
    2009-02-27 23:10:31 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Drivers HeadQuarters
     
  6. Teil 3
    Code:
    ======List of files/folders modified in the last 1 months======
    
    2009-03-19 21:30:00 ----D---- C:\WINDOWS\Temp
    2009-03-19 21:11:54 ----D---- C:\Programme\Mozilla Firefox
    2009-03-19 18:22:01 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-03-19 17:35:10 ----A---- C:\WINDOWS\DVDIdlePro.INI
    2009-03-19 16:15:29 ----RD---- C:\Programme
    2009-03-19 16:10:31 ----D---- C:\WINDOWS
    2009-03-19 16:10:08 ----D---- C:\WINDOWS\system32
    2009-03-19 16:07:02 ----HD---- C:\WINDOWS\inf
    2009-03-19 16:06:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-03-19 16:06:31 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-03-19 15:52:08 ----D---- C:\WINDOWS\system32\CatRoot
    2009-03-19 13:04:03 ----D---- C:\WINDOWS\system32\drivers
    2009-03-19 13:03:47 ----D---- C:\Programme\Messenger
    2009-03-19 12:52:40 ----SHD---- C:\WINDOWS\Installer
    2009-03-19 12:52:40 ----HD---- C:\Config.Msi
    2009-03-19 12:51:24 ----D---- C:\WINDOWS\Debug
    2009-03-19 12:49:34 ----D---- C:\WINDOWS\system32\Setup
    2009-03-19 12:49:34 ----D---- C:\WINDOWS\AppPatch
    2009-03-19 12:49:33 ----D---- C:\WINDOWS\system32\wbem
    2009-03-19 12:49:32 ----RSD---- C:\WINDOWS\Fonts
    2009-03-19 12:47:07 ----D---- C:\WINDOWS\security
    2009-03-19 12:44:11 ----D---- C:\Programme\Windows Media Player
    2009-03-19 12:44:10 ----D---- C:\WINDOWS\Help
    2009-03-19 12:44:02 ----D---- C:\WINDOWS\ime
    2009-03-19 12:43:49 ----D---- C:\WINDOWS\PeerNet
    2009-03-19 12:43:49 ----D---- C:\Programme\Internet Explorer
    2009-03-19 12:43:48 ----D---- C:\Programme\Movie Maker
    2009-03-19 12:41:36 ----D---- C:\WINDOWS\system32\Restore
    2009-03-19 12:41:36 ----D---- C:\WINDOWS\system32\npp
    2009-03-19 12:41:35 ----D---- C:\WINDOWS\msagent
    2009-03-19 12:41:33 ----D---- C:\WINDOWS\srchasst
    2009-03-19 12:41:33 ----D---- C:\Programme\NetMeeting
    2009-03-19 12:41:31 ----D---- C:\WINDOWS\system32\Com
    2009-03-19 12:41:26 ----D---- C:\Programme\Windows NT
    2009-03-19 12:41:26 ----D---- C:\Programme\Outlook Express
    2009-03-19 12:41:23 ----D---- C:\Programme\Gemeinsame Dateien\System
    2009-03-19 12:41:02 ----D---- C:\WINDOWS\system32\oobe
    2009-03-19 12:41:00 ----D---- C:\WINDOWS\system32\usmt
    2009-03-19 12:40:59 ----D---- C:\WINDOWS\system
    2009-03-19 12:36:37 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2009-03-19 12:33:07 ----D---- C:\WINDOWS\EHome
    2009-03-19 12:28:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-03-19 12:28:24 ----D---- C:\WINDOWS\Cursors
    2009-03-19 12:11:12 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe
    2009-03-19 12:11:05 ----D---- C:\Programme\Gemeinsame Dateien\Adobe
    2009-03-17 23:00:56 ----D---- C:\WINDOWS\SoftwareDistribution
    2009-03-17 20:03:05 ----D---- C:\WINDOWS\system32\1031
    2009-03-17 20:03:02 ----D---- C:\WINDOWS\Media
    2009-03-17 19:58:14 ----D---- C:\WINDOWS\twain_32
    2009-03-17 19:57:07 ----D---- C:\WINDOWS\system32\icsxml
    2009-03-17 19:56:18 ----D---- C:\WINDOWS\system32\1033
    2009-03-17 19:54:40 ----D---- C:\WINDOWS\Driver Cache
    2009-03-17 19:29:24 ----D---- C:\WINDOWS\Registration
    2009-03-17 19:26:19 ----SHD---- C:\System Volume Information
    2009-03-17 19:25:35 ----D---- C:\WINDOWS\system32\config
    2009-03-17 19:23:42 ----D---- C:\WINDOWS\repair
    2009-03-17 19:14:30 ----A---- C:\WINDOWS\ODBCINST.INI
    2009-03-17 19:14:08 ----D---- C:\WINDOWS\system32\ias
    2009-03-17 19:13:40 ----RD---- C:\WINDOWS\Web
    2009-03-17 19:13:30 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
    2009-03-17 19:13:17 ----A---- C:\WINDOWS\win.ini
    2009-03-17 19:11:11 ----SH---- C:\boot.ini
    2009-03-17 19:08:03 ----D---- C:\WINDOWS\AVM_Driver
    2009-03-17 19:07:00 ----A---- C:\WINDOWS\system32\OEMINFO.INI
    2009-03-17 19:06:55 ----A---- C:\WINDOWS\system.ini
    2009-03-17 19:06:47 ----ASH---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\desktop.ini
    2009-03-17 18:46:28 ----SD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft
    2009-03-17 12:20:50 ----SD---- C:\WINDOWS\Tasks
    2009-03-17 12:13:49 ----D---- C:\WINDOWS\system32\NtmsData
    2009-03-17 11:43:29 ----D---- C:\WINDOWS\WinSxS
    2009-03-17 11:42:55 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-03-17 10:29:23 ----D---- C:\WINDOWS\addins
    2009-03-17 00:25:38 ----D---- C:\WINDOWS\system32\de-de
    2009-03-17 00:25:36 ----D---- C:\Programme\Windows Desktop Search
    2009-03-17 00:24:07 ----HD---- C:\WINDOWS\$hf_mig$
    2009-03-16 14:38:46 ----D---- C:\Programme\Gemeinsame Dateien
    2009-03-16 12:45:21 ----RSD---- C:\WINDOWS\assembly
    2009-03-15 18:15:40 ----SHD---- C:\RECYCLER
    2009-03-15 14:11:14 ----D---- C:\Programme\WarRock
    2009-03-15 13:25:04 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-03-15 00:29:29 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
    2009-03-15 00:12:24 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-03-13 14:54:16 ----D---- C:\Programme\Piri3
    2009-03-13 14:40:35 ----D---- C:\Programme\ICQ6
    2009-03-09 10:01:36 ----SD---- C:\Dokumente und Einstellungen\MIMO\Anwendungsdaten\Microsoft
    2009-03-09 00:26:25 ----D---- C:\WINDOWS\Minidump
    2009-03-08 20:03:13 ----D---- C:\Programme\Google
    2009-03-07 07:26:52 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
    2009-03-07 06:53:07 ----D---- C:\Programme\Microsoft Silverlight
    2009-03-07 00:07:34 ----D---- C:\Programme\Gemeinsame Dateien\Microsoft Shared
    2009-02-25 21:54:59 ----A---- C:\WINDOWS\system32\MRT.exe
    
    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    
    R1 AmdK7;AMD K7-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
    R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
    R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-03-17 226832]
    R1 Tcpip6;Microsoft IPv6-Protokolltreiber; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
    R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
    R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\D:\Programme\CyberLink PowerDVD\000.fcl []
    R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2008-12-08 55136]
    R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2008-10-28 44416]
    R3 DTAG;Teledat Fast Ethernet 100 PCI Windows Driver; C:\WINDOWS\system32\DRIVERS\DTAGND51.sys [2002-05-29 38528]
    R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
    R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592]
    R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12288]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
    R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-10-28 47360]
    R3 tunmp;Microsoft Tun-Miniportadaptertreiber; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
    R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Miniporttreiber für Microsoft USB Open Host-Controller; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 VIAudio;VIA AC'97 Audiocontroller (WDM); C:\WINDOWS\system32\drivers\ac97via.sys [2004-08-03 84480]
    S3 avmeject;AVM Eject; C:\WINDOWS\system32\drivers\avmeject.sys [2007-01-26 4352]
    S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
    S3 FWLANUSB;AVM FRITZ!WLAN; C:\WINDOWS\system32\DRIVERS\fwlanusb.sys [2007-01-26 265088]
    S3 kill_mm_0105;kill_mm_0105; \??\C:\DOKUME~1\MIMO\LOKALE~1\Temp\Rar$EX00.103\killmm.dll []
    S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
    
    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    
    R2 6to4;IPv6-Hilfsdienst; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R2 AVP;Kaspersky Internet Security; C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-03-17 206088]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2008-12-07 152984]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Programme\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
    R2 SeaPort;SeaPort; C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
    R2 SNMP;SNMP-Dienst; C:\WINDOWS\System32\snmp.exe [2008-04-14 33280]
    R3 NMIndexingService;NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
    S2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 DfSdkS;Defragmentation-Service; C:\Programme\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-01-09 410976]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 fsssvc;Windows Live Family Safety; C:\Programme\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
    S3 gusvc;Google Software Updater; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-13 182768]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 SNMPTRAP;SNMP-Trap-Dienst; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
    S3 TuneUp.Defrag;TuneUp Drive Defrag-Dienst; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-03-07 361728]
    S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
    S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
    
    -----------------EOF-----------------
     
  7. Das ist Teil 1

    Code:
    Logfile of random's system information tool 1.05 (written by random/random)
    Run by MIMO at 2009-03-19 21:30:20
    Microsoft Windows XP Home Edition Service Pack 3
    System drive C: has 10 GB (40%) free of 24 GB
    Total RAM: 1023 MB (53% free)
    
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:30:23, on 19.03.2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal
    
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Programme\Java\jre6\bin\jusched.exe
    D:\Programme\CyberLink PowerDVD\PDVDServ.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
    C:\Programme\Windows Live\Messenger\msnmsgr.exe
    C:\Programme\Java\jre6\bin\jqs.exe
    C:\Programme\CyberLink\Shared Files\RichVideo.exe
    C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
    C:\Programme\Windows Live\Contacts\wlcomm.exe
    C:\WINDOWS\system32\advhost.exe
    C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexStoreSvr.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\advhost.exe
    C:\Programme\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Programme\Windows Live\Mail\wlmail.exe
    C:\Dokumente und Einstellungen\MIMO\Eigene Dateien\Download\RSIT.exe
    C:\Programme\Trend Micro\HijackThis\MIMO.exe
    
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.explorerstartpage.com/wspage.php[/url]
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.explorerstartpage.com/wspage.php[/url]
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre6\bin\jusched.exe
    O4 - HKLM\..\Run: [RemoteControl] D:\Programme\CyberLink PowerDVD\PDVDServ.exe
    O4 - HKLM\..\Run: [LanguageShortcut] D:\Programme\CyberLink PowerDVD\Language\Language.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
    O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [msnmsgr] C:\Programme\Windows Live\Messenger\msnmsgr.exe /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User->LOKALER DIENST')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User->NETZWERKDIENST')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User->SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User->Default user')
    O4 - Global Startup: Microsoft Office OneNote 2003 Schnellstart.lnk = D:\Programme\Microsoft Office\OFFICE11\ONENOTEM.EXE
    O8 - Extra context menu item: Add to Windows &Live Favorites - [url]http://favorites.live.com/quickadd.aspx[/url]
    O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
    O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Statistik für den Schutz des Web-Datenverkehrs - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
    O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra->Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra->Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
    O9 - Extra->Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
    O9 - Extra->Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
    O16 - DPF: CabBuilder - [url]http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab[/url]
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Programme\Yahoo!\Common\Yinsthelper200711281.dll
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - [url]http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab[/url]
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [url]http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1225186739728[/url]
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [url]http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[/url]
    O20 - AppInit_DLLs: C:\WINDOWS\system32\adlaunch32.dll,C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd.dll,C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd3.dll,C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\adialhk.dll,C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\kloehk.dll
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
    O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Programme\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
    
    --
    End of file - 9006 bytes
    
    ======Scheduled tasks folder======
    
    C:\WINDOWS\tasks\1-Klick-Wartung.job
    
    ======Registry dump======
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    &Yahoo! Toolbar Helper - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
    IEVkbdBHO Class - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll [2008-11-11 62728]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Programme\Java\jre6\bin\ssv.dll [2008-12-07 320920]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live Anmelde-Hilfsprogramm - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll [2008-11-12 251504]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-11-12 657904]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Programme\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-11-12 522224]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2008-12-07 34816]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Programme\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-07 73728]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
    SingleInstance Class - C:\Programme\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-07-28 160496]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll [2008-11-12 251504]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Programme\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    SunJavaUpdateSched=C:\Programme\Java\jre6\bin\jusched.exe [2008-12-07 136600]
    RemoteControl=D:\Programme\CyberLink PowerDVD\PDVDServ.exe [2006-12-06 69216]
    LanguageShortcut=D:\Programme\CyberLink PowerDVD\Language\Language.exe [2006-12-05 54832]
    NeroFilterCheck=C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [2008-05-28 570664]
    AVP=C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2009-03-17 206088]
    Adobe Reader Speed Launcher=C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}=C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]
    swg=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-11-12 39408]
    msnmsgr=C:\Programme\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]
    
    C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
    Microsoft Office OneNote 2003 Schnellstart.lnk - D:\Programme\Microsoft Office\OFFICE11\ONENOTEM.EXE
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    AppInit_DLLS=C:\WINDOWS\system32\adlaunch32.dll,C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd.dll,C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd3.dll,C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\adialhk.dll,C:\PROGRA~1\Kaspersky Lab\Kaspersky Internet Security 2009\kloehk.dll
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    C:\WINDOWS\system32\klogon.dll [2008-11-11 218376]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    {93994DE8-8239-4655-B1D1-5F4E91300429}=D:\PROGRA~1\DVDIDL~1\DVDShell.dll [2004-10-09 49152]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    dontdisplaylastusername=0
    legalnoticecaption=
    legalnoticetext=
    shutdownwithoutlogon=1
    undockwithoutlogon=1
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    NoDriveTypeAutoRun=145
    NoDrives=02FEFF03
    NoRecentDocsNetHood=1
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    HonorAutoRunSetting=
    NoResolveTrack=
    
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    %windir%\system32\sessmgr.exe=%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
    %windir%\Network Diagnostic\xpnetdiag.exe=%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
    C:\Programme\Messenger\msmsgs.exe=C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
    C:\Programme\ICQ6\ICQ.exe=C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6
    C:\Programme\Windows Live\Messenger\wlcsdk.exe=C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
    C:\Programme\Windows Live\Sync\WindowsLiveSync.exe=C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync
    C:\Programme\Windows Live\Messenger\msnmsgr.exe=C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
    
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    %windir%\system32\sessmgr.exe=%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
    %windir%\Network Diagnostic\xpnetdiag.exe=%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
    C:\Programme\Windows Live\Messenger\wlcsdk.exe=C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
    C:\Programme\Windows Live\Sync\WindowsLiveSync.exe=C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync
    C:\Programme\Windows Live\Messenger\msnmsgr.exe=C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
    
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fb3d2c60-f92c-11dd-8455-0030f17d2379}]
    shell\AutoRun\command - F:\pushinst.exe
     
  8. Oh Gott!!

    Erstmal bin ich so froh, das du meinem Beitrag gelesen hast und mir helfen möchtest! Vielen Dank erstmal...

    Leider kann ich Dir auch nicht sagen was das bedeutet... ich weiss nur das ich völlig verzweifelt bin.... mein probl, ist ja auch , das ich überhaupt keine Ahnung von PC habe...

    Ich hoffe sehr, das Du mir weiterhelfen kannst. ???

    Gruss
     
  9. http://www.wintotal-forum.de/index.php/topic,147847.0.html#post_com
    tool combofix nach anleitung laufen lassen. logs in code-tags posten!
     
Die Seite wird geladen...

internet explorer hat ein probl. festgestellt und muss geschlossen werden - Ähnliche Themen

Forum Datum
Internet Explorer 11 und Google Toolbar Windows 7 Forum 13. Nov. 2016
internet explorer 11 Windows 7 Forum 3. Feb. 2016
Fehler: Code 9C48 Internet Explorer nicht updatebar! Windows 7 Forum 31. Okt. 2015
Windows 8.1 Internet Explorer Windows 8 Forum 24. Okt. 2015
Laptop Online - Internetexplorer Offline ? Windows 7 Forum 21. Juni 2015