1. Liebe Forumsgemeinde,

    aufgrund der Bestimmungen, die sich aus der DSGVO ergeben, müssten umfangreiche Anpassungen am Forum vorgenommen werden, die sich für uns nicht wirtschaftlich abbilden lassen. Daher haben wir uns entschlossen, das Forum in seiner aktuellen Form zu archivieren und online bereit zu stellen, jedoch keine Neuanmeldungen oder neuen Kommentare mehr zuzulassen. So ist sichergestellt, dass das gesammelte Wissen nicht verloren geht, und wir die Seite dennoch DSGVO-konform zur Verfügung stellen können.
    Dies wird in den nächsten Tagen umgesetzt.

    Ich danke allen, die sich in den letzten Jahren für Hilfesuchende und auch für das Forum selbst engagiert haben. Ich bin weiterhin für euch erreichbar unter tti(bei)pcwelt.de.
    Dismiss Notice

kann kein antivirenprogramm mehr installieren

Discussion in 'Sicherheit' started by corinna_1986, May 21, 2009.

Thread Status:
Not open for further replies.
  1. corinna_1986

    corinna_1986 Byte

    hallo, ich hoffe mir kann jemand helfen.
    habe einen compaq pc mit windows vista home edition.
    seit gestern morgen klappt mein antivir nicht mehr. kann es weder öffnen, noch deinstallieren. auch eine neuere version kann ich nicht installieren.
    wollte mir dann ein anderes antivirenprogramm downloaden, aber bei jedem das selbe. auch spybot klappt nicht.

    (habe eine logfileauswertung online gemacht und eine datei wurde als schädlich gefunden.) wie kann ich diese nur löschen?

    R3 - URLSearchHook: (no name) - - (no file)

    Art

    Schädlich
    Schädlich
    Sollte gefixt werden, wenn kein (bekanntes) Programm in der Fehlermeldung steht. Dieser Eintrag wurde von unseren Besuchern als schädlich eingestuft.
     
    corinna_1986, May 21, 2009
    #1
  2. mike_kilo

    mike_kilo Ganzes Gigabyte

    mike_kilo, May 21, 2009
    #2
  3. corinna_1986

    corinna_1986 Byte

    hier schon mal das ergebnis. mache dann den system scan wie beschrieben

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by chausladen at 2009-05-21 19:41:48
    Microsoft® Windows Vista™ Home Premium Service Pack 1
    System drive C: has 369 GB (79%) free of 464 GB
    Total RAM: 3060 MB (41% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:41:56, on 21.05.2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\hp\support\hpsysdrv.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\avmwlanstick\WLanGUI.exe
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Users\chausladen\Desktop\Downloads\stinger1001546.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\Explorer.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\chausladen\Desktop\Downloads\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\chausladen.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Presario&pf=cndt
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Presario&pf=cndt
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Presario&pf=cndt
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - - (no file)
    R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O2 - BHO: PDF-XChange Viewer IE-Plugin - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Program Files\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
    O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "c:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [UpdatePDIRShortCut] "c:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
    O4 - HKLM\..\Run: [UpdatePSTShortCut] "c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [AVMWlanClient] C:\Program Files\avmwlanstick\wlangui.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
    O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-DE\local\search.html
    O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
    O13 - Gopher Prefix:
    O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
    O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Program Files\avmwlanstick\WlanNetService.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

    --
    End of file - 8237 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\HPCeeScheduleForchausladen.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
    AOL Toolbar BHO - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F}]
    PDF-XChange Viewer IE-Plugin - C:\Program Files\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll [2009-03-30 1092888]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-02 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
    HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-07-02 1185120]
    {855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
    "hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
    "IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-09-23 150040]
    "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-09-23 178712]
    "Persistence"=C:\Windows\system32\igfxpers.exe [2008-09-23 154136]
    "HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
    "UpdateP2GoShortCut"=c:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
    "UpdatePDIRShortCut"=c:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
    "UpdatePSTShortCut"=c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe [2008-09-11 210216]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-02 148888]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
    "AVMWlanClient"=C:\Program Files\avmwlanstick\wlangui.exe [2006-12-28 1454080]
    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
    "hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-06-02 80896]
    "UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
    "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-03-03 959976]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
    "HPAdvisor"=C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2008-10-17 972080]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Users\chausladen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\Windows\system32\igfxdev.dll [2008-09-02 221184]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3c979d37-24d0-11de-b8c6-002185c8cf71}]
    shell\AutoRun\command - K:\pushinst.exe


    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1
    .js - open - C:\Windows\System32\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 months======

    2009-05-21 19:41:48 ----D---- C:\rsit
    2009-05-21 19:23:58 ----D---- C:\Program Files\Trend Micro
    2009-05-21 18:14:49 ----A---- C:\Windows\system32\vsutil_loc0407.dll
    2009-05-21 18:14:46 ----A---- C:\Windows\system32\vsregexp.dll
    2009-05-21 18:14:45 ----A---- C:\Windows\system32\zlcommdb.dll
    2009-05-21 18:14:45 ----A---- C:\Windows\system32\zlcomm.dll
    2009-05-21 18:14:42 ----A---- C:\Windows\system32\zpeng24.dll
    2009-05-21 18:14:42 ----A---- C:\Windows\system32\vsxml.dll
    2009-05-21 18:14:42 ----A---- C:\Windows\system32\vswmi.dll
    2009-05-21 18:14:41 ----D---- C:\ProgramData\CheckPoint
    2009-05-21 18:14:41 ----D---- C:\Program Files\Zone Labs
    2009-05-21 18:14:41 ----A---- C:\Windows\system32\vspubapi.dll
    2009-05-21 18:14:41 ----A---- C:\Windows\system32\vsmonapi.dll
    2009-05-21 18:14:40 ----A---- C:\Windows\system32\vsdata.dll
    2009-05-21 18:14:27 ----D---- C:\Windows\LastGood
    2009-05-21 18:14:03 ----D---- C:\Windows\system32\ZoneLabs
    2009-05-21 18:13:24 ----D---- C:\Windows\Internet Logs
    2009-05-21 18:13:24 ----A---- C:\Windows\system32\vsutil.dll
    2009-05-21 18:13:24 ----A---- C:\Windows\system32\vsinit.dll
    2009-05-21 16:46:51 ----D---- C:\Program Files\Common Files\PC Tools
    2009-05-21 16:46:49 ----D---- C:\Users\chausladen\AppData\Roaming\PC Tools
    2009-05-21 16:46:49 ----D---- C:\ProgramData\PC Tools
    2009-05-21 16:46:49 ----D---- C:\Program Files\Spyware Doctor
    2009-05-21 00:02:40 ----D---- C:\Program Files\Panda Security
    2009-05-20 23:31:46 ----A---- C:\Windows\system32\msls31.dll
    2009-05-20 23:31:46 ----A---- C:\Windows\system32\mshtmler.dll
    2009-05-20 23:31:46 ----A---- C:\Windows\system32\mshtmled.dll
    2009-05-20 23:31:46 ----A---- C:\Windows\system32\jsproxy.dll
    2009-05-20 23:31:46 ----A---- C:\Windows\system32\ieui.dll
    2009-05-20 23:31:46 ----A---- C:\Windows\system32\icardie.dll
    2009-05-20 23:31:46 ----A---- C:\Windows\system32\corpol.dll
    2009-05-20 23:31:46 ----A---- C:\Windows\system32\admparse.dll
    2009-05-20 23:31:45 ----A---- C:\Windows\system32\msfeedsbs.dll
    2009-05-20 23:31:45 ----A---- C:\Windows\system32\imgutil.dll
    2009-05-20 23:31:45 ----A---- C:\Windows\system32\iernonce.dll
    2009-05-20 23:31:45 ----A---- C:\Windows\system32\iepeers.dll
    2009-05-20 23:31:45 ----A---- C:\Windows\system32\ieakeng.dll
    2009-05-20 23:31:45 ----A---- C:\Windows\system32\dxtrans.dll
    2009-05-20 23:31:45 ----A---- C:\Windows\system32\dxtmsft.dll
    2009-05-20 23:31:44 ----A---- C:\Windows\system32\WinFXDocObj.exe
    2009-05-20 23:31:44 ----A---- C:\Windows\system32\wextract.exe
    2009-05-20 23:31:44 ----A---- C:\Windows\system32\webcheck.dll
    2009-05-20 23:31:44 ----A---- C:\Windows\system32\pngfilt.dll
    2009-05-20 23:31:44 ----A---- C:\Windows\system32\occache.dll
    2009-05-20 23:31:44 ----A---- C:\Windows\system32\mstime.dll
    2009-05-20 23:31:44 ----A---- C:\Windows\system32\msrating.dll
    2009-05-20 23:31:44 ----A---- C:\Windows\system32\msfeedssync.exe
    2009-05-20 23:31:44 ----A---- C:\Windows\system32\msfeeds.dll
    2009-05-20 23:31:44 ----A---- C:\Windows\system32\licmgr10.dll
    2009-05-20 23:31:44 ----A---- C:\Windows\system32\inseng.dll
    2009-05-20 23:31:44 ----A---- C:\Windows\system32\iesetup.dll
    2009-05-20 23:31:44 ----A---- C:\Windows\system32\ieakui.dll
    2009-05-20 23:31:44 ----A---- C:\Windows\system32\ieaksie.dll
    2009-05-20 23:31:44 ----A---- C:\Windows\system32\advpack.dll
    2009-05-20 23:31:43 ----A---- C:\Windows\system32\vbscript.dll
    2009-05-20 23:31:43 ----A---- C:\Windows\system32\url.dll
    2009-05-20 23:31:43 ----A---- C:\Windows\system32\jscript.dll
    2009-05-20 23:31:43 ----A---- C:\Windows\system32\iedkcs32.dll
    2009-05-20 23:31:43 ----A---- C:\Windows\system32\ieapfltr.dll
    2009-05-20 23:31:42 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
    2009-05-20 23:31:42 ----A---- C:\Windows\system32\SetDepNx.exe
    2009-05-20 23:31:42 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
    2009-05-20 23:31:42 ----A---- C:\Windows\system32\PDMSetup.exe
    2009-05-20 23:31:42 ----A---- C:\Windows\system32\mshta.exe
    2009-05-20 23:31:42 ----A---- C:\Windows\system32\iexpress.exe
    2009-05-20 23:31:42 ----A---- C:\Windows\system32\ieUnatt.exe
    2009-05-20 23:31:42 ----A---- C:\Windows\system32\iesysprep.dll
    2009-05-20 23:31:42 ----A---- C:\Windows\system32\iertutil.dll
    2009-05-20 23:31:42 ----A---- C:\Windows\system32\ie4uinit.exe
    2009-05-20 23:31:41 ----A---- C:\Windows\system32\wininet.dll
    2009-05-20 23:31:41 ----A---- C:\Windows\system32\urlmon.dll
    2009-05-20 23:31:40 ----A---- C:\Windows\system32\mshtml.dll
    2009-05-20 23:31:40 ----A---- C:\Windows\system32\ieframe.dll
    2009-05-20 09:29:17 ----D---- C:\Users\chausladen\AppData\Roaming\Desktopicon
    2009-05-20 09:29:16 ----D---- C:\Program Files\Unlocker
    2009-05-19 19:33:33 ----D---- C:\Program Files\SNAPFISH
    2009-05-10 20:10:01 ----D---- C:\Program Files\ICQ6Toolbar
    2009-05-10 20:09:59 ----D---- C:\ProgramData\ICQ
    2009-05-10 20:09:27 ----D---- C:\Users\chausladen\AppData\Roaming\ICQ
    2009-05-10 20:08:56 ----D---- C:\Program Files\ICQ6.5
    2009-05-06 18:02:22 ----D---- C:\ProgramData\HP Product Assistant
    2009-05-06 17:41:25 ----A---- C:\Windows\system32\hppldcoi.dll
    2009-05-06 17:41:25 ----A---- C:\Windows\system32\hpowiax7.dll
    2009-05-06 17:41:25 ----A---- C:\Windows\system32\hpotscl6.dll
    2009-05-06 17:41:24 ----A---- C:\Windows\system32\hpovst15.dll
    2009-05-02 09:28:06 ----A---- C:\Windows\system32\javaws.exe
    2009-05-02 09:28:06 ----A---- C:\Windows\system32\javaw.exe
    2009-05-02 09:28:06 ----A---- C:\Windows\system32\java.exe
    2009-05-02 09:28:06 ----A---- C:\Windows\system32\deploytk.dll
    2009-04-30 19:38:21 ----D---- C:\Program Files\PhotoFiltrePortable
    2009-04-29 23:05:08 ----D---- C:\ProgramData\hps
    2009-04-29 23:02:43 ----D---- C:\Program Files\dm
    2009-04-25 20:55:08 ----D---- C:\ProgramData\eBay
    2009-04-25 20:55:08 ----D---- C:\Program Files\eBay
    2009-04-25 15:14:15 ----D---- C:\Windows\Downloaded Installations
    2009-04-24 20:55:16 ----D---- C:\Program Files\PhotoScape
    2009-04-22 16:10:37 ----D---- C:\Users\chausladen\AppData\Roaming\Opera
    2009-04-22 16:10:26 ----D---- C:\Program Files\Opera
    2009-04-22 12:59:36 ----D---- C:\Program Files\Tracker Software

    ======List of files/folders modified in the last 1 months======

    2009-05-21 19:41:56 ----D---- C:\Windows\Prefetch
    2009-05-21 19:41:44 ----D---- C:\Windows\Temp
    2009-05-21 19:23:58 ----RD---- C:\Program Files
    2009-05-21 19:16:16 ----AD---- C:\ProgramData\Temp
    2009-05-21 18:23:08 ----SHD---- C:\System Volume Information
    2009-05-21 18:14:50 ----D---- C:\Windows\System32
    2009-05-21 18:14:41 ----HD---- C:\ProgramData
    2009-05-21 18:14:32 ----D---- C:\Windows\system32\drivers
    2009-05-21 18:14:28 ----D---- C:\Windows\system32\catroot
    2009-05-21 18:14:27 ----D---- C:\Windows\inf
    2009-05-21 18:14:27 ----D---- C:\Windows
    2009-05-21 17:45:25 ----D---- C:\Windows\system32\Tasks
    2009-05-21 16:46:51 ----D---- C:\Program Files\Common Files
    2009-05-21 10:36:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2009-05-21 09:43:59 ----D---- C:\Windows\Debug
    2009-05-20 23:51:42 ----D---- C:\Windows\rescache
    2009-05-20 23:33:59 ----D---- C:\Windows\system32\de-DE
    2009-05-20 23:33:59 ----D---- C:\Program Files\Internet Explorer
    2009-05-20 23:33:58 ----D---- C:\Windows\system32\migration
    2009-05-20 23:33:58 ----D---- C:\Windows\system32\en-US
    2009-05-20 23:33:58 ----D---- C:\Windows\PolicyDefinitions
    2009-05-20 23:33:30 ----D---- C:\Windows\winsxs
    2009-05-20 23:32:08 ----D---- C:\Windows\system32\catroot2
    2009-05-20 23:31:30 ----D---- C:\Windows\SoftwareDistribution
    2009-05-20 23:16:56 ----D---- C:\Program Files\SMINST
    2009-05-20 23:14:01 ----D---- C:\ProgramData\eMule
    2009-05-20 18:08:18 ----SHD---- C:\Windows\Installer
    2009-05-20 18:08:18 ----HD---- C:\Config.Msi
    2009-05-20 10:25:26 ----D---- C:\Windows\system32\wbem
    2009-05-20 10:22:39 ----D---- C:\Windows\Tasks
    2009-05-20 10:22:39 ----D---- C:\Windows\system32\spool
    2009-05-20 10:22:39 ----D---- C:\Windows\registration
    2009-05-20 10:22:39 ----D---- C:\Users\chausladen\AppData\Roaming\IrfanView
    2009-05-20 10:08:17 ----D---- C:\Windows\Logs
    2009-05-16 12:31:34 ----D---- C:\Windows\system32\LogFiles
    2009-05-13 22:16:34 ----D---- C:\Program Files\Windows Mail
    2009-05-13 19:41:43 ----SD---- C:\ProgramData\Microsoft
    2009-05-10 20:20:01 ----D---- C:\Program Files\Mozilla Firefox
    2009-05-10 20:10:00 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-05-07 09:16:29 ----A---- C:\Windows\system32\mrt.exe
    2009-05-06 18:15:40 ----A---- C:\Windows\win.ini
    2009-05-06 18:02:22 ----D---- C:\ProgramData\HP
    2009-05-06 18:00:52 ----D---- C:\Windows\twain_32
    2009-05-02 09:27:48 ----D---- C:\Program Files\Java
    2009-04-29 22:14:49 ----SD---- C:\Users\chausladen\AppData\Roaming\Microsoft
    2009-04-25 22:14:25 ----D---- C:\Windows\system32\WDI
    2009-04-25 15:14:14 ----D---- C:\Program Files\Common Files\InstallShield
    2009-04-23 21:57:40 ----D---- C:\Users\chausladen\AppData\Roaming\HP
    2009-04-22 16:11:36 ----D---- C:\Windows\Minidump
    2009-04-22 16:05:47 ----SD---- C:\Windows\Downloaded Program Files

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
    R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-04-27 96104]
    R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376]
    R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2008-03-03 279440]
    R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-04-27 55640]
    R3 Dot4;MS IEEE-1284.4-Treiber; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
    R3 Dot4Print;Druckerklassentreiber für IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
    R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
    R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-09-02 2472448]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-09-24 2171672]
    R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-08-06 124928]
    R3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
    S3 avmeject;AVM Eject; C:\Windows\system32\drivers\avmeject.sys [2006-12-28 4352]
    S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
    S3 FWLANUSB;AVM FRITZ!WLAN; C:\Windows\system32\DRIVERS\fwlanusb.sys [2007-01-26 265088]
    S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
    S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
    S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
    S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms [2008-09-10 20640]
    S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
    S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
    S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AVM WLAN Connection Service;AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [2006-12-28 356352]
    R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
    R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-08-22 73728]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2008-03-03 79400]
    R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2008-05-06 165416]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2009-01-07 348752]
    S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-01-21 1095560]
    S4 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-27 108289]
    S4 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089]

    -----------------EOF-----------------
     
    corinna_1986, May 21, 2009
    #3
  4. corinna_1986

    corinna_1986 Byte

    hier der mbam log file

    es wurden keine bösartigen objekte gefunden
     

    Attached Files:

    corinna_1986, May 21, 2009
    #4
  5. mike_kilo

    mike_kilo Ganzes Gigabyte

    Im Anhang bitte das nächstemal.
    Schalt mal den Truevectordienst von Zonealarm ab.(Testweise)
    Code:
     R3 - URLSearchHook: (no name) - - (no file)
    Scheint von ICQ zu stammen.
    fixen >>
    > http://virus-protect.org/hjtkurz.html
     
    mike_kilo, May 21, 2009
    #5
  6. corinna_1986

    corinna_1986 Byte

    sorry, aber was ist ein truevectordienst?
     
    corinna_1986, May 21, 2009
    #6
  7. corinna_1986

    corinna_1986 Byte

    bekomme ständig die fehlermeldung: f
    ---------------------------
    HijackThis
    ---------------------------
    For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, HijackThis may NOT be able to fix this.



    If that happens, you need to edit the file yourself. To do this, click Start, Run and type:



    notepad C:\Windows\System32\drivers\etc\hosts



    and press Enter. Find the line(s) HijackThis reports and delete them. Save the file as 'hosts.' (with quotes), and reboot.



    For Vista: simply, exit HijackThis, right click on the HijackThis icon, choose 'Run as administrator'.
    ---------------------------
    OK
    ---------------------------
     
    corinna_1986, May 21, 2009
    #7
  8. deoroller

    deoroller Wandelndes Forum

    Du musst HiJackThis mit Adminrechten starten.
    Rechte Maustaste auf HiJackthis->Mit Adminrechten starten
     
    deoroller, May 21, 2009
    #8
  9. TheD0CT0R

    TheD0CT0R Dr. h.c. Mod

    Das Programm sagt dir ja was du tun musst. Rechtsklick auf die HijackThis.exe und "Als Administrator ausführen" klicken.
     
    TheD0CT0R, May 21, 2009
    #9
  10. corinna_1986

    corinna_1986 Byte

    ok, habe jetzt alles soweit durchgemacht. und habe gerade neu gestartet.

    sorry ich kann nicht so gut englisch, wie ihr :)
     
    corinna_1986, May 21, 2009
    #10
  11. mike_kilo

    mike_kilo Ganzes Gigabyte

    der Systemdienst "True Vector Internet Monitor" von Zonealarm kann im Windows-Dienst-Manager deaktiviert werden.
    Rechtsklick Arbeitsplatz>Dienste.....
    Falls das keine Wirkung zeigt, Truevector ist ziemlich hartnäckig :
    > Start / ausführen / MSCONFIG (enter)
    Reiter: Systemstart >> zlclient
    Reiter: Dienste >> TrueVector...
    .. und zum Schluss neu starten!
    Optional im SafeMode(im abgesicherten Modus booten) mit <F8> versuchen.
    Direkt nach den BIOS-POST-Meldungen mehrmals F8 dr&#252;cken.....
    Wenn du spybot installiert hast, auch testweise deaktivieren.
    Denk an die Admin-Rechte!
    btw:
    Mehrere Sicherheits-Tools behindern sich gegenseitig. Alle greifen tief in das System ein.
    Im Grunde genommen reicht die Router-Firewall und ein Virenscanner, na ja und ein bisschen "Brain.exe".
    Ich w&#252;rde &#252;ber eine Deinstallation der &#252;berz&#228;hligen Tools nachdenken.
    Zuviele K&#246;che verderben den Brei!
     
    Last edited: May 21, 2009
    mike_kilo, May 21, 2009
    #11
Thread Status:
Not open for further replies.

Share This Page