Paules-PC-Forum.de Anzeige:

Microsoft Windows Intune: PC-Verwaltung und -Sicherheit in der Cloud: Updateverwaltung, Anti-Virus und vieles mehr!


Zurück   Paules-PC-Forum.de > PC-Sicherheit > Viren-Forum
Win 7 Total Security Befall! Wie bekomm ich das los? [Windows 7-32 bit] Win 7 Total Security Befall! Wie bekomm ich das los?
Startseite Registrieren Hilfe Kalender Suchen Heutige Beiträge Alle Foren als gelesen markieren

Viren-Forum über Viren, Dialer, Trojaner, Spyware etc.

EM-Tippspiel

Paule bei Facebook


Paule bei Twitter

Navigation

Letzte Forenthemen
Gehe zum ersten neuen Beitrag PPF - Spiel "Wörter weiter...
Aufrufe: 26918, Antworten: 4218
Gehe zum ersten neuen Beitrag Algorithmen Teil IV...
Aufrufe: 3328, Antworten: 122
Gehe zum ersten neuen Beitrag Von Live CD Windowspfad...
Aufrufe: 314, Antworten: 19
Bundesliga-Tippspiel Saision...
Aufrufe: 7646, Antworten: 185
Gehe zum ersten neuen Beitrag Captur 2.2 (Snow Leo)
Aufrufe: 21, Antworten: 0
Gehe zum ersten neuen Beitrag Captur 2.3 (Lion)
Aufrufe: 24, Antworten: 0
Gehe zum ersten neuen Beitrag Acer Aspire 8745ZG fährt...
Aufrufe: 59, Antworten: 6
Gehe zum ersten neuen Beitrag Rechner fährt herunter,...
Aufrufe: 146, Antworten: 9
Gehe zum ersten neuen Beitrag avs4you_com Lizenz oder Abo?
Aufrufe: 72, Antworten: 4
Gehe zum ersten neuen Beitrag PPF - Shoppingwahn
Aufrufe: 50944, Antworten: 1395
Zeige:

Anzeige:




Antwort
Seite 1 von 2 1 2
 
LinkBack Themen-Optionen Ansicht
Alt 04.05.2011, 23:02   #1 (Direktlink)
Erfolgreich angemeldet
 
Registriert seit: 12.02.2010
Beiträge: 23
Standard Win 7 Total Security Befall! Wie bekomm ich das los?
Hab mir wohl eine Mal oder Spamware eingefangen (evt. durch einen Adobe Flash Download).
Nennt sich "Win 7 total Security"

Macht irgend einen wirren "Scan" und blockiert sämtliche Internet Browser.
Allerdings nur auf meinem Benutzerkonto.

Wie bringe ich das Ding wieder los?

Danke schon mal für eure Hilfe
Moori ist offline   Mit Zitat antworten
Werbung

Windows 7 Tipps und Tricks in Bildern

Alt 05.05.2011, 05:54   #2 (Direktlink)
Premium Mitglied
 
Benutzerbild von Lassiter
 
Registriert seit: 10.03.2005
Ort: Engelberg (CH)
Beiträge: 5.748
Standard
Hallo,

Geh mal nach folgender Anleitung vor:

Anleitung zum Löschen von Viren / Thread erstellen
__________________
Gruss
Lassiter

" Fragen und Probleme zu Forenthemen werden per PN nicht beantwortet, Danke. "
Lassiter ist offline   Mit Zitat antworten
Alt 05.05.2011, 07:23   #3 (Direktlink)
Erfolgreich angemeldet
 
Registriert seit: 12.02.2010
Beiträge: 23
Standard
Danke!

Hier das Log File


Logfile of random's system information tool 1.08 (written by random/random)
Run by Quirin at 2011-05-05 07:18:46
Microsoft Windows 7 Home Premium
System drive C: has 63 GB (43%) free of 146 GB
Total RAM: 3067 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 07:19:09, on 05.05.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Windows\PLFSetI.exe
C:\Users\QUIRIN~1.ACE\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Quirin.AcerLaptop\Downloads\RSIT.exe
C:\Program Files\trend micro\Quirin.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04**** - C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Acer Incorporated - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - c:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10410 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-07-29 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-07-29 142896]
{AD6E6555-FB2C-47D4-8339-3E2965509877} - TerraTec Home Cinema - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL [2010-02-04 526336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-06 7600672]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-25 1049896]
"ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2008-10-08 147456]
"BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-25 28672]
"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2009-03-18 173352]
"eAudio"=C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [2008-09-11 544768]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-07-29 526896]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-10-17 167936]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-29 200704]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-08-27 1218056]
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2009-07-20 421888]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-04 98304]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-11-02 281768]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AVer HID Receiver.lnk - C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
AVerQuick.lnk - C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectD elayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecu teHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6****"=C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticetext"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\fir ewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\fir ewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-05-05 07:18:46 ----D---- C:\rsit
2011-05-05 07:18:46 ----D---- C:\Program Files\trend micro
2011-04-15 14:04:42 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-04-15 14:04:42 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-04-15 14:04:42 ----A---- C:\Windows\system32\drivers\srv.sys
2011-04-15 14:04:41 ----A---- C:\Windows\system32\vbscript.dll
2011-04-15 14:04:41 ----A---- C:\Windows\system32\jscript.dll
2011-04-15 14:04:40 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-04-15 14:04:40 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-04-15 14:04:40 ----A---- C:\Windows\system32\dnsapi.dll
2011-04-15 14:04:40 ----A---- C:\Windows\system32\atmfd.dll
2011-04-15 14:04:39 ----A---- C:\Windows\system32\atmlib.dll
2011-04-15 14:04:38 ----A---- C:\Windows\system32\mshtml.dll
2011-04-15 14:04:37 ----A---- C:\Windows\system32\ieframe.dll
2011-04-15 14:04:36 ----A---- C:\Windows\system32\urlmon.dll
2011-04-15 14:04:34 ----A---- C:\Windows\system32\wininet.dll
2011-04-15 14:04:34 ----A---- C:\Windows\system32\mstime.dll
2011-04-15 14:04:34 ----A---- C:\Windows\system32\msfeeds.dll
2011-04-15 14:04:34 ----A---- C:\Windows\system32\ieui.dll
2011-04-15 14:04:34 ----A---- C:\Windows\system32\iertutil.dll
2011-04-15 14:04:34 ----A---- C:\Windows\system32\iepeers.dll
2011-04-15 14:04:34 ----A---- C:\Windows\system32\iedkcs32.dll
2011-04-15 14:04:33 ----A---- C:\Windows\system32\mshtmled.dll
2011-04-15 14:04:33 ----A---- C:\Windows\system32\msfeedssync.exe
2011-04-15 14:04:33 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-04-15 14:04:33 ----A---- C:\Windows\system32\licmgr10.dll
2011-04-15 14:04:33 ----A---- C:\Windows\system32\jsproxy.dll
2011-04-15 14:03:39 ----A---- C:\Windows\system32\win32k.sys
2011-04-15 14:03:37 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-04-15 14:03:35 ----A---- C:\Windows\system32\inetcomm.dll
2011-04-15 14:03:33 ----A---- C:\Windows\system32\mfc42u.dll
2011-04-15 14:03:33 ----A---- C:\Windows\system32\mfc42.dll
2011-04-15 14:03:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-15 14:03:32 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-15 14:03:32 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-15 14:03:32 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-04-07 18:52:32 ----D---- C:\casinospiele-ebook

======List of files/folders modified in the last 1 months======

2011-05-05 07:18:46 ----RD---- C:\Program Files
2011-05-05 07:15:55 ----D---- C:\Windows\system32\config
2011-05-05 07:14:49 ----D---- C:\Windows\temp
2011-05-04 23:07:18 ----D---- C:\Windows\System32
2011-05-04 23:07:18 ----D---- C:\Windows\inf
2011-05-04 23:07:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-04 22:45:21 ----SHD---- C:\System Volume Information
2011-05-04 22:15:37 ----D---- C:\Recovery
2011-05-04 22:12:22 ----D---- C:\ProgramData
2011-05-04 22:12:16 ----D---- C:\Windows\system32\sysprep
2011-05-01 09:29:03 ----D---- C:\Windows\system32\catroot2
2011-04-29 23:22:09 ----SHD---- C:\Windows\Installer
2011-04-29 23:22:09 ----HD---- C:\Config.Msi
2011-04-18 15:46:44 ----A---- C:\Windows\system32\MRT.exe
2011-04-17 06:53:20 ----RSD---- C:\Windows\assembly
2011-04-17 06:49:30 ----D---- C:\Windows\Microsoft.NET
2011-04-16 08:42:08 ----D---- C:\Windows\winsxs
2011-04-16 08:40:24 ----D---- C:\Windows\system32\drivers
2011-04-16 08:40:23 ----D---- C:\Windows\system32\migration
2011-04-16 08:40:23 ----D---- C:\Program Files\Internet Explorer
2011-04-15 21:20:36 ----D---- C:\Windows\system32\catroot
2011-04-06 10:22:10 ----SHD---- C:\$RECYCLE.BIN

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-07-29 18992]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-31 13824]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-03-16 137656]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};Power Control [2009/08/12 01:37:08]; \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-10-17 87536]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-11-22 61960]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-10-01 12832]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-07-29 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-07-29 60464]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-29 8192]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 103440]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-09-04 5174272]
R3 b57nd60x;Broadcom NetXtreme-Gigabit-Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]
R3 hidshim;Service for HID-KMDF Shim layer; C:\Windows\system32\DRIVERS\hidshim.sys [2009-07-21 5632]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-22 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-22 207360]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-06 2657120]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-31 14848]
R3 nuvotonhidgeneric;Nuvoton EC Generic HID; C:\Windows\system32\DRIVERS\nuvotonhidgeneric.sys [2009-07-21 22528]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-09-19 61952]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-25 199472]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-22 659968]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 AVerAF35;AVerMedia A835 USB DVB-T; C:\Windows\System32\Drivers\AVerAF35.sys [2009-10-19 474880]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2009-06-29 112128]
S3 FTDIBUS;Suunto USB Serial Drivers; C:\Windows\system32\drivers\sntbus.sys [2004-04-20 24209]
S3 FTSER2K;Suunto USB Serial Port Driver; C:\Windows\system32\drivers\sntser2k.sys [2004-04-20 57404]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-04-09 102784]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [2009-06-29 102912]
S3 mod7700;Cinergy HT USB XE Capture Service; C:\Windows\system32\DRIVERS\mod7700.sys [2009-11-04 560448]
S3 MODRC;Cinergy HT USB XE IR Service; C:\Windows\system32\DRIVERS\modrc.sys [2009-11-04 20032]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2009-06-24 159776]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-09-04 172032]
R2 AntiVirMailService;Avira AntiVir MailGuard; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2010-11-02 339624]
R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-04-27 136360]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-03-16 269480]
R2 AntiVirWebService;Avira AntiVir WebGuard; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-03-09 421032]
R2 AVerRemote;AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [2009-04-08 344064]
R2 AVerScheduleService;AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2009-10-09 389120]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-10-04 69632]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-07-29 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2009-08-13 24576]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2009-06-16 122880]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); c:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-09 272024]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-29 386560]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-02 136176]
S3 gupdatem;Google Update-Dienst (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-02 136176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]

-----------------EOF-----------------
Moori ist offline   Mit Zitat antworten
Alt 05.05.2011, 07:27   #4 (Direktlink)
Erfolgreich angemeldet
 
Registriert seit: 12.02.2010
Beiträge: 23
Standard
Und hier die Info:


info.txt logfile of random's system information tool 1.08 2011-05-05 07:19:11

======Uninstall list======

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\Setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\Setup.exe" -uninstall
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {58FC5E37-DD28-4D4A-A549-125744C6763C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {888B9AC7-8F5C-456B-A27A-157A6C310E52}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}
Acer Arcade Deluxe-->"C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" /z-uninstall
Acer Arcade Deluxe-->"C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" /z-uninstall
Acer Crystal Eye Webcam 2.0.9.2-->C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\setup.exe -runfromtemp -l0x0007 -removeonly
Acer eAudio Management-->"C:\Program Files\InstallShield Installation Information\{57265292-228A-41FA-9AEC-4620CBCC2739}\Setup.exe" -uninstall
Acer eDataSecurity Management-->C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSnstHelper.exe -Operation UNINSTALL
Acer Empowering Technology-->"C:\Program Files\InstallShield Installation Information\{8F1B6239-FEA0-450A-A950-B05276CE177C}\setup.exe" -runfromtemp -l0x0007 -removeonly
Acer ePower Management-->"C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -runfromtemp -l0x0007 -removeonly
Acer eSettings Management-->"C:\Program Files\InstallShield Installation Information\{13D85C14-2B85-419F-AC41-C7F21E68B25D}\setup.exe" -runfromtemp -l0x0007 -removeonly
Acer GridVista-->C:\Windows\GVUni.exe GridV.UNI
Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetu p "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x7 -removeonly
Acer Product Registration-->"C:\Program Files\InstallShield Installation Information\{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}\setup.exe" -runfromtemp -l0x0007 -removeonly
Acer ScreenSaver-->"C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -runfromtemp -l0x0009 -removeonly
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10o_Plugin.exe -maintain plugin
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.4.3 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A94000000001}
Agatha Christie Peril at End House-->"C:\Program Files\Acer GameZone\Agatha Christie Peril at End House\Uninstall.exe" "C:\Program Files\Acer GameZone\Agatha Christie Peril at End House\install.log"
Alice Greenfingers-->"C:\Program Files\Acer GameZone\Alice Greenfingers\Uninstall.exe" "C:\Program Files\Acer GameZone\Alice Greenfingers\install.log"
Alien Shooter-->"C:\Program Files\Acer GameZone\Alien Shooter\Uninstall.exe" "C:\Program Files\Acer GameZone\Alien Shooter\install.log"
ATI AVIVO Codecs-->MsiExec.exe /I{A273B3DF-3520-5C45-DBFC-F1FCB6F53315}
AVerMedia A835 USB TV Tuner 8.0.0.43-->C:\Program Files\AVerMedia\AVerMedia A835 USB TV Tuner\uninst.exe
AVerTV-->C:\Program Files\InstallShield Installation Information\{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}\setup.exe -runfromtemp -l0x0407
Avira AntiVir Premium-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
AVM FRITZ!Box Dokumentation-->C:\Program Files\FRITZ!Box\install.exe -d
AVM FRITZ!Box Druckeranschluss-->C:\Program Files\FRITZ!BoxPrint\install.exe -d
Beetle Junior-->"C:\Program Files\Acer GameZone\Beetle Junior\Uninstall.exe" "C:\Program Files\Acer GameZone\Beetle Junior\install.log"
C:\Program Files\Acer GameZone\GameConsole-->"C:\Program Files\Acer GameZone\GameConsole\unins000.exe"
Cake Mania-->"C:\Program Files\Acer GameZone\Cake Mania\Uninstall.exe" "C:\Program Files\Acer GameZone\Cake Mania\install.log"
Catalyst Control Center - Branding-->MsiExec.exe /I{34A0D249-747E-4D6C-803D-329C120C6B79}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Chicken Invaders 2-->"C:\Program Files\Acer GameZone\Chicken Invaders 2\Uninstall.exe" "C:\Program Files\Acer GameZone\Chicken Invaders 2\install.log"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Cinergy HT USB XE V3.12.00.00a-->"C:\Program Files\Common Files\TerraTec\DriverInstall\Cinergy_HT_USB_XE\uninstall.exe"
Cradle of Rome-->"C:\Program Files\Acer GameZone\Cradle of Rome\Uninstall.exe" "C:\Program Files\Acer GameZone\Cradle of Rome\install.log"
CyberLink PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
CyberLink PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
Dream Day First Home-->"C:\Program Files\Acer GameZone\Dream Day First Home\Uninstall.exe" "C:\Program Files\Acer GameZone\Dream Day First Home\install.log"
EA SPORTS online 2004-->C:\Program Files\EA SPORTS\EA SPORTS online\EASOUNInstaller.exe
ElsterFormular für Privatanwender-->C:\Users\Volkmar\Desktop\ElsterFormular\uninstall.exe
Free Audio CD Burner version 1.4.7-->"C:\Program Files\DVDVideoSoft\Free Audio CD Burner\unins000.exe"
Free YouTube to MP3 Converter version 3.9.34.305-->"C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe"
Galapago-->"C:\Program Files\Acer GameZone\Galapago\Uninstall.exe" "C:\Program Files\Acer GameZone\Galapago\install.log"
GamesBar 2.0.1.31-->C:\Program Files\GamesBar\uninst.exe
Go-Go Gourmet-->"C:\Program Files\Acer GameZone\Go-Go Gourmet\Uninstall.exe" "C:\Program Files\Acer GameZone\Go-Go Gourmet\install.log"
Google Earth-->MsiExec.exe /X{C768790F-04FB-11E0-9B2C-001AA037B01E}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\UIU32m.exe -U -Ic:\Release\Foxconn\51338\AcrZUn32z.inf
HiJackThis-->MsiExec.exe /X{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}
HP Customer Participation Program 13.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot
HP Imaging Device Functions 13.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart All-In-One Driver Software 13.0 Rel. A-->C:\Program Files\HP\Digital Imaging\{17016DA1-F040-4032-BD36-34DD317BC9D5}\setup\hpzscr01.exe -datfile hposcr18.dat -onestop -showdisconnect -forcereboot
HP Photosmart Essential 3.5-->C:\Program Files\HP\Digital Imaging\PhotosmartEssential\hpzscr01.exe -datfile hpqbud13.dat -forcereboot
HP Smart Web Printing 4.51-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 13.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
Launch Manager-->C:\Windows\UNINST32.EXE LManager.UNI
Magic Farm-->"C:\Program Files\Acer GameZone\Magic Farm\Uninstall.exe" "C:\Program Files\Acer GameZone\Magic Farm\install.log"
Magic Match Adventures-->"C:\Program Files\Acer GameZone\Magic Match Adventures\Uninstall.exe" "C:\Program Files\Acer GameZone\Magic Match Adventures\install.log"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Groove MUI (German) 2007-->MsiExec.exe /X{90120000-00BA-0407-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (German) 2007-->MsiExec.exe /X{90120000-0044-0407-0000-0000000FF1CE}
Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{6AFCA4E1-9B78-3640-8F72-A7BF33448200}
Microsoft Works-->MsiExec.exe /I{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}
Mozilla Firefox (3.6.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Mystery Solitaire - Secret Island-->"C:\Program Files\Acer GameZone\Mystery Solitaire - Secret Island\Uninstall.exe" "C:\Program Files\Acer GameZone\Mystery Solitaire - Secret Island\install.log"
Mythic Mahjong-->"C:\Program Files\Acer GameZone\Mythic Mahjong\Uninstall.exe" "C:\Program Files\Acer GameZone\Mythic Mahjong\install.log"
NHL 2004-->C:\Program Files\EA SPORTS\NHL 2004\EAUninstall.exe
Nokia Connectivity Cable Driver-->MsiExec.exe /I{1B9B5B3B-28E7-4E59-A80D-D670AA984514}
Nokia Map Loader-->MsiExec.exe /I{45D4F727-43B5-49CD-B474-B9866A8F4FB8}
Nokia PC Suite-->C:\ProgramData\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Nokia_PC_Suite_ger_web.exe
Nokia PC Suite-->MsiExec.exe /I{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}
NTI Backup Now 5-->C:\Program Files\InstallShield Installation Information\{12EFA1A4-AC3B-443C-8143-237EDE760403}\setup.exe -runfromtemp -l0x0407
NTI Media Maker 8-->C:\Program Files\InstallShield Installation Information\{2413930C-8309-47A6-BC61-5EF27A4222BC}\setup.exe -runfromtemp -l0x0407
Nuvoton EC Generic HID Driver-->MsiExec.exe /I{302E9B7B-2B6A-4C29-9A02-9F2110649779}
Nuvoton EC Generic HID Driver-->MsiExec.exe /I{92975DF9-EA36-4F36-A9AC-D412BC1D709E}
OCR Software by I.R.I.S. 13.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
Orion-->MsiExec.exe /X{5B63A470-9334-44D1-AF61-6CE2DB565AE9}
PC Connectivity Solution-->MsiExec.exe /I{089DD780-DB3F-4CDB-A0C2-111360247298}
PhotoNow!-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" -uninstall
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetu p "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Realtek USB 2.0 Card Reader-->C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\Setup.exe -runfromtemp -l0x0007 -removeonly
Remove Grundwortschatz- und Transfertraining 1-->c:\Programme\GUT1MM\unstall.exe
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Suunto Monitor-->"C:\Program Files\Suunto Monitor\unins000.exe"
Suunto Sports Instrument Drivers-->C:\Windows\system32\suuntoun.exe C:\Windows\system32\sntun2k.ini
Suunto Training Manager-->"C:\Program Files\Suunto Training Manager\unins000.exe"
Suunto USB Drive-->"C:\Windows\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TerraTec Home Cinema-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetu p "C:\Program Files\InstallShield Installation Information\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\setup.exe" -l0x7
The Rise of Atlantis-->"C:\Program Files\Acer GameZone\The Rise of Atlantis\Uninstall.exe" "C:\Program Files\Acer GameZone\The Rise of Atlantis\install.log"
Tiks Texas Hold em-->"C:\Program Files\Acer GameZone\Tiks Texas Hold em\Uninstall.exe" "C:\Program Files\Acer GameZone\Tiks Texas Hold em\install.log"
UEFA EURO 2004-->C:\Program Files\EA SPORTS\UEFA EURO 2004\EAUninstall.exe
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Upgrade Kit-->"C:\Program Files\InstallShield Installation Information\{1D0FDD6D-3C5E-4588-8ED0-02DC88014BF2}\setup.exe" -runfromtemp -l0x0007 -removeonly
Windows 7 Upgrade Advisor-->MsiExec.exe /I{F722E488-A5B5-47ff-AA9B-4DE6CE7914CA}
Windows Live Anmelde-Assistent-->MsiExec.exe /I{B5BCBD49-202F-4238-8398-D83D423A48B4}
Windows Live Call-->MsiExec.exe /I{835686C5-8650-49EB-8CA0-4528B4035495}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{DF5F687F-8018-4542-9F98-7084E9022917}
Windows Live Fotogalerie-->MsiExec.exe /X{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}
Windows Live Mail-->MsiExec.exe /I{5A166C0B-9557-4364-A057-F946D674E6AC}
Windows Live Messenger-->MsiExec.exe /X{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}
Windows Live Sync-->MsiExec.exe /X{8C1E2925-14F8-45AA-B999-1E2A74BF5607}
Windows Live Writer-->MsiExec.exe /X{81821BF8-DA20-4F8C-AA87-F70A274828D4}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows-Treiberpaket - Nokia Modem (06/09/2010 4.5)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_x86_neutral_4 afe3236e50779fa\nokia_bluetooth.inf
Windows-Treiberpaket - Nokia Modem (06/09/2010 7.01.0.7)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_x86_neutral_fe4babbc 84a3ec95\nokbtmdm.inf
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\p ccsmcfd.inf

======Hosts File======

0.0.0.0 gameduell.de
0.0.0.0 Online Spiele und Online Games kostenlos - GameDuell
0.0.0.0 gameduell.com
0.0.0.0 Online Games and Free Online Games - GameDuell
0.0.0.0 www1.gameduell.de
0.0.0.0 www2.gameduell.de
0.0.0.0 www3.gameduell.de
0.0.0.0 www4.gameduell.de
0.0.0.0 www5.gameduell.de
0.0.0.0 www6.gameduell.de

======System event log======

Computer Name: AcerLaptop
Event Code: 7036
Message: Dienst "Diagnoserichtliniendienst" befindet sich jetzt im Status "Beendet".
Record Number: 350698
Source Name: Service Control Manager
Time Written: 20110221063246.792117-000
Event Type: Informationen
User:

Computer Name: AcerLaptop
Event Code: 7036
Message: Dienst "Extensible Authentication-Protokoll" befindet sich jetzt im Status "Beendet".
Record Number: 350697
Source Name: Service Control Manager
Time Written: 20110221063246.792117-000
Event Type: Informationen
User:

Computer Name: AcerLaptop
Event Code: 7036
Message: Dienst "Diagnosesystemhost" befindet sich jetzt im Status "Beendet".
Record Number: 350696
Source Name: Service Control Manager
Time Written: 20110221063246.776517-000
Event Type: Informationen
User:

Computer Name: AcerLaptop
Event Code: 7036
Message: Dienst "Empowering Technology Service" befindet sich jetzt im Status "Beendet".
Record Number: 350695
Source Name: Service Control Manager
Time Written: 20110221063246.776517-000
Event Type: Informationen
User:

Computer Name: AcerLaptop
Event Code: 7036
Message: Dienst "Avira AntiVir MailGuard" befindet sich jetzt im Status "Beendet".
Record Number: 350694
Source Name: Service Control Manager
Time Written: 20110221063246.776517-000
Event Type: Informationen
User:

=====Application event log=====

Computer Name: AcerLaptop
Event Code: 302
Message: Windows (3216) Windows: Das Datenbankmodul hat erfolgreich die Schritte zur Wiederherstellung abgeschlossen.
Record Number: 37124
Source Name: ESENT
Time Written: 20101010063743.000000-000
Event Type: Informationen
User:

Computer Name: AcerLaptop
Event Code: 0
Message:
Record Number: 37123
Source Name: AVerScheduleService
Time Written: 20101010063743.000000-000
Event Type: Informationen
User:

Computer Name: AcerLaptop
Event Code: 301
Message: Windows (3216) Windows: Das Datenbankmodul gibt die Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log wieder.
Record Number: 37122
Source Name: ESENT
Time Written: 20101010063743.000000-000
Event Type: Informationen
User:

Computer Name: AcerLaptop
Event Code: 300
Message: Windows (3216) Windows: Das Datenbankmodul initiiert Schritte zur Wiederherstellung.
Record Number: 37121
Source Name: ESENT
Time Written: 20101010063743.000000-000
Event Type: Informationen
User:

Computer Name: AcerLaptop
Event Code: 102
Message: Windows (3216) Windows: Das Datenbankmodul (6.01.7600.0000) hat eine neue Instanz gestartet (0).
Record Number: 37120
Source Name: ESENT
Time Written: 20101010063743.000000-000
Event Type: Informationen
User:

=====Security event log=====

Computer Name: AcerLaptop
Event Code: 5061
Message: Kryptografievorgang.

Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: ACERLAPTOP$
Kontodomäne: WORKGROUP
Anmelde-ID: 0x3e7

Kryptografische Parameter:
Anbietername: Microsoft Software Key Storage Provider
Algorithmusname: RSA
Schlüsselname: {5546EAD8-5A0B-4133-9366-5D062E6EFAF5}
Schlüsseltyp: Computerschlüssel.

Kryptografischer Vorgang:
Vorgang: Schlüssel öffnen.
Rückgabecode: 0x0
Record Number: 45394
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101111163929.016391-000
Event Type: Überwachung erfolgreich
User:

Computer Name: AcerLaptop
Event Code: 5058
Message: Schlüsseldateivorgang.
Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: ACERLAPTOP$
Kontodomäne: WORKGROUP
Anmelde-ID: 0x3e7

Kryptografische Parameter:
Anbietername: Microsoft Software Key Storage Provider
Algorithmusname: Nicht verfügbar.

Schlüsselname: {5546EAD8-5A0B-4133-9366-5D062E6EFAF5}
Schlüsseltyp: Computerschlüssel.

Informationen zum Schlüsseldateivorgang:
Dateipfad: C:\ProgramData\Microsoft\Crypto\Keys\43214e81fdf41471d929af964ec675b1_2bcd97f6-dc82-4eb2-9e24-bc1efc9276fc
Vorgang: Persistenten Schlüssel aus Datei lesen.
Rückgabecode: 0x0
Record Number: 45393
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101111163929.016391-000
Event Type: Überwachung erfolgreich
User:

Computer Name: AcerLaptop
Event Code: 5061
Message: Kryptografievorgang.

Antragsteller:
Sicherheits-ID: S-1-5-19
Kontoname: LOKALER DIENST
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e5

Kryptografische Parameter:
Anbietername: Microsoft Software Key Storage Provider
Algorithmusname: RSA
Schlüsselname: c72f38e8-4239-4efe-8a58-c2ea10d9ff0e
Schlüsseltyp: Computerschlüssel.

Kryptografischer Vorgang:
Vorgang: Schlüssel öffnen.
Rückgabecode: 0x0
Record Number: 45392
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101111163918.188972-000
Event Type: Überwachung erfolgreich
User:

Computer Name: AcerLaptop
Event Code: 5058
Message: Schlüsseldateivorgang.
Antragsteller:
Sicherheits-ID: S-1-5-19
Kontoname: LOKALER DIENST
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e5

Kryptografische Parameter:
Anbietername: Microsoft Software Key Storage Provider
Algorithmusname: Nicht verfügbar.

Schlüsselname: c72f38e8-4239-4efe-8a58-c2ea10d9ff0e
Schlüsseltyp: Computerschlüssel.

Informationen zum Schlüsseldateivorgang:
Dateipfad: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8da0260a7f8dbaaec2588286b0ba6258 _2bcd97f6-dc82-4eb2-9e24-bc1efc9276fc
Vorgang: Persistenten Schlüssel aus Datei lesen.
Rückgabecode: 0x0
Record Number: 45391
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101111163918.188972-000
Event Type: Überwachung erfolgreich
User:

Computer Name: AcerLaptop
Event Code: 4672
Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen.

Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e7

Berechtigungen: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 45390
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101111163901.278542-000
Event Type: Überwachung erfolgreich
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"DFSTRACINGON"=FALSE
"NTIPath"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Progr am Files\NewTech Infosystems\NTI Backup Now 5\;
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Progr am Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Acer\Empowering Technology\eDataSecurity;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
"Pathtem"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat

-----------------EOF-----------------
Moori ist offline   Mit Zitat antworten
Alt 05.05.2011, 16:36   #5 (Direktlink)
Erfolgreich angemeldet
 
Registriert seit: 12.02.2010
Beiträge: 23
Standard
AVIRA lieferte beim Komplettscan keinen Fund.

Bei Malewarebyte wurde das ins Log geschrieben.


Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Database version: 6512

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

05.05.2011 16:29:33
mbam-log-2011-05-05 (16-29-33).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 519593
Time elapsed: 2 hour(s), 13 minute(s), 12 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\com mand\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Users\Volkmar\AppData\Local\epw.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe") Good: (firefox.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode \command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Users\Volkmar\AppData\Local\epw.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode) Good: (firefox.exe -safe-mode) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\co mmand\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Users\Volkmar\AppData\Local\epw.exe" -a "C:\Program Files\Internet Explorer\IEXPLORE.EXE") Good: (iexplore.exe) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Volkmar\office07_keygen.exe (RiskWare.Tool.CK) -> Not selected for removal.
c:\Users\Volkmar\AppData\Local\epw.exe (Trojan.FakeMS) -> Not selected for removal.
c:\Users\Volkmar\AppData\Local\xls.exe (Trojan.FakeMS) -> Not selected for removal.
c:\Users\Volkmar\Desktop\dateien aus pc\pc dateien gemeinsame\eigene bilder\kommunion lukas\IMG_0479.JPG (Extension.Mismatch) -> Not selected for removal.
c:\$RECYCLE.BIN\s-1-5-21-3310076213-3621745174-2152248190-1000\$RYD1SUZ.exe (Trojan.FakeMS) -> Not selected for removal.
Moori ist offline   Mit Zitat antworten
Werbung

Windows 7 Tipps und Tricks in Bildern

Alt 09.05.2011, 19:51   #6 (Direktlink)
Super-Moderator
 
Registriert seit: 08.02.2010
Beiträge: 1.728
Standard
Hallo,

c:\Users\Volkmar\Desktop\dateien aus pc\pc dateien gemeinsame\eigene bilder\kommunion lukas\IMG_0479.JPG (Extension.Mismatch) -> Not selected for removal.
c:\$RECYCLE.BIN\s-1-5-21-3310076213-3621745174-2152248190-1000\$RYD1SUZ.exe (Trojan.FakeMS) -> Not selected for removal.

Warum löscht du die Funde nicht?
Führe ein Update durch und wiederhole den Scan -lösche diesmal alle Funde.
Poste das Ergebniss
__________________
Gruß Leo
Der Leo ist offline   Mit Zitat antworten
Alt 09.05.2011, 21:24   #7 (Direktlink)
Premium Mitglied
 
Benutzerbild von Lassiter
 
Registriert seit: 10.03.2005
Ort: Engelberg (CH)
Beiträge: 5.748
Standard
Hallo,

Am besten ist, die Hostdatei einmal auf die Standardeinstellung zurückzusetzen.
Geh nach folgender Anleitung vor, aber lies vorher alles genau durch.
Du kannst es manuell oder auch automatisch machen.

So setzen Sie die Hostdatei auf die Standardeinstellung zurück
__________________
Gruss
Lassiter

" Fragen und Probleme zu Forenthemen werden per PN nicht beantwortet, Danke. "
Lassiter ist offline   Mit Zitat antworten
Alt 10.05.2011, 08:12   #8 (Direktlink)
Erfolgreich angemeldet
 
Registriert seit: 12.02.2010
Beiträge: 23
Standard
Host hab ich auf Standart zurückgesetzt.

Malewarebyte lieferte keine Funde mehr.

Aber noch eine Frage: Ich hatte eine Internetseite gesperrt. Dies ist nun nach dem zurücksetzen wieder weg. Ich hab zwar versucht die Host Datei zu öffenen um das evt. wieder einzugeben, aber es gibt nur eine host.old Datei die ich nicht öffnen kann.
Wie kann ich diese Seite wieder im Host eingeben um sie zu sperren?

Danke schon mal
Moori ist offline   Mit Zitat antworten
Alt 10.05.2011, 19:28   #9 (Direktlink)
Premium Mitglied
 
Benutzerbild von Lassiter
 
Registriert seit: 10.03.2005
Ort: Engelberg (CH)
Beiträge: 5.748
Standard
Hallo,

Erstelle noch einmal ein HijackThis.
__________________
Gruss
Lassiter

" Fragen und Probleme zu Forenthemen werden per PN nicht beantwortet, Danke. "
Lassiter ist offline   Mit Zitat antworten
Alt 10.05.2011, 20:54   #10 (Direktlink)
Erfolgreich angemeldet
 
Registriert seit: 12.02.2010
Beiträge: 23
Standard
Bitteschön



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:53:06, on 10.05.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Windows\PLFSetI.exe
C:\Users\Volkmar\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\PC Tools Security\pctsGui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Gamesbar\SearchEngineProtection.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Users\Volkmar\Desktop\HiJackThis204.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\PC Tools Security\pctsGui.exe" /hideGUI
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SearchEngineProtection] C:\Program Files\Gamesbar\SearchEngineProtection.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Volkmar\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter .htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04**** - C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Acer Incorporated - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - c:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\PC Tools Security\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11089 bytes
Moori ist offline   Mit Zitat antworten
Werbung

Windows 7 Tipps und Tricks in Bildern

Alt 14.05.2011, 08:58   #11 (Direktlink)
Erfolgreich angemeldet
 
Registriert seit: 12.02.2010
Beiträge: 23
Standard
Nochmal meine Frage:

Ich hatte eine Seite in der Host Datei gesperrt.

Diese Sperre funktioniert nicht mehr.
Hab das zwar nochmal genauso eingegebn, wie vorher, aber das geht nicht mehr.

Wie kann ich diese Seite wieder sperren. Eine Anleitung wäre nicht schlecht.

Hat sich mit der Standart Zurücksetzung da irgendwas geändert, daß ich die Seite in der Host Datei nicht mehr sperren kann?

Würde hier wirklich Hilfe benötigen. Danke!
Moori ist offline   Mit Zitat antworten
Alt 14.05.2011, 09:19   #12 (Direktlink)
Super-Moderator
 
Registriert seit: 08.02.2010
Beiträge: 1.728
Standard
Schau mal hier.

Supportnet Tipp: Internet Seiten sperren (Windows hosts)
__________________
Gruß Leo
Der Leo ist offline   Mit Zitat antworten
Alt 15.05.2011, 07:33   #13 (Direktlink)
Erfolgreich angemeldet
 
Registriert seit: 12.02.2010
Beiträge: 23
Standard
Zitat:
Zitat von Der Leo Beitrag anzeigen

Hab ich so gemacht, aber die Seite, welche ich sperren möchte macht trotzdem auf.
Ich kapier das nicht. Vorher war sie ja auch gesperrt.
Und wenn ich jetzt das gleiche mach, tut sich gar nix.
Die hosts Datei sieht genauso aus, wie ich das vorher eingegeben hatte.
Moori ist offline   Mit Zitat antworten
Alt 15.05.2011, 12:00   #14 (Direktlink)
Super-Moderator
 
Registriert seit: 08.02.2010
Beiträge: 1.728
Standard
Was ist das den für eine Internet Seite? Warum soll sie gesperrt werden?


Zitat:
Hab mir wohl eine Mal oder Spamware eingefangen (evt. durch einen Adobe Flash Download).
Wohleher daher.
c:\Users\*****\office07_keygen.exe (RiskWare.Tool.CK)
__________________
Gruß Leo
Der Leo ist offline   Mit Zitat antworten
Alt 15.05.2011, 20:44   #15 (Direktlink)
Erfolgreich angemeldet
 
Registriert seit: 12.02.2010
Beiträge: 23
Standard
Die "office 07" kann es nicht sein, da sie seit ca. 2 Jahren auf 2 Rechnern läuft, ohne Probleme zu machen. Das Problem ist aufgetreten, nachdem ich den Download für den Adobe Flash gestartet habe.


Die zu sperrende Seite ist eine Spieleseite, da meine Frau da schon mal locker 300 - 400 € im Monat verzockt.

Also eigentlich ein Familienschutz.
Moori ist offline   Mit Zitat antworten
Werbung

Windows 7 Tipps und Tricks in Bildern

Antwort
Seite 1 von 2 1 2

  Paules-PC-Forum.de > PC-Sicherheit > Viren-Forum

Lesezeichen

« Vorheriges Thema | Nächstes Thema »
Themen-Optionen
Ansicht
Linear-Darstellung Linear-Darstellung

Forumregeln
Es ist Ihnen erlaubt, neue Themen zu verfassen.
Es ist Ihnen erlaubt, auf Beiträge zu antworten.
Es ist Ihnen nicht erlaubt, Anhänge hochzuladen.
Es ist Ihnen nicht erlaubt, Ihre Beiträge zu bearbeiten.
BB-Code ist an.
Smileys sind an.
[IMG] Code ist an.
HTML-Code ist aus.
Trackbacks are an
Pingbacks are an
Refbacks are an

Ähnliche Themen
Thema Autor Forum Antworten Letzter Beitrag
[Windows 7-32 bit] Malware befall Leandros Viren-Forum 18 24.02.2010 20:28
Weiß jemand, woher ich nen Personal Security Manager bekomm? Steffi_with_problem Allgemein 5 13.01.2010 18:56
Total Security...wie kriege ich es weg? Armin.v.b Viren-Forum 1 29.08.2009 11:30
adware befall Skyrunner90 Viren-Forum 1 11.06.2007 09:51
Befall von Spyware Ronaldiny Viren-Forum 12 27.05.2007 10:17



Alle Zeitangaben in WEZ +2. Es ist jetzt 06:59 Uhr.

Kontakt - Paules-PC-Forum.de - Archiv - Nach oben

Powered by vBulletin® Version 3.8.7 (Deutsch)
Copyright ©2000 - 2012, vBulletin Solutions, Inc.
Powered by vBCMS® 2.7.0 ©2002 - 2012 vbdesigns.de
(c) Paules-PC-Forum.de

::: Impressum :::

Search Engine Optimization by vBSEO 3.3.2