Win XP: Fehlermeldung beim Installieren: RegCreateKeyEx failed; code 1019

Hallo und Willkommen auf Computerhilfen 

Diese Datei sollte Malware sein, deswegen lade die auf http://virustotal.com hoch und poste dass Ergebnis hier:

C:\WINDOWS\SYSTEM32\ddcAttQg.dll

 

danke für die schnelle antwort

Antivirus Version Last Update Result
AhnLab-V3 2008.6.11.0 2008.06.10 -
AntiVir 7.8.0.55 2008.06.10 TR/Monder.30208.2
Authentium 5.1.0.4 2008.06.10 -
Avast 4.8.1195.0 2008.06.10 -
AVG 7.5.0.516 2008.06.10 Generic10.ALKV
BitDefender 7.2 2008.06.10 Trojan.Vundo.ESO
CAT-QuickHeal 9.50 2008.06.10 -
ClamAV 0.92.1 2008.06.10 -
DrWeb 4.44.0.09170 2008.06.10 -
eSafe 7.0.15.0 2008.06.10 -
eTrust-Vet 31.6.5862 2008.06.10 -
Ewido 4.0 2008.06.10 -
F-Prot 4.4.4.56 2008.06.10 W32/Virtumonde.P.gen!Eldorado
F-Secure 6.70.13260.0 2008.06.10 Trojan.Win32.Monder.gen
Fortinet 3.14.0.0 2008.06.10 -
GData 2.0.7306.1023 2008.06.10 Trojan.Win32.Monder.gen
Ikarus T3.1.1.26.0 2008.06.10 Trojan.Win32.Vundo.GX
Kaspersky 7.0.0.125 2008.06.10 Trojan.Win32.Monder.gen
McAfee 5314 2008.06.10 -
Microsoft 1.3604 2008.06.10 Trojan:Win32/Vundo.gen!C
NOD32v2 3173 2008.06.10 -
Norman 5.80.02 2008.06.10 -
Panda 9.0.0.4 2008.06.09 Suspicious file
Prevx1 V2 2008.06.10 Fraudulent Security Program
Rising 20.48.12.00 2008.06.10 -
Sophos 4.30.0 2008.06.10 -
Sunbelt 3.0.1145.1 2008.06.05 -
Symantec 10 2008.06.10 Trojan.Vundo
TheHacker 6.2.92.341 2008.06.10 -
VBA32 3.12.6.7 2008.06.10 -
VirusBuster 4.3.26:9 2008.06.10 -
Webwasher-Gateway 6.6.2 2008.06.10 Trojan.Monder.30208.2
Additional information
File size: 30208 bytes
MD5...: de74a4ff8489ecfb0de4431e2170d272
SHA1..: c5ba90a97d055a865e61aed3b904017b353ac339
SHA256: f9296ef5e56bba183a578f4ce4b1da2c4227a259c20a91364057ec8dba7cd854
SHA512: 63e252b5d9651ff379d5effa42f9c4709a6c3725981ddb5262ab69c825083bb0
89583f7104c3f9d2296fd1f1d2a6e8d31c584f61863fcd257999e5f65dc42b59
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x100121d0
timedatestamp.....: 0x47f5d6a6 (Fri Apr 04 07:20:06 2008)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0xb000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0xc000 0x7000 0x6e00 7.94 f9b36a8109cedd1eebee02ff9483e503
.rsrc 0x13000 0x1000 0x400 2.36 cc7639d2c440b32670dccdf12281c90f

( 3 imports )
> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree
> ole32.dll: CoGetObject
> user32.dll: GetMenu

( 0 exports )
 
packers (Kaspersky): UPX
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=D97614960002336776DF00EA9E8881008FAB0317
packers (F-Prot): UPX_LZMA
 

Wie vermutet Vundo.

Lade dir bitte Malwarebytes runter und mache einen Scan, poste den Report anschließend hier:

Malwarebytes:
http://www.trojaner-board.de/51187-anleitung-malwarebytes-anti-malware.html

 

kann malwarebytes nicht installieren, da kommt wieder die fehlermeldung

Dann versuche es so, öffne Hijackthis und fixxe damit folgende Einträge:

O2 - BHO: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O2 - BHO: (no name) - {A0B4FFEA-D466-49A8-9BB0-B7BBD2FCB449} - C:\WINDOWS\system32\ddcAttQg.dll
O2 - BHO: (no name) - {B96E8541-E01E-4B2E-918F-1BE3E4BC2BB3} - (no file)
O2 - BHO: (no name) - {DB7664EC-D944-4FA7-B6DA-01C2E962B7FA} - (no file)
O3 - Toolbar: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O20 - Winlogon Notify: byxxutq - byxxutq.dll (file missing)
O20 - Winlogon Notify: ddcAttQg - C:\WINDOWS\SYSTEM32\ddcAttQg.dll

Wenn es danach immer noch nicht klappt melde dich.

geht immernoch nicht...

Versuche mal ob killbox klappt.

wähle damit die Datei aus und lass sie löschen. (delete on reboot)

Mache einen neustart und versuche es erneut.

bin gesten nicht mehr dazu gekommen des zu machen. hab heute nochmal versucht die einträge in hijackthis zu löschen, hat auch geklappt und malwarebytes installieren auch. seit heute kommt ne warnmeldung vom teatimer (spybot s&d): browser helper object, key added, {4269E0A0-44C1-40DB-B291-DA13BDEB5D2}
hab die änderung schon paar mal verweigert, es kommt aber trotzdem immer wieder


Malwarebytes' Anti-Malware 1.17
Database version: 846

14:47:35 11/06/2008
mbam-log-6-11-2008 (14-47-29).txt

Scan type: Quick Scan
Objects scanned: 43808
Time elapsed: 11 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 3
Registry Keys Infected: 12
Registry Values Infected: 3
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 8

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\bbitllsh.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\hgGwXnKB.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ddcAttQg.dll (Trojan.Vundo) -> No action taken.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4269e0a0-44c1-40db-b291-da1d3bdeb5d2} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4269e0a0-44c1-40db-b291-da1d3bdeb5d2} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b96e8541-e01e-4b2e-918f-1be3e4bc2bb3} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a0b4ffea-d466-49a8-9bb0-b7bbd2fcb449} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a0b4ffea-d466-49a8-9bb0-b7bbd2fcb449} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ddcattqg (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\sgoblxtm.bebp (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\sgoblxtm.toolbar.1 (Trojan.FakeAlert) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{b96e8541-e01e-4b2e-918f-1be3e4bc2bb3} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BM1e3dd7d3 (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{a0b4ffea-d466-49a8-9bb0-b7bbd2fcb449} (Trojan.Vundo) -> No action taken.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\hggwxnkb -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\hggwxnkb  -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\bbitllsh.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\hslltibb.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\hgGwXnKB.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\BKnXwGgh.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\BKnXwGgh.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\whwvsdlk.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\ddcAttQg.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> No action taken.

Hallo deaktiviere bitte den Tea Timer, der erschwert dass Arbeiten!!

Fixxe dazu diesen Eintrag:
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe

Lasse danach von Malwarebytes alle Funde löschen!

Und mache einen neustart.

Danach poste ein neues Hijackthis Logfile und mache einen neuen Scan mit Malwarebytes. 

Malwarebytes' Anti-Malware 1.17
Database version: 846

15:21:05 11/06/2008
mbam-log-6-11-2008 (15-21-05).txt

Scan type: Quick Scan
Objects scanned: 43113
Time elapsed: 5 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\hgGwXnKB.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\BKnXwGgh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\BKnXwGgh.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:28:35, on 11/06/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Programme\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe
C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\Acer\Empowering Technology\eLock\LockServ.exe
C:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe
d:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Programme\TaskSwitchXP\TaskSwitchXP.exe
C:\Programme\Launch Manager\LManager.exe
C:\Programme\Realtek\InstallShield\RTHDCPL.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Programme\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe
C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Programme\Malwarebytes' Anti-Malware\mbam.exe
C:\Dokumente und Einstellungen\Sabina ~\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.computerhilfen.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8100
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02762517-108D-4BDB-8E7F-762320F129D6} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {3D4841BF-3A79-4CFC-BFC6-5B8F3266AB17} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {DB7664EC-D944-4FA7-B6DA-01C2E962B7FA} - (no file)
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Programme\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: eSnips - {ED1184DA-E57E-4480-99D0-A16809037F54} - C:\Programme\eSnips\SnipBar.dll
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskSwitchXP] d:\Programme\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [avgnt] C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
O4 - HKCU\..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe
O4 - HKCU\..\Run: [RTHDCPL] C:\Programme\Realtek\InstallShield\RTHDCPL.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
O4 - Global Startup: Ashampoo Magical Defrag.lnk = C:\Programme\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Snip to my eSnips account - C:\Programme\eSnips\res\SnipIt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Pošalji u OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Po&šalji u OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: byxxutq - byxxutq.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Programme\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ashampoo Defrag Service (AshampooDefragService) -   - C:\Programme\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - d:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

--
End of file - 9904 bytes
 

Sieht gut aus, funktioniert wieder alles normal ?

ja, ich denk schon. Danke für die Hilfe!
hab noch ne frage...wieso funktionier computerhilfen.de bei mir nur mit ie 7 und nicht in Firefox 3? in ff funzt sonst jede seite aber bei computerhilfen wird nur des menü links und die linkleiste oben angezeigt, sonst nix.

Das Problem ist uns bekannt.

Der Admin wird, danach schauen, wenn Firefox 3 offiziel und nicht als beta Downloadbar ist.