Member Avatar for gerhardpolt

Hi,
I just joined, so I'm not sure if I am posting in the right place. I have had some problems with my computer recently: when looking at the task manager i saw that a lot of svchost.exe processes were running and taking up a lot of workspace. i then asked a friend (who knows more about computers than me) and he recommended me to get the tuneuputilities trial version, which i ran. i also got superantispyware and microsoft security essentials - i already had avir and malewarebytes on my computer. it found a couple of worms and deleted these, which was about a week ago. but when i tried to run defrag my computer screen would always at some point (usually when i wasn't around) turn black and i had to turn off the computer by pressing the button. the same happened when i did a full search with antispyware or even avira - i have now deinstalled avira and was able to run quick scans with all the other programms. i also followed the advise in your forum and will now post the log files. i don't know too much about all this, so please excuse my ignorance about certain things. hope i will do everything the way it should be done. all help would be greatly appreciated. i just saw that some of the log files are in german, hope that still makes sense.
p

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 7764

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

23.09.2011 20:38:32
mbam-log-2011-09-23 (20-38-32).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 174496
Laufzeit: 6 Minute(n), 35 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-09-21 20:00:06
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.12.0
Running: mxfsuutt.exe; Driver: C:\Users\peter\AppData\Local\Temp\kgloapow.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19120 BrowserJavaVersion: 1.6.0_20
Run by peter at 19:04:01 on 2011-09-23
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3068.1763 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\SMINST\BLService.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Windows\system32\wbem\wmiprvse.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.hotspotshield.com/g/?c=h
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
uSearch Page = ${URL_SEARCHPAGE}
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
mSearch Page = ${URL_SEARCHPAGE}
uInternet Settings,ProxyServer = 127.0.0.1:54323
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Hotspot Shield Class: {f9e4a054-e9b1-4bc3-83a3-76a1ae736170} - c:\program files\hotspot shield\hssie\HssIE.dll
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Nach Microsoft E&xel exportieren - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{8FA6A89A-B6EF-4DD1-ABFA-8CB6B1BB1736} : DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{9E12E29A-4FA0-4FBC-9FC1-FF2C9F70DE48} : DhcpNameServer = 139.7.30.126 139.7.30.125
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
IFEO: image file execution options - "c:\program files\tuneup utilities 2011\TUAutoReactivator32.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\peter\appdata\roaming\mozilla\firefox\profiles\rq19xamg.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2096149&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.hotmail.com/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2096149&SearchSource=2&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 54323
FF - prefs.js: network.proxy.type - 0
FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 MpKslea07e285;MpKslea07e285;c:\programdata\microsoft\microsoft antimalware\definition updates\{92a1597b-9fd8-449a-9223-bdca48943639}\MpKslea07e285.sys [2011-9-22 28752]
R1 MpKslf8933b8f;MpKslf8933b8f;c:\programdata\microsoft\microsoft antimalware\definition updates\{92a1597b-9fd8-449a-9223-bdca48943639}\MpKslf8933b8f.sys [2011-9-23 28752]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_030ac640\AEstSrv.exe [2008-9-27 73728]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\avira\antivir desktop\sched.exe [2011-2-21 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-2-21 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-7-8 66616]
R2 FontCache;Windows-Dienst für Schriftartencache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2008-3-18 19456]
R2 hshld;Hotspot Shield Service;c:\program files\hotspot shield\bin\openvpnas.exe [2011-7-1 298824]
R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe -product hss --> c:\program files\hotspot shield\bin\hsswd.exe -product HSS [?]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\sminst\BLService.exe [2008-7-2 341328]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2011\TuneUpUtilitiesService32.exe [2011-9-1 1526080]
R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2008-1-24 52736]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2008-4-1 81296]
R3 NETw5v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32-Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-9-27 3658752]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-9-16 105576]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2011\TuneUpUtilitiesDriver32.sys [2011-7-7 10064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2009-4-9 7680]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\drivers\ZTEusbnet.sys [2010-8-22 110592]
S3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\drivers\zteusbvoice.sys [2010-8-22 105344]
S4 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2008-7-2 193840]
.
=============== Created Last 30 ================
.
2011-09-23 17:04:21 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{92a1597b-9fd8-449a-9223-bdca48943639}\MpKslf8933b8f.sys
2011-09-22 19:55:44 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{92a1597b-9fd8-449a-9223-bdca48943639}\MpKslea07e285.sys
2011-09-22 19:55:14 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{92a1597b-9fd8-449a-9223-bdca48943639}\offreg.dll
2011-09-22 19:55:09 7269712 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{92a1597b-9fd8-449a-9223-bdca48943639}\mpengine.dll
2011-09-21 22:40:37 -------- d-----w- c:\users\peter\appdata\local\Adobe
2011-09-18 15:18:18 -------- d-----w- c:\windows\system32\SRSLabs
2011-09-18 12:26:49 -------- d-----w- c:\users\peter\appdata\roaming\HandBrake
2011-09-18 12:26:49 -------- d-----w- c:\users\peter\appdata\local\HandBrake
2011-09-14 11:28:55 -------- d-----w- C:\Hotspot Shield
2011-09-14 11:26:09 755016 ----a-w- c:\program files\mozilla firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor50.dll
2011-09-14 11:26:08 756552 ----a-w- c:\program files\mozilla firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor.dll
2011-09-14 11:26:05 -------- d-----w- c:\program files\Hotspot Shield
2011-09-14 11:21:09 -------- d-----w- c:\users\peter\appdata\roaming\SUPERAntiSpyware.com
2011-09-14 11:20:22 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-09-14 11:20:22 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-09-14 11:09:18 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-09-13 23:46:09 7152464 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-09-13 22:01:31 -------- d-----w- c:\users\peter\appdata\local\Google
2011-09-13 22:01:02 -------- d-----w- c:\users\peter\appdata\local\Deployment
2011-09-13 22:01:02 -------- d-----w- c:\users\peter\appdata\local\Apps
2011-09-13 20:34:23 439632 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{425195d5-8a29-40d4-bc99-815e5ceb4957}\gapaengine.dll
2011-09-13 20:00:17 -------- d-----w- c:\program files\Microsoft Security Client
2011-09-13 19:59:19 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2011-09-13 19:00:19 -------- d-----w- c:\windows\CheckSur
2011-09-13 18:55:06 916480 ----a-w- c:\windows\system32\wininet.dll
2011-09-13 18:55:05 247808 ----a-w- c:\program files\internet explorer\ieproxy.dll
2011-09-13 18:55:04 129536 ----a-w- c:\program files\internet explorer\sqmapi.dll
2011-09-13 18:55:00 743424 ----a-w- c:\program files\internet explorer\iedvtool.dll
2011-09-13 18:53:42 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-09-13 18:51:53 913296 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-09-13 18:51:52 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2011-09-13 18:44:55 276992 ----a-w- c:\windows\system32\schannel.dll
2011-09-13 14:07:23 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-09-13 14:07:22 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2011-09-13 14:07:22 21312 ----a-w- c:\windows\system32\authuitu.dll
2011-09-13 14:06:48 -------- d-----w- c:\users\peter\appdata\roaming\TuneUp Software
2011-09-13 14:06:20 -------- d-----w- c:\program files\TuneUp Utilities 2011
2011-09-13 14:04:02 -------- d-----w- c:\programdata\TuneUp Software
2011-09-13 14:03:52 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-09-09 23:28:57 7152464 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{6ff46e3c-3580-4c0b-a6f7-cd96d94086bc}\mpengine.dll
2011-09-07 16:03:16 -------- d-----w- c:\users\peter\appdata\local\Facebook
2011-09-02 14:08:49 -------- d-----w- C:\Downloads
2011-09-02 14:03:47 -------- d-----w- c:\program files\Cryptload 1.1.8
.
==================== Find3M ====================
.
2011-09-21 19:17:33 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-31 16:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-23 11:00:05 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-07-23 10:59:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-07-23 10:59:34 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-07-23 10:59:34 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-07-23 10:03:47 385024 ----a-w- c:\windows\system32\html.iec
2011-07-23 09:27:04 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-07-23 09:25:38 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-11 13:25:35 2048 ----a-w- c:\windows\system32\tzres.dll
2011-07-06 15:31:47 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-07-01 14:05:06 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
.
============= FINISH: 19:07:20,49 ===============

hope this helps clarify some things.
thanks so much in advance!!!!

  • 3 Contributors
  • 5 Replies
  • 402 Views
  • 1 Day Discussion Span
  • Latest Post Latest Post by phoenix_2000
Member Avatar for gerhardpolt

forgot to post this!

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 27.09.2008 00:12:52
System Uptime: 23.09.2011 18:03:42 (1 hours ago)
.
Motherboard: Quanta | | 3603
Processor: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz | CPU | 800/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 289 GiB total, 45,268 GiB free.
D: is FIXED (NTFS) - 9 GiB total, 1,642 GiB free.
E: is CDROM ()
G: is FIXED (FAT32) - 298 GiB total, 27,913 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acoustica Effects Pack
Acoustica Mixcraft 4.5
Activation Assistant for the 2007 Microsoft Office suites
ActiveCheck component for HP Active Support Library
Adobe After Effects 7.0
Adobe After Effects 7.0 Functional Content
Adobe AIR
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Encore DVD 2.0
Adobe Encore DVD FC
Adobe ExtendScript Toolkit 1.0
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Help Center 2.0
Adobe Photoshop CS2
Adobe Photoshop CS2 Functional Content
Adobe Premiere Pro 2.0
Adobe Premiere Pro FC
Adobe Production Studio
Adobe Reader 9.2 - Deutsch
Adobe Shockwave Player
Adobe Stock Photos 1.0
Adobe Video Suite Extras
Apple Application Support
Apple Software Update
ArcSoft PhotoStudio 5.5
Avira AntiVir Personal - Free Antivirus
Celtx (2.7)
Compatibility Pack für 2007 Office System
ConvertXtoDVD 4.1.1.334
CyberLink DVD Suite
CyberLink YouCam
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Web Player
Dropbox
ElsterFormular 2006/2007
ElsterFormular 2007/2008
ElsterFormular 2008/2009
Firebird SQL Server - MAGIX Edition
GEAR 32bit Driver Installer
HandBrake 0.9.5
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotspot Shield 2.06
HP Active Support Library
HP Customer Experience Enhancements
HP Doc Viewer
HP Easy Setup - Frontend
HP Help and Support
HP Quick Launch Buttons 6.40 D1
HP QuickPlay 3.7
HP QuickTouch 1.00 D2
HP Total Care Advisor
HP Update
HP User Guides 0102
HP Wireless Assistant
HPAsset component for HP Active Support Library
HPNetworkAssistant
IDT Audio
Intel® Matrix Storage Manager
iPhone-Konfigurationsprogramm
iTunes
Java Auto Updater
Java(TM) 6 Update 20
Java(TM) 6 Update 5
JMicron JMB38X Flash Media Controller
Junk Mail filter update
LightScribe System Software 1.12.33.2
Malwarebytes' Anti-Malware Version 1.51.2.1300
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft Antimalware
Microsoft Antimalware Service DE-DE Language Pack
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (German) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (German) 2007
Microsoft Office PowerPoint MUI (German) 2007
Microsoft Office PowerPoint Viewer 2007 (German)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proofing (German) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (German) 2007
Microsoft Office Word MUI (German) 2007
Microsoft Security Client
Microsoft Security Client DE-DE Language Pack
Microsoft Security Essentials
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mozilla Firefox 6.0.2 (x86 de)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My HP Games
Native Instruments Beatport Sync
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA PhysX
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.7.00
Power2Go
PowerDirector
ProtectSmart Hard Drive Protection
QuickPlay SlingPlayer 0.4.6
QuickTime
RealPlayer
Realtek 8169 8168 8101E 8102E Ethernet Driver
RealUpgrade 1.0
ScanSoft OmniPage SE 4
Security Task Manager 1.8d
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SilverFast CanonSDK-SE 6.5.5r2
Skype™ 5.1
SonicStage 4.3
Spelling Dictionaries Support For Adobe Reader 9
SUPERAntiSpyware
Synaptics Pointing Device Driver
TuneUp Utilities 2011
TuneUp Utilities Language Pack (de-DE)
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office OneNote 2007 (KB980729)
VC80CRTRedist - 8.0.50727.762
Viewpoint Media Player
VLC media player 0.9.8a
WavePad Sound Editor
Winamp
Winamp Remote
Windows Live-Uploadtool
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
WinRAR
.
==== End Of File ===========================

Member Avatar for jingda

You said at when you run some programs it will automatically turn off itself? It could be an overheating issue, virus or some failing hardware in your computer.

Did you install any new hardware parts recently? Try following the bellow steps.

1) Reseat the ram ( Do not do this if you have no experience )

2) Test your power supply unit using a multimeter or power supply tester.

3) Enter your BIOS by pressing F2 and just wait to see anything happens.

4) Is your fan producing a very loud noise?

Member Avatar for gerhardpolt

Hey,
thanks for the fast supply. the computer does tend to get quite hot recently and the fan can be heard. I couldn't follow your other steps so far, because i basically haven't got the proper experience and i wasn't sure if i could do e.g. step 3) without having done the other steps. the only hardware that was installed last xmas was a new battery, but nothing else besides that. did anything from my log indicate that there might be a virus/worm on it?

Member Avatar for jingda

After translating from german to english there seems to be no infected files on your system. The 4 steps above is not in sequence so you can do whatever steps you want first but do number 3 first to check whether your OS is having problem.

Member Avatar for phoenix_2000

maybe it's a stupid question, but did you actually uninstall your previous anti-virus before installing your new one? if not, they might be conflicting.

also, having multiple svchost.exe files is quite normal. wikipedia says:

In the Windows NT family of operating systems, svchost.exe (Service Host, or SvcHost) is a system process which hosts multiple Windows services.[1] Its executable image, %SystemRoot%\System32\Svchost.exe or %SystemRoot%\SysWOW64\Svchost.exe (for 32-bit services running on 64-bit systems) runs in multiple instances, each hosting one or more services. It is essential in the implementation of so-called shared service processes, where a number of services can share a process in order to reduce resource consumption.
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.