Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
braviax.exe geht nicht weg ;-(

braviax.exe geht nicht weg ;-(


Plagegeister aller Art und deren Bekämpfung: braviax.exe geht nicht weg ;-(

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 3 von 4 12 3 4
Alt 22.08.2009, 20:46   #31
[e+dragon]
 
braviax.exe geht nicht weg ;-( - Standard

braviax.exe geht nicht weg ;-(


oioioi... das ist aber viel stoff. XD
das mit den kursen hört sich ziemlich interessant an,
weiß aber nicht ob ich die ausreichende zeit dafür finde...
bei mir zieht sich die schule schon ganz schön in die länge. im hinterkopf behalten werde ich es auf alle fälle.

und er scannt immer noch...

Alt 22.08.2009, 20:54   #32
john.doe
 
braviax.exe geht nicht weg ;-( - Standard

braviax.exe geht nicht weg ;-(


So ein Rechner ist auch nur ein Mensch, du musst ihn antreiben und streng mit ihm sein. Meiner wäre schon längst fertig, der hat Angst vor mir.

ciao, andreas
__________________

__________________
Alt 22.08.2009, 21:09   #33
[e+dragon]
 
braviax.exe geht nicht weg ;-( - Standard

braviax.exe geht nicht weg ;-(


Code:
ATTFilter
_desktop.ini;G:\movies\Prison.Break;Win32.HLLW.Gavir.ini;Deleted.;
_desktop.ini;G:\movies\Prison.Break\s1;Win32.HLLW.Gavir.ini;Deleted.;
take this!XD log file von drweb.
was für eine ausbeute. 5h scan... 2 zeilen XD
hoffe das verheißt gutes
was kommt jetzt noch?
ist der laptop wieder sauber?

thx sven
__________________
Alt 22.08.2009, 21:24   #34
john.doe
 
braviax.exe geht nicht weg ;-( - Standard

braviax.exe geht nicht weg ;-(


Deinstalliere DrWeb.
Zitat:
was kommt jetzt noch?
Poste nocheinmal frische Logs von RSIT.
Zitat:
ist der laptop wieder sauber?
Die Logs sehen alle gut aus. Wie geht es dem Rechner? Noch irgendwelche Auffälligkeiten oder Meldungen?

ciao, andreas
__________________
Kein Support per PN! Das ist hier ein Forum und keine Privatbetreuung!
Privatbetreuung nur gegen Bezahlung und ich koste sehr teuer.
Für alle Neuen
Anleitungen
Virenscanner
Kompromittierung unvermeidbar?

Alt 22.08.2009, 21:34   #35
[e+dragon]
 
braviax.exe geht nicht weg ;-( - Standard

braviax.exe geht nicht weg ;-(


Code:
ATTFilter
Logfile of random's system information tool 1.06 (written by random/random)
Run by Chef at 2009-08-22 22:32:02
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 65 GB (80%) free of 82 GB
Total RAM: 1015 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:32:13, on 22/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PGPserv.exe
c:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\Mindjet\MindManager 6\MMReminderService.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Elantech\ETDCtrl.exe
C:\Programme\EeePC\ACPI\AsTray.exe
C:\Programme\EeePC\ACPI\AsEPCMon.exe
C:\WINDOWS\system32\igfxext.exe
C:\Programme\EeePC\ACPI\AsAcpiSvr.exe
C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Brother\ControlCenter3\brccMCtl.exe
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Programme\Brother\Brmfcmon\BrMfcmon.exe
C:\Programme\PGP Corporation\PGP Desktop\PGPtray.exe
C:\Programme\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\Programme\UltraVNC\winvnc.exe
C:\Dokumente und Einstellungen\Chef\Eigene Dateien\Downloads\RSIT.exe
C:\Programme\trend micro\Chef.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q=%s
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [MMReminderService] C:\Programme\Mindjet\MindManager 6\MMReminderService.exe
O4 - HKLM\..\Run: [EPSON_UD_START] "C:\Programme\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe" -UDCONNECT
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ETDWare] C:\Programme\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [AsusTray] C:\Programme\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Programme\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Programme\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Verknüpfung mit lol.lnk = C:\Programme\UltraVNC\winvnc.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: PGPtray.exe.lnk = ?
O4 - Global Startup: SuperHybridEngine.lnk = ?
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in &Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Send to Mindjet MindManager - {531B9DC0-D8EE-4c76-A6EE-6C1E50569655} - C:\Programme\Mindjet\MindManager 6\Mm6InternetExplorer.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\PGPmapih.dll PGPmapih.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: EMP_UDSA - SEIKO EPSON CORPORATION - C:\Programme\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: PGPserv - PGP Corporation - C:\WINDOWS\system32\PGPserv.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe

--
End of file - 8914 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Programme\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2009-08-21 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-08-21 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-19 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-12-19 159744]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-19 131072]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-31 16806912]
"MMReminderService"=C:\Programme\Mindjet\MindManager 6\MMReminderService.exe [2005-09-13 28672]
"EPSON_UD_START"=C:\Programme\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe [2008-05-22 329632]
"avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"QuickTime Task"=C:\Programme\QuickTime\QTTask.exe [2009-01-05 413696]
"ETDWare"=C:\Programme\Elantech\ETDCtrl.exe [2008-09-03 335872]
"AsusTray"=C:\Programme\EeePC\ACPI\AsTray.exe [2008-09-02 106496]
"AsusEPCMonitor"=C:\Programme\EeePC\ACPI\AsEPCMon.exe [2008-05-21 94208]
"AsusACPIServer"=C:\Programme\EeePC\ACPI\AsAcpiSvr.exe [2008-09-02 593920]
"BrMfcWnd"=C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe [2007-03-12 663552]
"ControlCenter3"=C:\Programme\Brother\ControlCenter3\brctrcen.exe [2007-01-26 65536]
"SunJavaUpdateSched"=C:\Programme\Java\jre6\bin\jusched.exe [2009-08-21 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Programme\Messenger\msmsgs.exe [2008-04-14 1695232]
"Skype"=C:\Programme\Skype\Phone\Skype.exe [2009-07-16 25604904]
"SpybotSD TeaTimer"=C:\Programme\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWareDetect]
C:\Programme\Elantech\ETDDect.exe [2008-08-22 204800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mswin32dll]
C:\WINDOWS\explorer.exe [2008-04-14 1036800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pdfSaver3]
C:\Programme\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe [2004-09-05 380928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^Chef^Startmenü^Programme^Autostart^OneNote 2007 Screen Clipper and Launcher.lnk]
C:\PROGRA~1\MICROS~4\Office12\ONENOTEM.EXE [2007-12-07 101440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^Chef^Startmenü^Programme^Autostart^OneNote Table Of Contents.onetoc2]
C:\Dokumente und Einstellungen\Chef\Startmenü\Programme\Autostart\OneNote Table Of Contents.onetoc2 []

C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
Acrobat Assistant.lnk - C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe
BTTray.lnk - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PGPtray.exe.lnk - C:\WINDOWS\Installer\{882025A7-7599-4989-8FCD-7604FB90D6A9}\Icon6560581611.exe
SuperHybridEngine.lnk - C:\Programme\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe

C:\Dokumente und Einstellungen\Chef\Startmenü\Programme\Autostart
Verknüpfung mit lol.lnk - C:\Programme\UltraVNC\winvnc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\system32\PGPmapih.dll PGPmapih.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-12-19 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
PGPpwflt

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programme\Windows Live\Messenger\livecall.exe"="C:\Programme\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Programme\Microsoft Office\Office12\GROOVE.EXE"="C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE"="C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Easy_Note_Taker\Easy note taker.exe"="D:\Easy_Note_Taker\Easy note taker.exe:*:Disabled:Easy note taker"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programme\Windows Live\Messenger\livecall.exe"="C:\Programme\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
shell\AutoRun\command - E:\LaunchU3.exe -a


======List of files/folders created in the last 1 months======

2010-08-13 17:15:13 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-08-22 22:32:02 ----D---- C:\rsit
2009-08-22 22:27:08 ----D---- C:\Programme\Spybot - Search & Destroy
2009-08-22 22:27:08 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
2009-08-22 22:23:13 ----SHD---- C:\RECYCLER
2009-08-22 16:55:55 ----A---- C:\WINDOWS\ntbtlog.txt
2009-08-22 16:39:23 ----A---- C:\ComboFix.txt
2009-08-22 16:31:48 ----D---- C:\WINDOWS\temp
2009-08-22 10:01:48 ----A---- C:\WINDOWS\wininit.ini
2009-08-21 23:08:46 ----D---- C:\Programme\Panda Security
2009-08-21 22:34:24 ----D---- C:\Dokumente und Einstellungen\Chef\Anwendungsdaten\Skype
2009-08-21 22:33:24 ----D---- C:\Programme\Gemeinsame Dateien\Skype
2009-08-21 22:33:20 ----RD---- C:\Programme\Skype
2009-08-21 22:28:06 ----D---- C:\Dokumente und Einstellungen\Chef\Anwendungsdaten\Foxit
2009-08-21 22:27:42 ----D---- C:\Programme\Foxit Reader
2009-08-21 22:25:29 ----A---- C:\WINDOWS\system32\javaws.exe
2009-08-21 22:25:29 ----A---- C:\WINDOWS\system32\javaw.exe
2009-08-21 22:25:28 ----A---- C:\WINDOWS\system32\java.exe
2009-08-21 17:59:33 ----A---- C:\Boot.bak
2009-08-21 17:59:27 ----RASHD---- C:\cmdcons
2009-08-21 17:37:19 ----D---- C:\WINDOWS\ERDNT
2009-08-16 22:25:58 ----D---- C:\Dokumente und Einstellungen\Chef\Anwendungsdaten\Malwarebytes
2009-08-16 22:25:51 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2009-08-16 22:25:50 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2009-08-16 22:00:07 ----D---- C:\Programme\Trend Micro
2009-08-16 20:14:29 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-08-11 23:26:43 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-08-11 23:26:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-08-11 23:26:26 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-08-11 23:26:18 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-08-11 23:26:06 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-08-11 23:25:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-08-11 23:24:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-08-11 23:24:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-08-11 23:21:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-07-29 00:43:39 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$

======List of files/folders modified in the last 1 months======

2009-08-22 22:31:17 ----D---- C:\WINDOWS\Prefetch
2009-08-22 22:28:16 ----D---- C:\Programme\Mozilla Firefox
2009-08-22 22:27:08 ----RD---- C:\Programme
2009-08-22 22:05:41 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-22 17:10:22 ----D---- C:\WINDOWS
2009-08-22 16:55:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-22 16:47:35 ----D---- C:\WINDOWS\system32
2009-08-22 16:47:22 ----SHD---- C:\System Volume Information
2009-08-22 16:47:22 ----D---- C:\WINDOWS\system32\Restore
2009-08-22 16:42:20 ----SHD---- C:\WINDOWS\Installer
2009-08-22 16:41:54 ----D---- C:\WINDOWS\system32\drivers
2009-08-22 16:34:14 ----A---- C:\WINDOWS\system.ini
2009-08-22 16:31:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-08-22 16:30:21 ----D---- C:\WINDOWS\AppPatch
2009-08-22 16:30:15 ----D---- C:\Programme\Gemeinsame Dateien
2009-08-21 23:10:38 ----HD---- C:\WINDOWS\inf
2009-08-21 22:33:19 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype
2009-08-21 22:25:05 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-08-21 22:24:57 ----D---- C:\Programme\Java
2009-08-21 22:19:10 ----D---- C:\Dokumente und Einstellungen\Chef\Anwendungsdaten\Mozilla
2009-08-21 22:04:45 ----D---- C:\WINDOWS\system32\config
2009-08-21 21:29:50 ----D---- C:\Programme\UltraVNC
2009-08-21 21:28:17 ----D---- C:\Programme\RocketDock
2009-08-21 21:10:16 ----D---- C:\Programme\Adobe
2009-08-21 21:09:40 ----D---- C:\Programme\Gemeinsame Dateien\Adobe
2009-08-21 21:03:47 ----D---- C:\Programme\Windows Live Toolbar
2009-08-21 21:03:42 ----SD---- C:\WINDOWS\Tasks
2009-08-21 18:04:48 ----RSD---- C:\WINDOWS\Fonts
2009-08-21 17:59:33 ----RASH---- C:\boot.ini
2009-08-21 17:02:39 ----D---- C:\Programme\Microsoft Office
2009-08-21 13:34:46 ----D---- C:\Dokumente und Einstellungen\Chef\Anwendungsdaten\U3
2009-08-21 13:28:44 ----A---- C:\WINDOWS\BRWMARK.INI
2009-08-21 13:28:44 ----A---- C:\WINDOWS\BRPP2KA.INI
2009-08-19 17:10:39 ----A---- C:\WINDOWS\NeroDigital.ini
2009-08-17 16:02:42 ----D---- C:\Programme\Password-Finder
2009-08-15 22:01:24 ----HD---- C:\WINDOWS\$hf_mig$
2009-08-14 18:43:58 ----SD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft
2009-08-13 21:04:03 ----D---- C:\WINDOWS\Debug
2009-08-11 23:26:00 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help
2009-08-11 23:24:57 ----D---- C:\Programme\Outlook Express
2009-08-05 10:59:36 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-07-30 02:49:14 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-29 00:43:15 ----D---- C:\WINDOWS\WinSxS
2009-07-28 21:33:56 ----D---- C:\Dokumente und Einstellungen\Chef\Anwendungsdaten\skypePM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-06-09 28520]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2008-11-24 235840]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-06 55656]
R2 PGPdisk;PGPdisk; C:\WINDOWS\system32\drivers\PGPdisk.sys [2007-08-10 224256]
R2 PGPsdkDriver;PGPsdkDriver; C:\WINDOWS\System32\Drivers\PGPsdk.sys [2007-08-10 33792]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-04 37160]
R3 BTKRNL;Bluetooth-Bus-Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-07-24 991656]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 eppvad_simple;EPSON Projector UD Audio Device; C:\WINDOWS\system32\drivers\EMP_UDAU.sys [2008-05-14 17664]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-12-19 5854688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-12 4751360]
R3 Ktp;Elantech Smart-Pad; C:\WINDOWS\system32\DRIVERS\ETD.sys [2008-08-25 26112]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-03-11 36864]
R3 RT80x86;Ralink 802.11n Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2860.sys [2008-03-28 625024]
R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller;


Alt 22.08.2009, 21:35   #36
[e+dragon]
 
braviax.exe geht nicht weg ;-( - Standard

braviax.exe geht nicht weg ;-(


Code:
ATTFilter
C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbstor;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;USB-Videogerät (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-03 546976]
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
S3 btaudio;Bluetooth-Audiogerät; C:\WINDOWS\system32\drivers\btaudio.sys [2008-05-30 534568]
S3 BTWDNDIS;Bluetooth-LAN-Zugangsserver; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-24 156816]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2008-03-10 57384]
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2008-02-04 37032]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-07-24 47272]
S3 catchme;catchme; \??\C:\cofi\catchme.sys []
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nocashio;nocashio; C:\WINDOWS\system32\drivers\nocashio.sys [2009-03-14 4096]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-08-06 185089]
R2 btwdins;Bluetooth Service; C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-07-30 346720]
R2 EMP_UDSA;EMP_UDSA; C:\Programme\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [2008-05-28 94208]
R2 IviRegMgr;IviRegMgr; C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-08-21 153376]
R2 PGPserv;PGPserv; C:\WINDOWS\system32\PGPserv.exe [2007-08-10 92672]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 NMIndexingService;NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Messenger USN Journal Reader-Service für freigegebene Ordner; C:\Programme\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Programme\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]

-----------------EOF-----------------
das war die log.txt

Alt 22.08.2009, 21:37   #37
[e+dragon]
 
braviax.exe geht nicht weg ;-( - Standard

braviax.exe geht nicht weg ;-(


Code:
ATTFilter
info.txt logfile of random's system information tool 1.06 2009-08-22 22:32:16

======Uninstall list======

-->C:\Programme\InstallShield Installation Information\{69333A04-5134-40A5-A055-9166A7AA1EC8}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNNMP.exe /UNINSTALL
-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {926CC8AE-8414-43DF-8EB4-CF26D9C3C663}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
AB Commander-->"C:\Programme\AB Commander\Setup.exe" /U
Adabas D 13.01.00-->MsiExec.exe /X{5C52CED3-D45C-4DA9-932F-B91BD44BB461}
Adobe Acrobat 6.0.1 Standard - English, Français, Deutsch-->MsiExec.exe /I{AC76BA86-1033-F400-BA7E-000000000001}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Asus ACPI Driver-->MsiExec.exe /X{19F5658D-92E8-4A08-8657-D38ABB1574B2}
ASUSUpdate for Eee PC-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0x7 
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Programme\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0007 -removeonly
Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE
Azurewave Wireless LAN-->C:\Programme\InstallShield Installation Information\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}\Setup.exe -runfromtemp -l0x0009 -removeonly
CCleaner (remove only)-->"C:\Programme\CCleaner\uninst.exe"
Compatibility Pack für 2007 Office System-->MsiExec.exe /X{90120000-0020-0407-0000-0000000FF1CE}
CorelDRAW Graphics Suite X4 - Capture-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF012}
CorelDRAW Graphics Suite X4 - Content-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF016}
CorelDRAW Graphics Suite X4 - Draw-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF013}
CorelDRAW Graphics Suite X4 - Filters-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF017}
CorelDRAW Graphics Suite X4 - FontNav-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF019}
CorelDRAW Graphics SUite X4 - ICA-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF010}
CorelDRAW Graphics Suite X4 - IPM-->MsiExec.exe /I{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}
CorelDRAW Graphics Suite X4 - Lang EN-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF100}
CorelDRAW Graphics Suite X4 - PP-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF014}
CorelDRAW Graphics Suite X4 - VBA-->MsiExec.exe /I{BF439B41-0252-48DE-8B8B-0430CB26A181}
CorelDRAW Graphics Suite X4-->MsiExec.exe /I{44A27085-0616-4181-A0C3-81C7ECA17F73}
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->c:\Programme\Gemeinsame Dateien\Corel\Shared\Shell Extension\Uninst.exe
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->MsiExec.exe /X{CE2DA11A-917F-4CF5-AB55-755EC115DD10}
CorelDRAW(R) Graphics Suite X4-->c:\Programme\Corel\CorelDRAW Graphics Suite X4\Setup\SetupARP.exe /arp
Easy note taker 3.0-->MsiExec.exe /I{4A19E752-56D4-4B22-BACC-256B491E8756}
Eee Instant Key-->C:\Programme\InstallShield Installation Information\{6E4DAE31-7CF3-441A-B6E5-B014D63C80CD}\setup.exe -runfromtemp -l0x0009 -removeonly
Eee Storage 1.1.15.197-->C:\Programme\Eee Storage\uninst.exe
EPSON USB Display-->C:\Programme\EPSON Projector\EPSON USB Display V1.4\EMP_UDUi.exe
ETDWare PS/2-x86 7.0.3.8 WHQL 03Sep08-->C:\Programme\Elantech\ETDUninst.exe
FLV Player 2.0 (build 25)-->D:\Software\flvplayer\FLV Player\uninst.exe
Foxit Reader-->C:\Programme\Foxit Reader\Uninstall.exe
Google SketchUp 6-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x7  -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x7  -removeonly
HijackThis 2.0.2-->"C:\Programme\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix für Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
InterVideo WinDVD-->"C:\Programme\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (German)-->MsiExec.exe /X{95120000-00AF-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works-->MsiExec.exe /I{39D0E034-1042-4905-BECB-5502909FCB7C}
Mindjet MindManager Pro 6-->MsiExec.exe /I{14583268-CF6A-4003-A3EA-0CAC77C978D3}
MindManager X5 Viewer-->MsiExec.exe /I{C4BB8237-3778-4DA8-9843-2410618F6748}
Mozilla Firefox (3.5.2)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
MyScript Notes Lite-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{A82E3AFE-0BD9-4A17-9A58-9112B5C679C5}\setup.exe" -l0x7  -removeonly
NeoTrace Express 3.25-->C:\PROGRA~1\NEOTRA~1\UNWISE.EXE C:\PROGRA~1\NEOTRA~1\INSTALL.LOG
Nero Suite-->C:\Programme\Gemeinsame Dateien\Ahead\Uninstall\setup.exe /uninstall
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NetBrute Scanner Security Suite-->C:\PROGRA~1\RAWLOG~1\NetBrute\UNWISE.EXE C:\PROGRA~1\RAWLOG~1\NetBrute\INSTALL.LOG
Panda ActiveScan 2.0-->C:\Programme\Panda Security\ActiveScan 2.0\as2uninst.exe
Password-Finder 2.1-->C:\Programme\Password-Finder\unins000.exe
PDF-XChange 3.0-->"C:\Programme\Tracker Software\PDF-XChange 3\unins000.exe"
PGP Desktop-->MsiExec.exe /X{882025A7-7599-4989-8FCD-7604FB90D6A9}
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x7  -removeonly
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Sicherheitsupdate für Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"

Alt 22.08.2009, 21:38   #38
[e+dragon]
 
braviax.exe geht nicht weg ;-( - Standard

braviax.exe geht nicht weg ;-(


Code:
ATTFilter
Sicherheitsupdate für Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Spybot - Search & Destroy-->"C:\Programme\Spybot - Search & Destroy\unins000.exe"
StarOffice 8 ASUS Edition-->MsiExec.exe /I{9510AB97-A36C-4352-8725-E72E5528FA1B}
Super Hybrid Engine-->C:\Programme\InstallShield Installation Information\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}\setup.exe -runfromtemp -l0x0009 -removeonly
TrueCrypt-->"C:\Programme\TrueCrypt\TrueCrypt Setup.exe" /u
Undelete Plus 2.97-->"C:\Programme\TouchStoneSoftware\UndeletePlus\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office Outlook 2007 (KB969907)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {74F98B24-AFBD-4800-9BD6-87D349B5C462}
Update for Outlook 2007 Junk Email Filter (kb972691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AA020E6E-E2FB-45EF-B732-2400E2296742}
Update für Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update für Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Update für Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update für Windows XP (KB951618-v2)-->"C:\WINDOWS\$NtUninstallKB951618-v2$\spuninst\spuninst.exe"
Update für Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update für Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update für Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update für Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update für Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Wichtiges Update für Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
WIDCOMM Bluetooth Software-->MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6}
Windows Live Anmelde-Assistent-->MsiExec.exe /I{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}
Windows Live Fotogalerie-->MsiExec.exe /X{A1D08B90-AE1A-4885-AC29-731496FD397E}
Windows Live installer-->MsiExec.exe /X{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}
Windows Live Mail-->MsiExec.exe /I{82F2B38B-1426-443D-874C-AC25675E7BEB}
Windows Live Messenger-->MsiExec.exe /X{2B091530-69AA-442E-AB09-39ED06B58220}
Windows Live Writer-->MsiExec.exe /X{B8D42C3A-3CFF-4A8A-A7DA-4F44474D12C5}
Windows Media Format 11 runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Programme\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Rights Management Client Backwards Compatibility SP2-->MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790}
Windows Rights Management Client with Service Pack 2-->MsiExec.exe /X{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}
WinRAR-->C:\Programme\WinRAR\uninstall.exe

======Security center information======

AV: AntiVir Desktop

======System event log======

Computer Name: EEE
Event Code: 7023
Message: Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet: 
Das angegebene Modul wurde nicht gefunden.


Record Number: 35680
Source Name: Service Control Manager
Time Written: 20090816211043.000000+120
Event Type: Fehler
User: 

Computer Name: EEE
Event Code: 7036
Message: Dienst "Anwendungsverwaltung" befindet sich jetzt im Status "Beendet".

Record Number: 35679
Source Name: Service Control Manager
Time Written: 20090816211043.000000+120
Event Type: Informationen
User: 

Computer Name: EEE
Event Code: 7035
Message: Der Steuerbefehl "starten" wurde erfolgreich an den Dienst "Anwendungsverwaltung" gesendet.

Record Number: 35678
Source Name: Service Control Manager
Time Written: 20090816211043.000000+120
Event Type: Informationen
User: EEE\Chef

Computer Name: EEE
Event Code: 7023
Message: Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet: 
Das angegebene Modul wurde nicht gefunden.


Record Number: 35677
Source Name: Service Control Manager
Time Written: 20090816211042.000000+120
Event Type: Fehler
User: 

Computer Name: EEE
Event Code: 7036
Message: Dienst "Anwendungsverwaltung" befindet sich jetzt im Status "Beendet".

Record Number: 35676
Source Name: Service Control Manager
Time Written: 20090816211042.000000+120
Event Type: Informationen
User: 

=====Application event log=====

Computer Name: EEE
Event Code: 4113
Message: AntiVir has detected 'TR/Crypt.XPACK.Gen'
in the file
C:\WINDOWS\system32\cru629.dat

Record Number: 5930
Source Name: Avira AntiVir
Time Written: 20090816181729.000000+120
Event Type: Warnung
User: NT-AUTORITÄT\SYSTEM

Computer Name: EEE
Event Code: 4113
Message: AntiVir has detected 'TR/Rootkit.Gen'
in the file
C:\WINDOWS\system32\dllcache\figaro.sys

Record Number: 5929
Source Name: Avira AntiVir
Time Written: 20090816181729.000000+120
Event Type: Warnung
User: NT-AUTORITÄT\SYSTEM

Computer Name: EEE
Event Code: 4113
Message: AntiVir has detected 'TR/Crypt.XPACK.Gen'
in the file
C:\WINDOWS\system32\cru629.dat

Record Number: 5928
Source Name: Avira AntiVir
Time Written: 20090816181729.000000+120
Event Type: Warnung
User: NT-AUTORITÄT\SYSTEM

Computer Name: EEE
Event Code: 4113
Message: AntiVir has detected 'TR/Crypt.XPACK.Gen'
in the file
C:\WINDOWS\system32\cru629.dat

Record Number: 5927
Source Name: Avira AntiVir
Time Written: 20090816181723.000000+120
Event Type: Warnung
User: NT-AUTORITÄT\SYSTEM

Computer Name: EEE
Event Code: 4113
Message: AntiVir has detected 'TR/Crypt.XPACK.Gen'
in the file
C:\WINDOWS\system32\cru629.dat

Record Number: 5926
Source Name: Avira AntiVir
Time Written: 20090816181711.000000+120
Event Type: Warnung
User: NT-AUTORITÄT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Programme\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 28 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=1c02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Programme\Java\jre1.6.0_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Programme\Java\jre1.6.0_03\lib\ext\QTJava.zip

-----------------EOF-----------------
info.txt

ciao, sven

Alt 22.08.2009, 21:50   #39
john.doe
 
braviax.exe geht nicht weg ;-( - Standard

braviax.exe geht nicht weg ;-(


Ich gebe mir solche Mühe den Rechner wieder sauber zu bekommen und du installierst Spybot.

Poste das Log von Avira mit diesen Einstellungen => http://www.trojaner-board.de/54192-a...tellungen.html

ciao, andreas
__________________
Kein Support per PN! Das ist hier ein Forum und keine Privatbetreuung!
Privatbetreuung nur gegen Bezahlung und ich koste sehr teuer.
Für alle Neuen
Anleitungen
Virenscanner
Kompromittierung unvermeidbar?

Alt 22.08.2009, 21:58   #40
[e+dragon]
 
braviax.exe geht nicht weg ;-( - Standard

braviax.exe geht nicht weg ;-(


k, mach ich.
was macht spybot denn jetzt böses?

Alt 22.08.2009, 22:34   #41
john.doe
 
braviax.exe geht nicht weg ;-( - Standard

braviax.exe geht nicht weg ;-(


http://www.trojaner-board.de/408463-post8.html (Erster Absatz)

1.) Start => Ausführen => cmd => OK
Code:
ATTFilter
sc stop JavaQuickStarterService [Enter]
sc delete JavaQuickStarterService [Enter]
exit [Enter]
2.) Starte HJT => Do a system scan only => Markiere:
Code:
ATTFilter
Alle R0, R1, O2, O3, O8 und O9-Einträge
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [MMReminderService] C:\Programme\Mindjet\MindManager 6\MMReminderService.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Verknüpfung mit lol.lnk = C:\Programme\UltraVNC\winvnc.exe
=> Fix checked => Neustart => Neues HJT-Log posten

ciao, andreas
__________________
Kein Support per PN! Das ist hier ein Forum und keine Privatbetreuung!
Privatbetreuung nur gegen Bezahlung und ich koste sehr teuer.
Für alle Neuen
Anleitungen
Virenscanner
Kompromittierung unvermeidbar?

Alt 22.08.2009, 22:37   #42
[e+dragon]
 
braviax.exe geht nicht weg ;-( - Standard

braviax.exe geht nicht weg ;-(


ok. tut mir ehrlich leid... wusste ich nicht.
mach ich morgen. muss jetzt aus machen.

danke für deine hilfe

sven

Alt 23.08.2009, 10:45   #43
[e+dragon]
 
braviax.exe geht nicht weg ;-( - Standard

braviax.exe geht nicht weg ;-(


Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:43:20, on 23/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
C:\WINDOWS\system32\PGPserv.exe
c:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\Mindjet\MindManager 6\MMReminderService.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Elantech\ETDCtrl.exe
C:\Programme\EeePC\ACPI\AsTray.exe
C:\Programme\EeePC\ACPI\AsEPCMon.exe
C:\Programme\EeePC\ACPI\AsAcpiSvr.exe
C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\igfxext.exe
C:\Programme\Brother\ControlCenter3\brccMCtl.exe
C:\Programme\Brother\Brmfcmon\BrMfcmon.exe
C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Programme\PGP Corporation\PGP Desktop\PGPtray.exe
C:\Programme\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\Programme\Avira\AntiVir Desktop\avcenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [MMReminderService] C:\Programme\Mindjet\MindManager 6\MMReminderService.exe
O4 - HKLM\..\Run: [EPSON_UD_START] "C:\Programme\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe" -UDCONNECT
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ETDWare] C:\Programme\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [AsusTray] C:\Programme\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Programme\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Programme\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - Global Startup: Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: PGPtray.exe.lnk = ?
O4 - Global Startup: SuperHybridEngine.lnk = ?
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in &Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Send to Mindjet MindManager - {531B9DC0-D8EE-4c76-A6EE-6C1E50569655} - C:\Programme\Mindjet\MindManager 6\Mm6InternetExplorer.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\PGPmapih.dll PGPmapih.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: EMP_UDSA - SEIKO EPSON CORPORATION - C:\Programme\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: PGPserv - PGP Corporation - C:\WINDOWS\system32\PGPserv.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe

--
End of file - 6957 bytes

Alt 23.08.2009, 10:57   #44
[e+dragon]
 
braviax.exe geht nicht weg ;-( - Standard

braviax.exe geht nicht weg ;-(


avira log aggressive:
Code:
ATTFilter
Avira AntiVir Personal
Report file date: 23 August 2009  08:48

Scanning for 1651917 virus strains and unwanted programs.

Licensee        : Avira AntiVir Personal - FREE Antivirus
Serial number   : 0000149996-ADJIE-0000001
Platform        : Windows XP
Windows version : (Service Pack 3)  [5.1.2600]
Boot mode       : Normally booted
Username        : SYSTEM
Computer name   : EEE

Version information:
BUILD.DAT       : 9.0.0.407           Bytes  29.07.2009 10:34:00
AVSCAN.EXE      : 9.0.3.7      466689 Bytes  05.08.2009 22:19:06
AVSCAN.DLL      : 9.0.3.0       40705 Bytes  27.02.2009 09:58:24
LUKE.DLL        : 9.0.3.2      209665 Bytes  20.02.2009 10:35:49
LUKERES.DLL     : 9.0.2.0       12033 Bytes  27.02.2009 09:58:52
ANTIVIR0.VDF    : 7.1.0.0    15603712 Bytes  27.10.2008 11:30:36
ANTIVIR1.VDF    : 7.1.4.132   5707264 Bytes  24.06.2009 21:50:03
ANTIVIR2.VDF    : 7.1.5.146   3087360 Bytes  21.08.2009 21:34:12
ANTIVIR3.VDF    : 7.1.5.149      9728 Bytes  21.08.2009 21:34:13
Engineversion   : 8.2.1.3  
AEVDF.DLL       : 8.1.1.1      106868 Bytes  02.05.2009 05:42:27
AESCRIPT.DLL    : 8.1.2.25     459130 Bytes  14.08.2009 20:40:18
AESCN.DLL       : 8.1.2.4      127348 Bytes  23.07.2009 14:18:49
AERDL.DLL       : 8.1.2.4      430452 Bytes  14.07.2009 18:19:19
AEPACK.DLL      : 8.1.3.18     401783 Bytes  28.05.2009 14:58:58
AEOFFICE.DLL    : 8.1.0.38     196987 Bytes  19.06.2009 05:54:49
AEHEUR.DLL      : 8.1.0.155   1921400 Bytes  21.08.2009 21:38:17
AEHELP.DLL      : 8.1.6.0      233846 Bytes  21.08.2009 21:34:34
AEGEN.DLL       : 8.1.1.57     356725 Bytes  21.08.2009 21:34:30
AEEMU.DLL       : 8.1.0.9      393588 Bytes  09.10.2008 13:32:40
AECORE.DLL      : 8.1.7.6      184694 Bytes  23.07.2009 14:18:45
AEBB.DLL        : 8.1.0.3       53618 Bytes  09.10.2008 13:32:40
AVWINLL.DLL     : 9.0.0.3       18177 Bytes  12.12.2008 07:47:59
AVPREF.DLL      : 9.0.0.1       43777 Bytes  05.12.2008 09:32:15
AVREP.DLL       : 8.0.0.3      155905 Bytes  20.01.2009 13:34:28
AVREG.DLL       : 9.0.0.0       36609 Bytes  05.12.2008 09:32:09
AVARKT.DLL      : 9.0.0.3      292609 Bytes  24.03.2009 14:05:41
AVEVTLOG.DLL    : 9.0.0.7      167169 Bytes  30.01.2009 09:37:08
SQLITE3.DLL     : 3.6.1.0      326401 Bytes  28.01.2009 14:03:49
SMTPLIB.DLL     : 9.2.0.25      28417 Bytes  02.02.2009 07:21:33
NETNT.DLL       : 9.0.0.0       11521 Bytes  05.12.2008 09:32:10
RCIMAGE.DLL     : 9.0.0.25    2438913 Bytes  09.06.2009 18:55:36
RCTEXT.DLL      : 9.0.37.0      86785 Bytes  17.04.2009 09:19:48

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\programme\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, G:, 
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: 23 August 2009  08:48

Starting search for hidden objects.
An ARK library instance is already running.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'winvnc.exe' - '1' Module(s) have been scanned
Scan process 'SuperHybridEngine.exe' - '1' Module(s) have been scanned
Scan process 'PGPtray.exe' - '1' Module(s) have been scanned
Scan process 'BTTray.exe' - '1' Module(s) have been scanned
Scan process 'acrotray.exe' - '1' Module(s) have been scanned
Scan process 'BrMfcMon.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'Skype.exe' - '1' Module(s) have been scanned
Scan process 'BrccMCtl.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'igfxext.exe' - '1' Module(s) have been scanned
Scan process 'BrMfcWnd.exe' - '1' Module(s) have been scanned
Scan process 'AsAcpiSvr.exe' - '1' Module(s) have been scanned
Scan process 'AsEPCMon.exe' - '1' Module(s) have been scanned
Scan process 'AsTray.exe' - '1' Module(s) have been scanned
Scan process 'ETDCTRL.EXE' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'MmReminderService.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned
Scan process 'igfxtray.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PsiService_2.exe' - '1' Module(s) have been scanned
Scan process 'PGPserv.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'iviRegMgr.exe' - '1' Module(s) have been scanned
Scan process 'EMP_UDSA.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'btwdins.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
57 processes with 57 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
    [INFO]      No virus was found!
Master boot sector HD1
    [INFO]      No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
    [INFO]      No virus was found!
Boot sector 'D:\'
    [INFO]      No virus was found!
Boot sector 'G:\'
    [INFO]      No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '76' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
    [WARNING]   The file could not be opened!
    [NOTE]      This file is a Windows system file.
    [NOTE]      This file cannot be opened for scanning.
C:\Dokumente und Einstellungen\Sven\Lokale Einstellungen\Temp\BN2C.tmp
    [DETECTION] Is the TR/Drop.FraudLo.bwx Trojan
C:\Programme\Password-Finder\PWFinder.exe
    [DETECTION] Contains recognition pattern of the SPR/PSW.PasswordFinder.21.1 program
C:\System Volume Information\_restore{95F79FDB-E509-44EE-8004-E7945B42DE1F}\RP253\A0046027.exe
    [DETECTION] Contains recognition pattern of the SPR/PSW.PasswordFinder.21.1 program
C:\WINDOWS\Installer\MSI6D.tmp
  [0] Archive type: CAB (Microsoft)
    --> _000.dat
      [WARNING]   No further files can be extracted from this archive. The archive will be closed
    [WARNING]   No further files can be extracted from this archive. The archive will be closed
Begin scan in 'D:\'
Begin scan in 'G:\' <Volume>
G:\software\corel14\CorelDraw_X4_Keygen.exe
    [DETECTION] Is the TR/Keygen.FG Trojan
G:\software\corel14\CorelDraw_X4_Keygen.rar
  [0] Archive type: RAR
    --> CorelDraw_X4_Keygen.exe
      [DETECTION] Is the TR/Keygen.FG Trojan

Beginning disinfection:
C:\Dokumente und Einstellungen\Sven\Lokale Einstellungen\Temp\BN2C.tmp
    [DETECTION] Is the TR/Drop.FraudLo.bwx Trojan
    [WARNING]   An error has occurred and the file was not deleted. ErrorID: 26004
    [WARNING]   The source file could not be found.
    [NOTE]      Attempting to perform action using the ARK library.
    [WARNING]   Error in ARK library
    [NOTE]      The file is scheduled for deleting after reboot.
C:\Programme\Password-Finder\PWFinder.exe
    [DETECTION] Contains recognition pattern of the SPR/PSW.PasswordFinder.21.1 program
    [WARNING]   An error has occurred and the file was not deleted. ErrorID: 26004
    [WARNING]   The source file could not be found.
    [NOTE]      Attempting to perform action using the ARK library.
    [WARNING]   Error in ARK library
C:\System Volume Information\_restore{95F79FDB-E509-44EE-8004-E7945B42DE1F}\RP253\A0046027.exe
    [DETECTION] Contains recognition pattern of the SPR/PSW.PasswordFinder.21.1 program
    [WARNING]   An error has occurred and the file was not deleted. ErrorID: 26004
    [WARNING]   The source file could not be found.
    [NOTE]      Attempting to perform action using the ARK library.
    [WARNING]   Error in ARK library
    [NOTE]      The file is scheduled for deleting after reboot.
G:\software\corel14\CorelDraw_X4_Keygen.exe
    [DETECTION] Is the TR/Keygen.FG Trojan
    [NOTE]      The file was moved to '4b030e13.qua'!
G:\software\corel14\CorelDraw_X4_Keygen.rar
    [NOTE]      The file was moved to '4a8fe084.qua'!


End of the scan: 23 August 2009  11:36
Used time:  1:45:40 Hour(s)

The scan has been done completely.

   8428 Scanned directories
 416437 Files were scanned
      5 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      0 files were deleted
      0 Viruses and unwanted programs were repaired
      2 Files were moved to quarantine
      0 Files were renamed
      1 Files cannot be scanned
 416431 Files not concerned
  14170 Archives were scanned
      6 Warnings
      6 Notes

Alt 23.08.2009, 10:59   #45
[e+dragon]
 
braviax.exe geht nicht weg ;-( - Standard

braviax.exe geht nicht weg ;-(


um noch mal auf spybot zurück zukommen,
für die entfernung (eure arbeit) ist also nur der teatimer behindernt (schädlich)?
dann spricht also nichts dagegen die anderen funktionen von spybot weiterhin zu nutzen nehme ich an.

tut mir leid dass ich dir noch extra arbeit verschafft habe. wollte ich wirklich nicht.
ciao sven

Antwort
Seite 3 von 4 12 3 4

Themen zu braviax.exe geht nicht weg ;-(
1.tmp, 8.tmp, anti-malware, antispyware, autostart, center, computer, dateien, disabled.securitycenter, dllcache, einstellungen, google, infected, infiziert, log, malware.trace, microsoft, programme, refog.keylogger, regedit, registrierungsschlüssel, security, software, system, system volume information, taskleiste, temp, trojan.agent, trojan.downloader, trojan.fakealert, trojan.killav, viren, virus, windows\temp


« Googleergebnisse auf windowsclick umgeleitet | Avast! warnt vor JS:Downloader-DO »


Ähnliche Themen: braviax.exe geht nicht weg ;-(


  1. USB Maus geht nicht mehr - neue Maus geht nach 2 Tagen auch nicht mehr!
    Netzwerk und Hardware - 26.10.2015 (4)
  2. Booten langsam, Drucker geht...geht nicht,Programme öffnen geht...geht nicht
    Plagegeister aller Art und deren Bekämpfung - 25.06.2015 (19)
  3. Auf ein mal mehrere Probleme: Datein nicht zu öffnen, youtube geht nicht, Download geht nicht...
    Plagegeister aller Art und deren Bekämpfung - 28.02.2015 (20)
  4. lollipop geht nicht zu deinstallieren und mein pc geht neuerdings immer aus, der akku ist dann auf 0%
    Plagegeister aller Art und deren Bekämpfung - 24.02.2014 (1)
  5. Windows 8 startet nicht, da Anmeldung nicht moeglich! Tastatur geht nicht.
    Plagegeister aller Art und deren Bekämpfung - 13.07.2013 (25)
  6. Win7 herunterfahren Button reagiert nicht, strg+alt+entf geht nicht mehr & cmd.exe geht nicht auf
    Plagegeister aller Art und deren Bekämpfung - 15.12.2011 (25)
  7. Problem! Kabel-Internet geht nicht, WLAN geht!
    Plagegeister aller Art und deren Bekämpfung - 16.08.2010 (1)
  8. Braviax entfernt - login mit sofortigem logout
    Plagegeister aller Art und deren Bekämpfung - 06.10.2009 (2)
  9. figaro.sys, beep.sys, braviax.exe, wisdstr.exe Befall
    Plagegeister aller Art und deren Bekämpfung - 03.09.2009 (15)
  10. Trojaner Flut ist über meinen Rechner geschwappt! braviax.exe, Rootkin.gen & co.
    Plagegeister aller Art und deren Bekämpfung - 27.08.2009 (42)
  11. Firefox, opera, internet explorer geht nicht, aber ICQ geht
    Netzwerk und Hardware - 05.08.2009 (9)
  12. Firefox geht nicht,ICQ geht??
    Alles rund um Windows - 07.02.2009 (3)
  13. Problem mit Braviax exe
    Plagegeister aller Art und deren Bekämpfung - 19.08.2008 (29)
  14. Internet geht auf einem PC nicht mehr, Laptop (am gleichen Router angeschlossen) geht
    Plagegeister aller Art und deren Bekämpfung - 04.12.2007 (0)
  15. Maus geht nicht mehr java geht nicht mehr...
    Log-Analyse und Auswertung - 05.09.2007 (3)
  16. Internet geht mal und mal geht es nicht
    Log-Analyse und Auswertung - 24.08.2007 (3)
  17. Firewall geht nicht und Internet geht nur manchmal
    Log-Analyse und Auswertung - 29.07.2007 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema braviax.exe geht nicht weg ;-( - oioioi... das ist aber viel stoff. XD das mit den kursen hört sich ziemlich interessant an, weiß aber nicht ob ich die ausreichende zeit dafür finde... bei mir zieht sich - braviax.exe geht nicht weg ;-(...
Archiv
Du betrachtest: braviax.exe geht nicht weg ;-( auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131