Hallo!
Ich habe seit ca 3 Tagen ein Virenprobelm und zwar werde ich bei Googlesuchen, wenn ich auf die resultate klicke, zu einer Seite topwebsearch.biz umgeleitet. Natürlich sofort Spybot drüberlaufen gelassen und der hat den Trojaner Virtumonde.sdn gefunden und anscheinend auch gelöscht. Jedoch besteht das problem noch immer. Also hab ich MBAM drüberlaufen lassen und Auch schon mal mit RSIT ein Log erstellt. Es wäre nett wenn ihr mein System säubern könntet, da ich keine Möglichkeit zur Neuinstallation habe . Hier Nun die Logs:
MBAM:

Code: Alles auswählenAufklappen

ATTFilter

Malwarebytes' Anti-Malware 1.43
Datenbank Version: 3503
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18865

09.01.2010 10:47:53
mbam-log-2010-01-09 (10-47-53).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 501433
Laufzeit: 15 hour(s), 22 minute(s), 51 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 2
Infizierte Verzeichnisse: 0
Infizierte Dateien: 5

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
C:\Windows\System32\csrsrv32.dll (Trojan.Tracur) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Tracur) -> Data: c:\windows\system32\csrsrv32.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Tracur) -> Data: system32\csrsrv32.dll -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Windows\System32\csrsrv32.dll (Trojan.Tracur) -> Delete on reboot.
C:\Users\Pol\AppData\Local\Temp\B8B6.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Pol\AppData\Local\Temp\CA60.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Pol\Documents\LimeWire\Saved\uk2000 gatwick xtreme crack 100% working cracked release by Under SEH Team\patch.[Under SEH Team].exe (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Users\Pol\Documents\LimeWire\Saved\uk2000 gatwick xtreme crack 100% working cracked release by Under SEH Team\setup.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
         

RSIT info.txt:

Code: Alles auswählenAufklappen

ATTFilter

info.txt logfile of random's system information tool 1.06 2010-01-09 10:52:54

======Uninstall list======

-->MsiExec /X{EFC1B35C-FFF2-41D8-A70A-CE6037F8040B}
7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
ACDSee 8-->MsiExec.exe /I{AA2E6BFE-4351-481C-A720-47CB3506570B}
Acer Arcade Live Main Page-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\SETUP.exe"  -uninstall
Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\x86\eDSnstHelper.exe -Operation UNINSTALL
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c  -removeonly
Acer ePerformance Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D462BF9E-0C35-4705-BF9B-3DF9F3816643}\setup.exe" -l0x40c  -removeonly
Acer eSettings Management-->"C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -runfromtemp -l0x040c -removeonly
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9  -removeonly
Acer SlideShow DVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41581EF5-45A7-11DA-9D78-000129760D75}\SETUP.exe"  -uninstall
Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x40c  -removeonly
Aces High-->D:\ACESHI~1\UNWISE.EXE D:\ACESHI~1\INSTALL.LOG
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
ActiveSky Version 6 and ActiveSky Graphics-->MsiExec.exe /X{6C06AC26-DBD1-46E5-9863-33E7633566E5}
Ad-Aware-->"C:\ProgramData\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe
Addictive Drums Demo-->C:\Windows\unvise32.exe D:\XLN Audio\Addictive Drums Demo\uninstal.log
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\5f143314a5d434c8511097393d17397\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{29F05234-DCBB-4FE0-88DC-5160C9250312}
Adobe Reader 8.1.6 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Setup-->MsiExec.exe /I{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}
Adobe Shockwave Player 11.5-->C:\Windows\system32\Adobe\uninstaller.exe
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
aerosoft's - Carenado Cessna 206-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57F7B268-F252-450A-BA96-675F14760CAB}\Setup.exe"  -uninst 
aerosoft's - German Aiports 4 - Version 3.2 Update - FS2004-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B0000B7-89C7-49FD-B9CC-139CA2456822}\Setup.exe"  -uninst 
aerosoft's - German Airports 2 - Cologne-Bonn  - FS2004-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{46464A5D-7D14-41E3-9C26-E3C186F37D84}\Setup.exe"  -uninst 
aerosoft's - German Airports 2 - Dortmund-->C:\Program Files\InstallShield Installation Information\{3ABDFABB-FA48-4BCA-9ECC-3EFC1E5143D2}\setup.exe -runfromtemp -l0x0007 -uninst -removeonly
aerosoft's - German Airports 3 - FS2004-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECE1939E-3491-409E-87B7-E7DF65E7B909}\Setup.exe"  -uninst 
aerosoft's - German Airports 3 - Hamburg-->C:\Program Files\InstallShield Installation Information\{D234EAC0-7D49-492F-97EC-8FA09FD7C1C4}\setup.exe -runfromtemp -l0x0007 -removeonly
aerosoft's - German Airports 4 - FS2004-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{674D3526-6B4F-468A-9802-1130A39B1562}\Setup.exe"  -uninst 
aerosoft's - London Heathrow 2008-->C:\Program Files\InstallShield Installation Information\{C0A6901F-C919-47A3-A4D9-E2056314086B}\setup.exe -runfromtemp -l0x0007 -uninst -removeonly
aerosoft's - Madrid 2008-->C:\Program Files\InstallShield Installation Information\{0FC39141-1BB8-4C29-9D74-A6710131B74F}\setup.exe -runfromtemp -l0x0007 -uninst -removeonly
aerosoft's - Mega Airport Frankfurt - FS2004-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34BDC9DA-9320-491C-AA40-B0D98A0EBA9C}\Setup.exe"  -uninst 
aerosoft's - Mega Airport Paris CDG-->C:\Program Files\InstallShield Installation Information\{51D199F4-5593-4BC9-B2A5-BB1CDE0C894A}\setup.exe -runfromtemp -l0x0007 -removeonly
aerosoft's - Scenery Germany - Bremen-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19590C2B-8710-4DEB-BEC9-75491179BE7D}\Setup.exe"  -uninst 
aerosoft's - Scenery Germany 3 - FS2004-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48209CA1-7163-43AB-B55C-23C3BB431CFA}\Setup.exe"  -uninst 
AFG Pilatus PC-12, Executive Version-->MsiExec.exe /X{02D86680-B4B2-4EB4-AAE7-3E6D8A76D919}
Age of Mythology - The Titans Expansion-->"D:\Microsoft Games\Age of Mythology\UNINSTXP.EXE" /runtemp /addremove
Age of Mythology-->"D:\Microsoft Games\Age of Mythology\UNINSTAL.EXE" /runtemp /addremove
AGEIA PhysX v7.07.24-->MsiExec.exe /X{EFC1B35C-FFF2-41D8-A70A-CE6037F8040B}
AH Hurricane for Fs2004-->D:\Microsoft Games\Flight Simulator 9\Uninstal.exe
Airport-Control 2.0.4-->"D:\Airport-Control\unins000.exe"
America's Army 3 Dedicated Server-->"D:\Steam\steam.exe" steam://uninstall/13180
America's Army Deploy Client-->MsiExec.exe /I{6D6204C8-6B1D-4FBA-ADA9-CB6DFF9BF80D}
America's Army-->MsiExec.exe /I{D873FA4B-C374-4F8A-8D9A-130DB56FAB16}
AnalogX Vocal Remover-->D:\REAPER\Plugins\FX\AnalogX\VocalRemover\vremu.exe
Apple Application Support-->MsiExec.exe /I{B607C354-CD79-4D22-86D1-92DC94153F42}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ASIO4ALL-->D:\ASIO4ALL v2\uninstall.exe
ASRC-->MsiExec.exe /I{D29D8FBE-A510-4071-834B-ADBB4C5C475C}
Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
ATCsimulator2 by AEROSOFT Corporation-->C:\WINDOWS\st6unst.exe -n "D:\ATCsimulator2\ST6UNST.LOG"  
Audacity 1.2.6-->"D:\Audacity\unins000.exe"
AutoIt v3.3.0.0-->D:\AutoIt3\Uninstall.exe
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
Babylon-->D:\Babylon\Babylon-Pro\Utils\uninstbb.exe
Black and White-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}\Setup.exe" 
Blender (remove only)-->"D:\Blender\uninstall.exe"
Boeing 737 Fuel Planner-->D:\Microsoft Games\Flight SImulator 9\Uninstal.exe
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Borland Delphi 7-->MsiExec.exe /I{72263053-50D1-4598-9502-51ED64E54C51}
BVE Uchibo Line-->MsiExec.exe /I{9BD8D527-A96C-46DB-B076-48D34189B372}
CamSpace-->D:\CamSpace\uninstall.exe
Camtasia Studio 3-->D:\TechSmith\Camtasia Studio 3\CSuninst.EXE
capella start 6.0-->MsiExec.exe /I{21A56373-3FCA-47D1-9F6A-EC4EDC937545}
CARENADO PA-34 200T SENECA II FS9-->D:\Microsoft Games\Flight Simulator 9\Unin Seneca.exe
Catalyst Control Center - Branding-->MsiExec.exe /I{FA3A247D-437A-455E-A88F-7EB6E5F9E799}
CCleaner-->"D:\CCleaner\uninst.exe"
Cheat Engine 5.5-->"D:\Cheat Engine\unins000.exe"
Cirrus SR20 V2 Six by GK-->"D:\Microsoft Games\Flight Simulator 9\Uninstall.exe" "D:\Microsoft Games\Flight Simulator 9\install.log"
Claustrosphere 1.0-->"D:\Claustrosphere\unins000.exe"
Consolas Font Family-->MsiExec.exe /I{6AE22174-4FFA-4572-B692-31F0C386ED38}
Crazy Machines II-->MsiExec.exe /X{112B0ED9-57F8-4883-8E6A-5BEAABDABBC1}
Cucusoft YouTube Mate 7.17-->"D:\YouTube-Mate\unins000.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
Easy Clearance 3 3.3.1.0574-->D:\Easy Clearance 3\EC3 Uninstall.exe
EuroScope 3.1-->MsiExec.exe /I{76811F44-3A1E-4C51-A386-0EEEEC7E72FE}
FileZilla Client 3.0.11-->D:\FileZilla FTP Client\uninstall.exe
Finale NotePad 2008-->d:\Finale NotePad 2008\uninstallNP.exe
Firebird 2.1.0.16780 (Win32)-->"C:\Program Files\Firebird\Firebird_2_1\unins000.exe"
Flight Simulator 2004 BGLComp SDK-->MsiExec.exe /I{12BE408B-65A7-4A5E-90BC-28965F7F08C9}
Flight Simulator 2004 MakeMDL SDK-->MsiExec.exe /I{C930AEE5-A589-4641-B7A6-9542DD9BADFC}
Flight Strip Tool - IVAO EDGG_NW_CTR 1.2-->D:\Flight Strip Tool - IVAO\Uninstall EDGG_NW_CTR.exe
Flight Strip Tool - IVAO v.2.0.1.4428-->D:\Flight Strip Tool - IVAO\Uninstall FST.exe
Follow Me Multiplayer-->D:\Microsoft Games\Flight Simulator 9\Uninstal.exe
FPtoFMC 1.0.17-->"D:\FPtoFMC\unins000.exe"
Fraps (remove only)-->"D:\Fraps\uninstall.exe"
Freedom Fighters-->D:\EAGAME~1\FREEDO~1\UNWISE.EXE D:\EAGAME~1\FREEDO~1\INSTALL.LOG
FreeZ-->D:\Microsoft Games\Flight Simulator 9\FreeZ_Uninstall.exe
Frets On Fire-->"D:\Frets on Fire\Uninstall.exe"
Fritz und Fertig 2-->MsiExec.exe /X{F2EA4729-0B23-4B1E-A98B-DFCBAAC52887}
FS Flight Keeper-->MsiExec.exe /I{E156C1B8-19A7-41DD-B546-67107E0EC6E3}
FS Recorder 1.32 for FS2004-->MsiExec.exe /X{3EE09884-34CC-46EA-B316-5ECB0427E4C7}
FS Texture Converter-->D:\FSTEXT~1\UNWISE.EXE D:\FSTEXT~1\INSTALL.LOG
FS Water-->C:\Windows\iun6002.exe "D:\Microsoft Games\Flight Simulator 9\FSWater_10.ini"
FS2004 Night Time-->MsiExec.exe /I{11A8A988-19DD-4878-B146-D0E50C5838D5}
FS9-->%windir%\system32\sdbinst.exe -u "C:\Windows\AppPatch\Custom\{304c437b-71f2-4394-b78b-63040d483a75}.sdb"
FSacars-->MsiExec.exe /I{FFC78FC9-2FE6-4648-BFEB-446C61C2D61E}
FSDreamTeam Geneva FS9 1.1-->"D:\Microsoft Games\Flight Simulator 9\unins002.exe"
FSDreamTeam JFK FS9 1.0.2-->"D:\Microsoft Games\Flight Simulator 9\unins000.exe"
FSDreamTeam Ohare9 1.1.1-->"D:\Microsoft Games\Flight Simulator 9\unins001.exe"
FSFDT FSCopilot-->D:\FSFDT\uninstallFSCopilot.exe
FSFDT FSInn-->D:\FSFDT\uninstallFSInn.exe
FSMap-->MsiExec.exe /I{E1ED340E-329C-4EDE-BF9E-F1B91F03368A}
FSNavigator-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F76FF6D-B992-4FD9-8686-F09F868B2C58}\Setup.exe" -l0x9 
FSRepaint V2.10 Demo-->MsiExec.exe /I{C6CAE267-995E-4200-88F6-1D087A565F2D}
Game Develop 1.1-->"D:\Compil Games\Game Develop\unins000.exe"
Garmin G1000 for Microsoft Flight Simulator-->MsiExec.exe /I{5293CD0A-BED0-46D9-81F7-F19C4A8C3810}
Ghost Recon Advanced Warfighter-->C:\Program Files\InstallShield Installation Information\{EFC97089-04D6-42CE-A707-A343B4A7D2CD}\setup.exe -runfromtemp -l0x0007 -removeonly
GIMP 2.6.4-->"D:\GIMP-2.0\setup\unins000.exe"
Gmax Academy Mirage 2000C-->D:\Microsoft Games\Flight Simulator 9\Uninstal.exe
gmax-->MsiExec.exe /X{3FA7A919-87DA-42B1-814B-86DE8DCA17C2}
Gndmaker-->MsiExec.exe /I{CD262F2C-E985-4A55-86D7-C677CAFF6DBB}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google*Earth-->MsiExec.exe /X{C084BC61-E537-11DE-8616-005056806466}
GPL Ghostscript 8.70-->D:\GhostScript\uninstgs.exe "D:\GhostScript\gs8.70\uninstal.txt"
Ground Environment Professional-->D:\Flight One Software\GEProUninstal.exe
Ground2K4-->C:\Windows\IsUninst.exe -fD:\Ground2K4\Uninst.isu
GTK+ Runtime 2.14.7 rev a (nur entfernen)-->D:\Common Files\GTK\2.0\uninst.exe
Guitar Pro 5.2-->"C:\Program Files\Guitar Pro 5\unins000.exe"
HijackThis 2.0.2-->"D:\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB945282)-->C:\Windows\system32\msiexec.exe /package {D5A7D7AB-3093-3619-9261-74DB250ECF7B} /uninstall  /qb+ REBOOTPROMPT=""
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB946040)-->C:\Windows\system32\msiexec.exe /package {D5A7D7AB-3093-3619-9261-74DB250ECF7B} /uninstall  /qb+ REBOOTPROMPT=""
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB946308)-->C:\Windows\system32\msiexec.exe /package {D5A7D7AB-3093-3619-9261-74DB250ECF7B} /uninstall  /qb+ REBOOTPROMPT=""
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB947540)-->C:\Windows\system32\msiexec.exe /package {D5A7D7AB-3093-3619-9261-74DB250ECF7B} /uninstall  /qb+ REBOOTPROMPT=""
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB947789)-->C:\Windows\system32\msiexec.exe /package {D5A7D7AB-3093-3619-9261-74DB250ECF7B} /uninstall  /qb+ REBOOTPROMPT=""
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB948127)-->C:\Windows\system32\msiexec.exe /package {D5A7D7AB-3093-3619-9261-74DB250ECF7B} /uninstall  /qb+ REBOOTPROMPT=""
HP Print Diagnostic Utility-->MsiExec.exe /I{5E06C076-E4E7-4239-A886-B3D8AC84C166}
HydraIRC-->"D:\HydraIRC\uninstall.exe"
ICQ 6.5 Build #1042 Banner Remover 1.2-->"D:\ICQ-Banner-Remover\unins000.exe"
ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
iFly 747-400 Service Pack 3-->MsiExec.exe /I{73C59104-74E1-453B-9813-1D05F5AF4CBE}
iFly 747-400-->MsiExec.exe /I{CD5EDC95-46C4-4008-8513-3BA826EAC374}
IL-2 Sturmovik: Forgotten Battles-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3} /l1036 
ImageSkill Background Remover 2(remove only)-->"C:\Program Files\Adobe\Adobe Photoshop CS3\Plug-Ins\ImageSkill\Background Remover\uninstall.exe"
Inkscape 0.46-->d:\Inkscape\Uninstall.exe
InnoTek VirtualBox-->MsiExec.exe /I{B59FE77B-738F-4F1C-AB48-3104895AF676}
INSPECTOR-->C:\Program Files\InstallShield Installation Information\{E2A92E7F-8039-4FA8-8334-B751B3724FB8}\setup.exe -runfromtemp -l0x0009 -removeonly
Install Creator-->D:\Install Creator\Uninstal.exe
iPhone-Konfigurationsprogramm-->MsiExec.exe /I{FA54AFB1-5745-4389-B8C1-9F7509672ED1}
IrfanView (remove only)-->D:\IrfanView\iv_uninstall.exe
iTunes-->MsiExec.exe /I{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}
IvAc v1.1.12 (b183)-->"C:\Program Files\IVAO\IvAc\unins000.exe"
IvAe v1.0.4 (b322)-->"D:\IvAe\unins000.exe"
IvAi v1.0.0 b150-->"D:\IvAi\unins000.exe"
IvAp v1.3.8 (b2150)-->"C:\Program Files\IVAO\IvAp\unins000.exe"
Jahplayer-->D:\Jahplayer\uninst-jahplayer.exe
Jahshaka-->D:\Jahshaka\uninst-jahshaka.exe
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Knights Of Honor-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7911C404-9AFA-4BB2-B9B7-E47423D87528}\setup.exe" -l0x7 
KraMixer DJ Software 1.0.3.3-->"D:\KraMixer\unins000.exe"
L&H TTS3000 Deutsch-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\LHTTSGED.inf, Uninstall
Landscape Germany Landclass-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AF7362B6-BD39-4848-A991-3BA4319444AC}\Setup.exe" 
Landscape Germany Mesh-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93E61AF4-29C4-11D9-A9CC-0080AD30B67D}\Setup.exe" 
Landscape Germany Rivers-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C87E5016-201A-11D9-A9CC-0080AD30B67D}\Setup.exe" 
LastChaos-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{99A37AC7-E724-4621-B167-500B5A52B69C}\setup.exe" -l0x9  -removeonly
Lernout & Hauspie TruVoice American English TTS Engine-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\tv_enua.inf, Uninstall
Level-D Simulations 767-300 Update-->C:\Windows\iun6002.exe "D:\Microsoft Games\Flight Simulator 9\763v21.ini"
Level-D Simulations 767-300-->C:\Windows\iun6002.exe "D:\Microsoft Games\Flight Simulator 9\763v2.ini"
LevelR-->MsiExec.exe /I{17E864E1-AB1A-4D8D-891D-4A5B64C2A4B9}
LimeWire 5.3.6-->"D:\LimeWire\uninstall.exe"
LineIn plugin for WinAMP v1.80 (remove only)-->"D:\Winamp\Plugins\uninstlinein.exe"
Logbuch 1.2-->D:\Logbuch\uninst.exe
Logitech Audio Echo Cancellation Component-->MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech QuickCam-->MsiExec.exe /X{31C50740-FC5A-4C6C-B91B-E3B5DFADC824}
Logitech Video Enumerator-->MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}
LogMeIn Hamachi-->C:\Windows\system32\\msiexec.exe /i {067EC517-9731-43FD-B4D5-296EE0027BBB} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{067EC517-9731-43FD-B4D5-296EE0027BBB}
London Control-->MsiExec.exe /I{E2F1B35F-7C8A-41F4-8248-F5CF9ABD7261}
LuxRender-->"D:\LuxRender v0.5\uninstall.exe"
Macromedia Extension Manager-->MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
MagicDisc 2.7.106-->D:\MAGICD~1\UNWISE.EXE D:\MAGICD~1\INSTALL.LOG
MAGIX Foto Manager-->D:\Foto_Manager\instslct.exe
MAGIX music maker 2006-->D:\MusicMaker2006\instslct.exe
MAGIX Music Manager-->D:\Music_Manager\instslct.exe
MAGIX Online Druck Service-->C:\PROGRA~1\MAGIXO~1\\UNWISE.EXE C:\PROGRA~1\MAGIXO~1\\INSTALL.LOG
Malwarebytes' Anti-Malware-->"D:\Malwarebytes' Anti-Malware\unins000.exe"
Maps2Bgl 1.8b Beta FS9/FSX-Version-->"D:\Maps2Bgl\unins000.exe"
Matrix Flight Planner-->MsiExec.exe /I{16DF352C-70D0-4AE3-BAF8-328C25E62A33}
McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
Mediachase Screen Capture-->MsiExec.exe /I{FDEC8D4C-FF2B-4F10-BF1E-4AEDCB98D4A9}
Messenger Plus! Live-->"D:\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Application Compatibility Toolkit 5.0-->MsiExec.exe /X{BBB3F622-D848-4CDA-B282-CC53627432F0}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Flight Simulator 2004 - Das Jahrhundert der Luftfahrt-->"D:\Microsoft Games\Flight Simulator 9\UNINSTAL.EXE" /runtemp /addremove
Microsoft Flight Simulator 2004 gmax SDK-->MsiExec.exe /I{C02567F1-EC4F-4A58-8D1B-473A73B475D2}
Microsoft Flight Simulator 2004 Terrain SDK-->MsiExec.exe /I{424D5482-331D-4606-A770-DD4D17A6938E}
Microsoft Flight Simulator SimConnect Client v10.0.60905.0-->MsiExec.exe /I{D1AC9B0B-2727-4811-91DC-1FC3C4E47A9B}
Microsoft Flight Simulator X Demo-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{B98A34C0-A6A2-4087-B272-557C1C6D0A07} 
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{A1C962E2-2426-49C6-A38B-9A07E40D607C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Speech Recognition Engine 4.0 (English)-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\mscsrgpc.inf, Uninstall.NT
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft SQL Server 2008 Management Objects-->MsiExec.exe /I{F5E87B12-3C27-452F-8E78-21D42164FD83}
Microsoft SQL Server Compact 3.5 Design Tools DEU-->MsiExec.exe /X{E32260E7-0B10-43C7-9B77-AB9F4184676D}
Microsoft SQL Server Compact 3.5 DEU-->MsiExec.exe /I{159098AF-4EB8-4C10-B0C6-24CDA32B45F9}
Microsoft Virtual PC 2007-->MsiExec.exe /X{8A7CAA24-7B23-410B-A7C3-F994B0944160}
Microsoft Visual C# 2008 Express Edition - DEU-->C:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual C# 2008 Express Edition - DEU\setup.exe
Microsoft Visual C# 2008 Express Edition - DEU-->MsiExec.exe /X{52061908-F94F-3D78-AA50-B956039C845D}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU-->C:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual C++ 2008 Express Edition with SP1 - DEU\setup.exe
Microsoft Visual C++ 2008 Express Edition with SP1 - DEU-->MsiExec.exe /X{D5A7D7AB-3093-3619-9261-74DB250ECF7B}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries-->MsiExec.exe /X{842FAF7C-50EF-4463-9B8F-6222E1384D7D}
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu-->MsiExec.exe /X{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32-->MsiExec.exe /X{044F9133-B8D7-4d11-BF39-803FA20F5C8B}
Microsoft Word 2002-->MsiExec.exe /I{911B0407-6000-11D3-8CFE-0050048383C9}
Microsoft Works Suite-Add-Ins für Microsoft Word-->MsiExec.exe /I{4EAD2E21-1D4A-4E2B-A082-8D08961539C9}
Microsoft Works-->MsiExec.exe /I{5B680750-760B-49E4-81E7-21B2B337F9F7}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
Microsoft XNA Framework Redistributable 3.0 (CTP)-->MsiExec.exe /I{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}
Microsoft XNA Game Studio 3.0 (CTP) (ARP entry)-->MsiExec.exe /I{E1D78366-91DA-4AD0-B417-28155743CC22}
Microsoft XNA Game Studio 3.0 (CTP) (Redists)-->MsiExec.exe /I{0DC16794-7E69-4534-82FA-9DD0500FF338}
Microsoft XNA Game Studio 3.0 (CTP) (shared components)-->MsiExec.exe /I{AF9BDE67-11A5-449A-B9F0-BE572A093DDB}
Microsoft XNA Game Studio 3.0 (CTP) (vcsexpress)-->MsiExec.exe /I{3BA37E38-B53D-4520-B8DA-1DD62AD3A74E}
Microsoft XNA Game Studio 3.0 (CTP) (xnaliveproxy)-->MsiExec.exe /I{DFB81F19-ED3A-4DA5-AFE4-1B999E2A8DC5}
Microsoft XNA Game Studio 3.0 (CTP) Documentation-->MsiExec.exe /I{7FD30AE7-281D-455F-AF9F-0C6C5E334EAD}
Microsoft XNA Game Studio 3.0 (CTP)-->C:\Program Files\Microsoft XNA\XNA Game Studio\v3.0\Setup\Bootstrapper.exe
Mise à jour Microsoft Office Excel 2007 Help  (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help  (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
MobileMe Control Panel-->MsiExec.exe /I{3AC54383-31D1-4907-961B-B12CBB1D0AE8}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.7)-->D:\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.22)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser und SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
msxml4-->MsiExec.exe /X{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}
MVision-->MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
Nmap 4.85BETA7-->"D:\Nmap\uninstall.exe"
No23Live-->MsiExec.exe /X{FA04D378-5E12-4772-A194-870FF0F83C23}
Notepad++-->d:\Notepad++\uninstall.exe
NTI Backup NOW! 4.7-->C:\Program Files\InstallShield Installation Information\{1598034D-7147-432C-8CA8-888E0632D124}\setup.exe -runfromtemp -l0x040c
NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
NVIDIA Drivers-->C:\Windows\system32\nvunrm.exe UninstallGUI
Nvu 1.0-->d:\Nvu\unins000.exe
Oblivion - Knights of the Nine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14C87AA7-08E6-419F-A165-998EBE5023D7}\setup.exe" -l0x9  -removeonly
Oblivion - Spell Tomes-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{16D919E6-F019-4E15-BFBE-4A85EF19DA57}\setup.exe" -l0x9  -removeonly
Oblivion - Wizard's Tower-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F2E3D62-8B8C-448F-8900-451325E50948}\setup.exe" -l0x9  -removeonly
Oblivion-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x7  -removeonly
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenLibraries-->d:\OpenLibraries\uninst-openlibraries.exe
Opera 9.62-->MsiExec.exe /X{D9226EB1-C528-48AC-B423-BD9240E1F60B}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Overland - MD-11 Free Aircraft for FS2004-->MsiExec.exe /I{D6360518-AE17-4195-BA1C-5887C1DFDAFE}
PanoramaStudio 1.6SE (deinstallieren)-->"D:\PanoramaStudioSE\uninstall.exe"
Passwort-Spion-->"C:\Windows\UNISTB32.EXE" /U "D:\Passwort_Spion\UNINST.IS0" "D:\Passwort_Spion\UNINST.IS1"
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
pdfforge Toolbar v1.0-->MsiExec.exe /X{B8B0FC8B-E69B-4215-AF1A-4BDFF20D794B}
PFPortChecker 1.0.28-->D:\PFPortChecker\uninst.exe
Picasa 3-->"C:\Program Files\Picasa2\Uninstall.exe"
PicNic-->D:\PicNic\Uninstal.exe
PictureResizer-->d:\Picture\Uninstall.exe
Pidgin-->D:\Pidgin\pidgin-uninst.exe
Pingus-->D:\Pingus\Uninstall.exe
PMDG MD-11 FS9-->C:\Program Files\InstallShield Installation Information\{8BA8CE06-0C92-4A44-9924-2614DCD77F20}\setup.exe -runfromtemp -l0x0009 -removeonly
PMDGMD11_FS9_GEF_LHF-->C:\Program Files\InstallShield Installation Information\{13D02E8A-E73B-409B-BA87-C3457483F100}\setup.exe -runfromtemp -l0x0009 -removeonly
PokerTH-->D:\PokerTH\uninstall.exe
PowerISO-->"D:\PowerISO\uninstall.exe"
proDAD Vitascene c't-Edition 1.0-->"D:\proDAD\Vitascene-1.0\uninstall.exe" uninstall spcp PATHVERSION 1.0 MAINNAME Vitascene
Programme de gestion Camera de Logitech®-->"C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
PSPad editor-->"D:\PSPad editor\Uninst\unins000.exe"
PSS Boeing 777 Multipack-->C:\Windows\iun6002.exe "D:\Microsoft Games\Flight Simulator 9\pss777_irunin.ini"
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Python 2.5.2-->MsiExec.exe /I{6B976ADF-8AE8-434E-B282-A06C7F624D2F}
Qtpfsgui 1.9.2-->"D:\Qtpfsgui\unins000.exe"
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Ray Adams ATI Tray Tools-->"C:\Program Files\Ray Adams\ATI Tray Tools\uninstall.exe"
Real Environment Xtreme FS2004-->MsiExec.exe /I{46559469-7C15-49F4-BB76-21480BE1BEF4}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
REAPER-->"D:\REAPER\Uninstall.exe"
Re-Mission-->C:\Program Files\InstallShield Installation Information\{ECE153E7-AC17-4468-B21F-07B8D5AF7D36}\setup.exe -runfromtemp -l0x040c -removeonly
Remove UK2000 Gatwick Xtreme files-->C:\Windows\iun506.exe D:\Microsoft Games\Flight Simulator 9\UK2000 scenery\UK2000 Gatwick Xtreme\irunin.ini
RouteBuilder 1.4-->D:\RouteBuilder\unins000.exe
Sam and Max - Season One - Sam and Max Episode 104 - Abe Lincoln Must Die!-->D:\Sam and Max - Season One\Uninstall Episode 104 - Abe Lincoln Must Die.exe
SAM Broadcaster (remove only)-->"D:\SpacialAudio\SAMBC\uninstall.exe"
SaveYourFlight 3.0-->"D:\SaveYourFlight\unins000.exe"
SciTE4AutoIt3 20-12-2008-->D:\AutoIt3\SciTE\uninst.exe
screenPusher 1.3-->"D:\Screenpusher\unins000.exe"
Seagull Air Cessna C172 SP-->D:\Microsoft Games\Flight Simulator 9\Uninstal_SGA-C172.exe
Sector Pro Beta 1.4-->C:\WINDOWS\st6unst.exe -n "D:\SCTProo\ST6UNST.LOG"  
Secunia PSI-->"D:\Secunia\PSI\uninstall.exe"
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
Serif DrawPlus 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{047FC29C-5D16-4D80-9CCE-2A773E18D2EC}\Setup.exe" -l0x9 
Setup-Start von Microsoft Works 2004-->C:\Program Files\Microsoft Works Suite 2004\Setup\Launcher.exe /ARP E:\
SHOUTcast DNAS (remove only)-->"D:\SHOUTcast\uninst-dnas.exe"
SHOUTcast Source DSP 1.9.0 (remove only)-->D:\Winamp\uninst-dsp.exe
Simon Bergner´s ATC Simulator-->MsiExec.exe /I{EA312C43-6187-11D8-AEFD-00A0CC5F5288}
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
SmartFlight Beta-->"C:\Windows\SmartFlight Beta\uninstall.exe" "/U:D:\SmartFlight Beta\Uninstall\uninstall.xml"
smartmontools-->"D:\smartmontools\uninst-smartmontools.exe"
SnowBound Online-->"D:\SnowBoundOnline\unins000.exe"
Sony Vegas Pro 8.0-->MsiExec.exe /X{ECCA3728-2753-4C3A-8608-5A41C4AEBDB7}
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Spybot - Search & Destroy-->"D:\Spybot - Search & Destroy\unins000.exe"
SQL Server System CLR Types-->MsiExec.exe /I{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Stearman and Eagle Field Scenery for FS2004-->D:\Microsoft Games\Flight Simulator 9\Uninstal.exe
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
System Requirements Lab-->MsiExec.exe /I{1E99F5D7-4262-4C7C-9135-F066E7485811}
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
TeamSpeak 2 Server RC2-->"D:\Teamspeak2_RC2Serv\unins000.exe"
TeamSpeak 3 Client-->"D:\TeamSpeak 3 Client\uninstall.exe"
TeamViewer 4-->C:\Program Files\TeamViewer3\uninstall.exe
TerraBuilder LITE-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3D325DEC-545A-475C-BBE8-E453B98D436D}\Setup.exe" 
Terragen 2 Deep Edition-->MsiExec.exe /I{A892C5E6-B04D-4CAB-95DA-A52038B97B01}
Terragen 2 Free Edition-->MsiExec.exe /I{BD8D42DC-02C9-47D0-99A3-7BF92E809D9C}
Text-To-Speech-Runtime-->MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
TIPP10 Version 2.0.3-->"d:\Tipp10\unins000.exe"
TmNationsForever-->"D:\TmNationsForever\unins000.exe"
Tom Clancy's H.A.W.X-->"C:\Program Files\InstallShield Installation Information\{6E36A172-06FB-4BC8-B7FC-D30D219E6776}\setup.exe" -runfromtemp -l0x0007 -removeonly
TS-Noise 1.0.4-->"D:\TS-Noise\unins000.exe"
Tucan Manager 0.3.8-->"D:\Tucan\unins000.exe"
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
TuxGuitar-->D:\tuxguitar-1.1\uninstall.exe
TVAnts 1.0-->D:\TVAnts\UNWISE.EXE D:\TVAnts\INSTALL.LOG
TV-Browser 2.7.1-->D:\TV-Browser\Uninstall.exe
twibble-->msiexec /qb /x {EA0C1D8C-B5C9-29C9-778C-E7666A5DAFB0}
twibble-->MsiExec.exe /I{EA0C1D8C-B5C9-29C9-778C-E7666A5DAFB0}
Ubuntu-->D:\ubuntu\uninstall-wubi.exe
Ultimate Terrain - Europe-->D:\Microsoft Games\Flight Simulator 9\Europe_Uninstall.exe
UltraMon-->MsiExec.exe /I{CC15A5FC-B6D3-4A2D-8A26-D8F2702A3C00}
UltraStar Deluxe-->D:\UltraStar Deluxe\Uninstall.exe
Universal Extractor 1.6-->"D:\Universal Extractor\unins000.exe"
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
vasFMC 2.0a9-->"D:\vasfmc-2.0a9\unins000.exe"
VATroute 0.0.1.021 -->C:\Windows\uninstall\VATroute\setup.exe
VAT-Spy-->"D:\VATSpy\uninstall.exe"
VC Runtimes MSI-->MsiExec.exe /X{FF29527A-44CD-3422-945E-981A13584000}
VDrift (remove only)-->"D:\VDrift\uninstall.exe"
VegaStrike 5.0-->"D:\Vega Strike\Vegastrike-0.5.0\uninstall.exe"
Ventrilo-->D:\Ventrilo\UNWISE.EXE D:\Ventrilo\INSTALL.LOG
Version 1.0-->"D:\Real Environment Pro\unins000.exe"
Vintage Vocoder 1.02 Build 3-->"C:\Windows\th_inst2.exe" -u "D:\Sonicism Digital Audio Solutions\Vintage Vocoder\Uninstall0"
Virtual Audio Cable 4.9-->D:\Virtual Audio Cable\setup.exe -u
Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
VLC media player 0.9.4-->d:\VLC\uninstall.exe
VRC-->"D:\VRC\uninstall.exe"
WarRock-->C:\Program Files\InstallShield Installation Information\{00D15456-F679-4AD4-8BD2-56450D4C3F72}\setup.exe -runfromtemp -l0x0009 -removeonly
Web CEO 7.7-->"D:\Web CEO\Uninstall\unins000.exe"
Winamp-->"D:\Winamp\UninstWA.exe"
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}
Windows Live Fotogalerie-->MsiExec.exe /X{2BA722D1-48D1-406E-9123-8AE5431D63EF}
Windows Live Mail-->MsiExec.exe /I{C4D738F7-996A-4C81-B8FA-C4E26D767E41}
Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB}
Windows Live Movie Maker-->MsiExec.exe /X{3EFEF049-23D4-4B46-8903-4592FEA51018}
Windows Live Sync-->MsiExec.exe /X{76618402-179D-4699-A66B-D351C59436BC}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
winpcap-nmap 4.02-->"D:\WinPcap\uninstall.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Wireshark 1.0.7-->"D:\Wireshark\uninstall.exe"
XAcars for Microsoft Flightsimulator-->"D:\XAcars for MSFS\unins000.exe"
XChat 2 (remove only)-->"D:\xchat\uninstall.exe"
Xfire (remove only)-->"d:\Xfire\uninst.exe"
XNResourceEditor 3.0.0.1-->"D:\XN Resource Editor\unins000.exe"
X-treme King Air B200 v.2.0.1-->C:\Windows\iun6002.exe "D:\Microsoft Games\Flight Simulator 9\Aeroworx\B200\irunin.ini"
XviD MPEG-4 Codec-->"D:\XviD\UninstXviD.exe"
Yakovlev Yak-18T for FS9-->D:\Microsoft Games\Flight Simulator 9\Uninstal.exe
Yet Another Free RayTracer for Windows 0.0.9-->"C:\Program Files\YafRay\unins000.exe"

======Hosts File======

127.0.0.1    localhost
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com

======Security center information======

AS: Lavasoft Ad-Watch Live! (disabled)
AS: Windows Defender (disabled)

======System event log======

Computer Name: PC-de-***
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
 Pour plus d’informations, consultez les données suivantes*:
Non applicable
 	ID d’analyse*: {847FBF0D-BBC3-4491-B323-56E266D27079}
  	Utilisateur*: PC-de-***\***
 	Nom*: Unknown
 	ID*: 
 	ID de gravité*: 
 	ID de catégorie*: 
 	Chemin d’accès trouvé*: driver:AtiDCM;file:C:\ATI\SUPPORT\8-9_vista32-64_ccc_lang2_68908\Bin\atidcmxx.sys
 	Type d’alerte*: Logiciel non classifié
 	Type de détection*: 
Record Number: 31753
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20080920060608.000000-000
Event Type: Avertissement
User: 

Computer Name: PC-de-***
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
 Pour plus d’informations, consultez les données suivantes*:
Non applicable
 	ID d’analyse*: {F17810DC-7998-478D-948C-938BEE8FD523}
  	Utilisateur*: PC-de-***\***
 	Nom*: Unknown
 	ID*: 
 	ID de gravité*: 
 	ID de catégorie*: 
 	Chemin d’accès trouvé*: regkey:HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\StartCCC;runkey:HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\StartCCC;file:C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
 	Type d’alerte*: Logiciel non classifié
 	Type de détection*: 
Record Number: 31758
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20080920060723.000000-000
Event Type: Avertissement
User: 

Computer Name: PC-de-***
Event Code: 5
Message: AMLI : le BIOS ACPI tente de lire une adresse de port E/S non autorisée (0x70) dans la gamme d'adresses protégées 0x70 - 0x71. Cela peut provoquer l'instabilité du système. Contactez le fabricant de votre ordinateur pour une assistance technique.
Record Number: 31780
Source Name: ACPI
Time Written: 20080920084530.702801-000
Event Type: Erreur
User: 

Computer Name: PC-de-***
Event Code: 4
Message: AMLI : le BIOS ACPI tente de lire à partir d'une adresse de port E/S non autorisée (0x71) dans la plage d'adresses protégées 0x70 - 0x71. Cela peut provoquer l'instabilité du système. Contactez le fabricant de votre ordinateur pour une assistance technique.
Record Number: 31781
Source Name: ACPI
Time Written: 20080920084530.765201-000
Event Type: Erreur
User: 

Computer Name: PC-de-***
Event Code: 6008
Message: L'arrêt système précédant à 10:33:12 le 20/09/2008 n'était pas prévu.
Record Number: 31785
Source Name: EventLog
Time Written: 20080920084558.000000-000
Event Type: Erreur
User: 

=====Application event log=====

Computer Name: PC-de-***
Event Code: 1000
Message: Application défaillante Explorer.EXE, version 6.0.6001.18164, horodatage 0x4907e242, module défaillant ntdll.dll, version 6.0.6001.18000, horodatage 0x4791a7a6, code d’exception 0xc0000005, décalage d’erreur 0x0004311a, ID du processus 0x1b4, heure de début de l’application 0x01ca8e28e4847008.
Record Number: 40097
Source Name: Application Error
Time Written: 20100105170248.000000-000
Event Type: Erreur
User: 

Computer Name: ***
         

RSIT log.txt:

Code: Alles auswählenAufklappen

ATTFilter

Logfile of random's system information tool 1.06 (written by random/random)
Run by *** at 2010-01-09 10:57:30
Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 1
System drive C: has 45 GB (30%) free of 147 GB
Total RAM: 3070 MB (56% free)


======Scheduled tasks folder======

C:\Windows\tasks\1-Klick-Wartung.job
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job
C:\Windows\tasks\User_Feed_Synchronization-{8190328B-4C7A-40AB-848F-8B7AF6505CB3}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{061D5F3F-9C8E-40AB-9964-ACCAFFC43B40}]
C:\Windows\System32\DLLPRJ3232.dll [2010-01-09 192000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2009-07-08 246800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - D:\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2009-09-16 62784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}]
Babylon IE plugin - D:\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll [2009-09-08 252816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-21 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-11-23 204048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2009-01-30 1114112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-04 142896]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-11-23 204048]
{B922D405-6D13-4A2B-AE89-08A030DA4402}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-12-21 86016]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-12-21 81920]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-10-11 4702208]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-03-04 526896]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-01 61440]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2009-10-29 1218008]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"snpstd"=C:\Windows\vsnpstd.exe [2005-10-11 339968]
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2009-01-30 992256]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-11-02 520024]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"Babylon Client"=D:\Babylon\Babylon-Pro\Babylon.exe [2009-09-08 3730832]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]
" Malwarebytes Anti-Malware  (reboot)"=D:\Malwarebytes' Anti-Malware\mbam.exe [2009-12-30 1389904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=D:\Malwarebytes' Anti-Malware\mbamgui.exe [2009-12-30 429392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883840]
"AtiTrayTools"=C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe [2008-07-24 564224]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720]
"Steam"=d:\steam\steam.exe [2009-12-04 1217808]
"CamSpace"=D:\CamSpace\CamSpaceAgent.exe [2009-05-08 1404928]
"ICQ"=D:\ICQ6.5\ICQ.exe [2009-03-01 172792]
"DAEMON Tools Lite"=D:\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"SpybotSD TeaTimer"=D:\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
UltraMon.lnk - C:\Windows\Installer\{CC15A5FC-B6D3-4A2D-8A26-D8F2702A3C00}\IcoUltraMon.ico

C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
LimeWire On Startup.lnk - D:\LimeWire\LimeWire.exe
MagicDisc.lnk - D:\MagicDisc\MagicDisc.exe
OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
twibble.lnk - D:\twibble\twibble.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\Windows\System32\csrsrv32.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoFolderOptions"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\xchat\xchat.exe"="D:\xchat\xchat.exe:*:Enabled:XChat IRC Client"
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption"
"C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption"
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr"
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption"
"C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption"
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
shell\AutoRun\command - J:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
shell\AutoRun\command - K:\Start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e87f17f3-d69a-11de-b31e-00218508ebb3}]
shell\AutoRun\command - J:\autorun.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-01-09 10:52:33 ----A---- C:\Windows\system32\1974.tmp
2010-01-09 10:50:44 ----A---- C:\Windows\system32\6F41.tmp
2010-01-09 10:49:48 ----D---- C:\rsit
2010-01-09 10:49:48 ----D---- C:\Program Files\trend micro
2010-01-09 06:48:42 ----A---- C:\Windows\system32\DLLPRJ3232.dll
2010-01-09 06:48:38 ----A---- C:\Users\***\AppData\Roaming\fnXkYWF.vbs
2010-01-08 16:18:42 ----A---- C:\Windows\system32\D3DCompiler_3832.dll
2010-01-08 16:18:35 ----A---- C:\Users\***\AppData\Roaming\a3KSGxR7Ng0w1.vbs
2010-01-08 16:17:04 ----A---- C:\Windows\system32\B477.tmp
2010-01-06 20:00:02 ----D---- C:\Users\***\AppData\Roaming\Malwarebytes
2010-01-06 19:59:42 ----D---- C:\ProgramData\Malwarebytes
2010-01-05 18:18:12 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-01-04 19:23:41 ----D---- C:\Users\***\AppData\Roaming\TS3Client
2009-12-22 17:24:49 ----D---- C:\ProgramData\WorldWindData
2009-12-21 17:41:50 ----A---- C:\Windows\IsUninst.exe
2009-12-21 13:59:31 ----A---- C:\Windows\system32\d3dx9.dll
2009-12-21 13:59:31 ----A---- C:\Windows\system32\D3DX81ab.dll
2009-12-11 16:31:57 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-11 16:31:56 ----A---- C:\Windows\system32\httpapi.dll
2009-12-10 14:44:49 ----A---- C:\Windows\system32\winhttp.dll
2009-12-10 14:44:45 ----A---- C:\Windows\system32\mshtml.dll
2009-12-10 14:44:44 ----A---- C:\Windows\system32\ieframe.dll
2009-12-10 14:44:43 ----A---- C:\Windows\system32\wininet.dll
2009-12-10 14:44:43 ----A---- C:\Windows\system32\urlmon.dll
2009-12-10 14:44:43 ----A---- C:\Windows\system32\occache.dll
2009-12-10 14:44:43 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-10 14:44:43 ----A---- C:\Windows\system32\iertutil.dll
2009-12-10 14:44:43 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-10 14:44:42 ----A---- C:\Windows\system32\msfeedssync.exe
2009-12-10 14:44:42 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-10 14:44:42 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-10 14:44:42 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-10 14:44:42 ----A---- C:\Windows\system32\ieui.dll
2009-12-10 14:44:42 ----A---- C:\Windows\system32\iesysprep.dll
2009-12-10 14:44:42 ----A---- C:\Windows\system32\iesetup.dll
2009-12-10 14:44:42 ----A---- C:\Windows\system32\iernonce.dll
2009-12-10 14:44:42 ----A---- C:\Windows\system32\iepeers.dll
2009-12-10 14:44:42 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-10 14:43:49 ----A---- C:\Windows\system32\rastls.dll
2009-12-10 14:43:49 ----A---- C:\Windows\system32\raschap.dll

======List of files/folders modified in the last 1 months======

2010-01-09 10:57:35 ----D---- C:\Windows\Temp
2010-01-09 10:52:33 ----D---- C:\Windows\System32
2010-01-09 10:49:48 ----RD---- C:\Program Files
2010-01-09 10:48:31 ----D---- C:\Windows\Web
2010-01-09 10:48:31 ----D---- C:\Windows\system32\drivers
2010-01-09 08:29:18 ----D---- C:\Users\***\AppData\Roaming\Skype
2010-01-09 08:01:22 ----D---- C:\Users\***\AppData\Roaming\skypePM
2010-01-09 07:09:09 ----SHD---- C:\Windows\Installer
2010-01-09 07:09:02 ----D---- C:\Windows\system
2010-01-09 07:08:39 ----SHD---- C:\System Volume Information
2010-01-09 07:06:00 ----D---- C:\Windows\Downloaded Installations
2010-01-08 21:09:32 ----D---- C:\Windows\Tasks
2010-01-08 21:09:26 ----D---- C:\ProgramData\Google Updater
2010-01-08 17:48:10 ----D---- C:\Program Files\Teamspeak2_RC2
2010-01-06 19:59:42 ----D---- C:\ProgramData
2010-01-06 19:55:18 ----D---- C:\Windows\Minidump
2010-01-06 19:55:18 ----D---- C:\Windows\Debug
2010-01-06 19:55:18 ----D---- C:\Windows
2010-01-06 19:34:33 ----D---- C:\Users\***\AppData\Roaming\teamspeak2
2010-01-06 17:27:51 ----D---- C:\Program Files\Mozilla Firefox
2010-01-06 17:22:15 ----D---- C:\Windows\inf
2010-01-06 17:22:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-06 16:46:48 ----D---- C:\ProgramData\Babylon
2010-01-06 16:45:54 ----D---- C:\Users\***\AppData\Roaming\LimeWire
2010-01-05 15:04:37 ----D---- C:\Users\***\AppData\Roaming\FileZilla
2010-01-05 14:25:20 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-05 14:24:57 ----D---- C:\ProgramData\Media Center Programs
2010-01-03 14:18:31 ----D---- C:\Users\***\AppData\Roaming\Adobe
2010-01-02 08:45:45 ----RSD---- C:\Windows\Fonts
2010-01-01 19:34:26 ----AD---- C:\ProgramData\TEMP
2010-01-01 17:43:33 ----D---- C:\Program Files\pdfforge Toolbar
2009-12-23 08:29:06 ----D---- C:\Windows\system32\catroot2
2009-12-23 08:27:58 ----D---- C:\Program Files\McAfee
2009-12-21 23:18:45 ----D---- C:\Program Files\FS2004SDK
2009-12-21 15:42:50 ----D---- C:\Tmp
2009-12-19 19:35:27 ----D---- C:\ProgramData\TrackMania
2009-12-18 22:42:50 ----D---- C:\Program Files\Common Files\Thomas Molitor EDV Service
2009-12-18 08:41:49 ----D---- C:\Users\***\AppData\Roaming\Desktopicon
2009-12-16 09:06:00 ----D---- C:\Users\***\AppData\Roaming\Mozilla
2009-12-11 16:33:53 ----D---- C:\Windows\winsxs
2009-12-11 16:33:37 ----D---- C:\Windows\system32\catroot
2009-12-10 19:53:30 ----D---- C:\Windows\rescache
2009-12-10 19:35:46 ----D---- C:\Windows\system32\migration
2009-12-10 19:35:45 ----D---- C:\Windows\system32\fr-FR
2009-12-10 19:35:45 ----D---- C:\Program Files\Windows Mail
2009-12-10 19:35:45 ----D---- C:\Program Files\Internet Explorer
2009-12-10 17:43:20 ----D---- C:\ProgramData\Microsoft Help
2009-12-10 17:16:18 ----D---- C:\Windows\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 atitray;atitray; \??\C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys [2008-05-31 17952]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-09-16 214664]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2009-07-16 130424]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-03-14 46652]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2007-03-13 24512]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2009-07-16 229208]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2007-07-03 15392]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-03-04 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-03-04 60464]
R2 tvicport;tvicport; \??\C:\Windows\system32\drivers\tvicport.sys [2007-11-06 14544]
R2 UltraMonUtility;UltraMon Utility Driver; \??\C:\Program Files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys [2008-09-14 10496]
R2 VirtualFD;VirtualFD; \??\D:\virtFloppyDisk\vfd.sys [2005-04-04 9887]
R2 zntport;zntport; \??\C:\Windows\system32\drivers\zntport.sys [2007-11-06 6080]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-01-14 4235776]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM); C:\Windows\system32\DRIVERS\vrtaucbl.sys [2009-11-14 50944]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-10-17 1971928]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2006-12-22 25632]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-09-16 79816]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2009-09-16 35272]
R3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-09-16 34248]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-09-16 40552]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-03-29 6144]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-09-10 1035168]
R3 NVHDA;Service for NVIDIA HDMI Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2007-07-16 30752]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-07-07 12032]
R3 snpstd;Trust Webcam 14823; C:\Windows\system32\DRIVERS\snpstd.sys [2006-05-03 390784]
R3 tap0801;TAP-Win32 Adapter V8; C:\Windows\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
R3 VBoxUSBFlt;VirtualBox USB Filter Driver; C:\Windows\system32\DRIVERS\VBoxUSBFlt.sys [2007-03-13 18720]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\Windows\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 a9cr3443;a9cr3443; C:\Windows\system32\drivers\a9cr3443.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2006-12-22 1683232]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2006-12-22 1963680]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NCHSSVAD;SoundTap Recorder; C:\Windows\system32\drivers\nchssvad.sys [2008-08-15 27136]
S3 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2009-03-15 34064]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-12-21 7629632]
S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2008-12-10 7808]
S3 TfNetMon;TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2008-07-17 28672]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 YMIDUSB;YAMAHA Corporation USB MIDI Driver; C:\Windows\System32\Drivers\ymidusb.sys [2003-01-22 169088]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcerMemUsageCheckService;ePerformance Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2007-04-16 28672]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-01-14 729088]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 eDataSecurity Service;eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-04 500784]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-12-19 24576]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe [2007-10-16 81920]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-11-02 1028432]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 LVPrcSrv;Process Monitor; c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe [2006-12-22 109344]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2009-12-08 93320]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-07-09 865832]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-07-07 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-07-08 359952]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-09-16 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-10-27 895696]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2009-07-08 26640]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-05-21 75064]
R2 TeamViewer4;TeamViewer 4; C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe [2008-12-15 185640]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe [2007-10-16 2711552]
R3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
R3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-09-16 365072]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-09-16 606736]
S2 gupdate1c986253ad8f9e0;Google Update Service (gupdate1c986253ad8f9e0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-03 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-21 183280]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2006-12-22 105248]
S2 ThreatFire;ThreatFire; D:\ThreatFire\TFService.exe service []
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-12-11 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-10-04 316664]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-08-23 361216]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-19 21504]

-----------------EOF-----------------
         

P.S: Mein Computer ist auf Französich. Wenn ihr irgendwas nicht versteht übersetze ich es euch gerne

Hallo,

Du hast den Hauptpreis gewonnen! Eine komplette Neuinstallation.

Zitat:

C:\Users\Pol\Documents\LimeWire\Saved\uk2000 gatwick xtreme crack 100% working cracked release by Under SEH Team\patch.[Under SEH Team].exe (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Users\Pol\Documents\LimeWire\Saved\uk2000 gatwick xtreme crack 100% working cracked release by Under SEH Team\setup.exe (Trojan.Tracur) -> Quarantined and deleted successfully.

Die (Be)nutzung von Cracks, Serials und Keygens ist illegal, somit gibt es im Trojaner-Board keinen weiteren Support mehr.

Für Dich geht es hier weiter => Neuaufsetzen des Systems
Bitte auch alle Passwörter abändern (für E-Mail-Konten, StudiVZ, Ebay...einfach alles!) da nicht selten in dieser dubiosen Software auch Keylogger und Backdoorfunktionen stecken.

Danach nie wieder sowas anrühren!

Woher wusste ich, dass das noch ein Nachspiel haben würde (Wieso muss ich auch alles ausprobieren ...) Meine Frage jetzt: Wird mir nur neu Neuinstallation empfohlen,weil ihr mir keinen support mehr gibt oder ist da noch was zu retten ?

Hi,

sie wird dir einmal zu deinem besten und zweitens aus dem Grund, dass der Support des Trojaner-Board hiermit beendet ist, empfohlen. 99% der Cracks und Keygens usw. sind verseucht und außerdem illegal.
Liebe Grüße,
Moritz