|
Log-Analyse und Auswertung: IE8 - Popups nach install von "Keygen.Exterminate.It!.1.68.02.03.45057.exe"Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
09.02.2010, 22:03 | #1 |
| IE8 - Popups nach install von "Keygen.Exterminate.It!.1.68.02.03.45057.exe"Hallo in die Runde, hatte urplötzlich "Relevant Knowledge" auf meinem PC. Wollte dieses schnell beseitigen. Nach div. google-Ergebnissen kam dann ein Hinweis zu "Exterminate It!" Dieses installiert und dann Ergebnis mit div. Meldungen (siehe PDF "exterminate it.zip"). Da die delete-Funktion nicht mit diesem Trial funktionierte, googlete ich schnell (und leider hirnlos ) den Activation-Key und fand "Keygen.Exterminate.It!.1.68.02.03.45057.exe". Ohne diese vorab zu prüfen führte ich die exe aus. Diese verschwand umgehend aus dem Speicherort und ward nicht mehr gesehen... Nun möchte ich Sicherheit haben, dass mein System wieder frei von Schadsoftware ist... Daher die Bitte an Euch Pros, meine Logfiles zu überprüfen. Habe Eure Anleitung befolgt und beginne nun zu posten: 1. CCleaner ist gelaufen: Windows:Alles analysiert & bereinigt Registry: Nach Fehler gesucht & alle Fehler (mehrfach) behoben. - Keine Fehler mehr vorhanden. 2. Ergebnis Malwarebytes: Malwarebytes' Anti-Malware 1.44 Datenbank Version: 3715 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 09.02.2010 21:56:03 mbam-log-2010-02-09 (21-56-03).txt Scan-Methode: Vollständiger Scan (C:\|D:\|) Durchsuchte Objekte: 423751 Laufzeit: 1 hour(s), 32 minute(s), 13 second(s) Infizierte Speicherprozesse: 1 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 3 Infizierte Registrierungswerte: 1 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 7 Infizierte Speicherprozesse: C:\WINDOWS\msa.exe (Trojan.Agent) -> Unloaded process successfully. Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\F5JMWNZTHI (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\ROUA3O12PW (Trojan.FakeAlert) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\f5jmwnzthi (Trojan.FakeAlert) -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Dokumente und Einstellungen\***\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch.lnk (Rogue.Multiple) -> Quarantined and deleted successfully. C:\WINDOWS\inf\UltraMonMirror.inf (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\inf\UltraMonMirror.PNF (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\msa.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\sshnas21.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. 3. Ergebnisse Randoms System Information Tool - folgen im nächten Eintrag: Lieben Dank für Euren Support!!! LG S. Geändert von Slash7 (09.02.2010 um 22:24 Uhr) |
09.02.2010, 22:28 | #2 |
| IE8 - Popups nach install von "Keygen.Exterminate.It!.1.68.02.03.45057.exe" 3. Ergebnisse Randoms System Information Tool - folgen im nächten Eintrag:
__________________- log.txt: Logfile of random's system information tool 1.06 (written by random/random) Run by sie at 2010-02-09 22:11:32 Microsoft Windows XP Professional Service Pack 3 System drive C: has 20 GB (31%) free of 66 GB Total RAM: 3055 MB (78% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:11:39, on 09.02.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Intel\AMT\atchksrv.exe C:\Programme\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\IFXSPMGT.exe C:\WINDOWS\system32\IFXTCS.exe C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe C:\Programme\Intel\AMT\LMS.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programme\Google\Update\1.2.183.13\GoogleCrashHandler.exe C:\Programme\Trend Micro\OfficeScan Client\ntrtscan.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programme\PDF Complete\pdfsvc.exe C:\Programme\ProtectTools\Embedded Security Software\PSDsrvc.EXE C:\WINDOWS\system32\svchost.exe C:\Programme\Trend Micro\OfficeScan Client\tmlisten.exe C:\Programme\Hewlett-Packard\Shared\hpqwmiex.exe C:\Programme\Trend Micro\OfficeScan Client\OfcPfwSvc.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\TEMP\RE4068.EXE C:\Programme\HPQ\IAM\bin\asghost.exe C:\WINDOWS\Explorer.EXE C:\Programme\ProtectTools\Embedded Security Software\PSDrt.exe C:\WINDOWS\RTHDCPL.EXE C:\Programme\Intel\AMT\atchk.exe C:\Programme\PDF Complete\pdfsty.exe C:\WINDOWS\SMINST\Scheduler.exe C:\Programme\Trend Micro\OfficeScan Client\pccntmon.exe C:\Programme\Mindjet\MindManager 7\MMReminderService.exe C:\Programme\Elaborate Bytes\CloneCD\CloneCDTray.exe C:\WINDOWS\system32\rundll32.exe C:\Programme\ScanSoft\PaperPort\pptd40nt.exe C:\Programme\Brother\ControlCenter3\brccMCtl.exe C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programme\UltraMon\UltraMon.exe C:\Programme\WinZip\WZQKPICK.EXE C:\Programme\UltraMon\UltraMonTaskbar.exe C:\Programme\iPod\bin\iPodService.exe C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Dokumente und Einstellungen\sie\Eigene Dateien\Downloads\RSIT.exe C:\Dokumente und Einstellungen\sie\Lokale Einstellungen\Temp\sie.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O2 - BHO: CmjBrowserHelperObject Object - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - C:\Programme\Mindjet\MindManager 7\Mm7InternetExplorer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programme\realplayer-11.de\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programme\HPQ\IAM\Bin\ItIeAddIN.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [PTHOSTTR] C:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start O4 - HKLM\..\Run: [atchk] "C:\Programme\Intel\AMT\atchk.exe" O4 - HKLM\..\Run: [PDF Complete] "C:\Programme\PDF Complete\pdfsty.exe" O4 - HKLM\..\Run: [SDMSSplash] "C:\Programme\HP_SDMS\SDMSSplash\launcher.exe" "launchdir=C:\Programme\HP_SDMS\SDMSSplash" O4 - HKLM\..\Run: [SetRefresh] C:\Programme\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Programme\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow O4 - HKLM\..\Run: [MMReminderService] C:\Programme\Mindjet\MindManager 7\MMReminderService.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Programme\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL O4 - HKLM\..\Run: [CloneCDTray] "C:\Programme\Elaborate Bytes\CloneCD\CloneCDTray.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] "C:\Programme\ScanSoft\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [IndexSearch] "C:\Programme\ScanSoft\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PPort11reminder] "C:\Programme\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini O4 - HKLM\..\Run: [BrMfcWnd] C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\GEMEIN~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Free Download Manager] "C:\Programme\Free Download Manager\fdm.exe" -autorun O4 - HKCU\..\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: AutoCAD-Startbeschleuniger.lnk = C:\Programme\Gemeinsame Dateien\Autodesk Shared\acstart17.exe O4 - Global Startup: UltraMon.lnk = C:\Programme\UltraMon\UltraMon.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE O8 - Extra context menu item: Alles mit FDM herunterladen - file://C:\Programme\Free Download Manager\dlall.htm O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://C:\Programme\Free Download Manager\dlselected.htm O8 - Extra context menu item: Datei mit FDM herunterladen - file://C:\Programme\Free Download Manager\dllink.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Videos mit FDM herunterladen - file://C:\Programme\Free Download Manager\dlfvideo.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: An Mindjet MindManager senden - {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - C:\Programme\Mindjet\MindManager 7\Mm7InternetExplorer.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O15 - Trusted Zone: http://*.adobe.com O15 - Trusted IP range: http://127.0.0.1 O16 - DPF: {0DF86CB3-1923-11D5-B470-0050BA1B3C6F} (JpegServerPushControl Class) - http://cam-bcb.gendorf.net/ConvisionVideo.cab O16 - DPF: {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} (VatCtrl Class) - http://100.100.100.115/VatDec.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} (RtspVaPgCtrl Class) - http://100.100.100.111/RtspVaPgDec.cab O16 - DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} (RtspVaPgCtrlNew Class) - http://100.100.100.114/RtspVaPgDec.cab O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - https://support.dell.com/systemprofiler/SysProExe.CAB O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194871954156 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD39/JSCDL/jdk/6u5b/jinstall-6u5-windows-i586-jc.cab?AuthParam=1205846360_52f1241c9e99fbc38bff4952f13dba87&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD39/JSCDL/jdk/6u5b/jinstall-6u5-windows-i586-jc.cab&File=jinstall-6u5-windows-i586-jc.cab O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} (O2C-Player (ELECO Software GmbH)) - http://www.o2c.de/download/o2cplayer.cab O16 - DPF: {BE30D547-EE96-4D6B-B9A3-57777E9F0A9C} (ActiveFormX Element) - http://127.0.0.1/gybcnquq/activex/common/bin/go1984Viewer.ocx O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://100.100.100.111/activex/AMC.cab O16 - DPF: {F0C46420-B50B-4BA1-ADBE-C1ECF47E0916} (XViewer Control) - http://213.23.199.170:86/XViewer.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = gsh.local O17 - HKLM\Software\..\Telephony: DomainName = gsh.local O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = gsh.local O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = gsh.local O20 - Winlogon Notify: OneCard - C:\Programme\HPQ\IAM\Bin\AsWlnPkg.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Intel(R) AMT System Status Service (atchksrv) - Intel Corporation - C:\Programme\Intel\AMT\atchksrv.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Programme\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programme\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Intel(R) Active Management Technology LMS Service (LMS) - Intel - C:\Programme\Intel\AMT\LMS.exe O23 - Service: Trend Micro Client/Server Security Agent Echtzeitsuche (ntrtscan) - Trend Micro Inc. - C:\Programme\Trend Micro\OfficeScan Client\ntrtscan.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Programme\Trend Micro\OfficeScan Client\OfcPfwSvc.exe O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Programme\PDF Complete\pdfsvc.exe O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Programme\ProtectTools\Embedded Security Software\PSDsrvc.EXE O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Programme\Trend Micro\OfficeScan Client\tmlisten.exe -- End of file - 17361 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\User_Feed_Synchronization-{C58D0CB4-3FE0-42E0-A0DB-82E2D618E7CE}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}] ContributeBHO Class - C:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07A11D74-9D25-4fea-A833-8B0D76A5577A}] CmjBrowserHelperObject Object - C:\Programme\Mindjet\MindManager 7\Mm7InternetExplorer.dll [2007-05-18 71184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - c:\programme\realplayer-11.de\rpbrowserrecordplugin.dll [2009-09-21 329312] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-01 279664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-12-21 349640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-01 812528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class - C:\Programme\Free Download Manager\iefdm2.dll [2007-11-26 94208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}] HP Credential Manager for ProtectTools - C:\Programme\HPQ\IAM\Bin\ItIeAddIN.dll [2005-03-03 50688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] SmartSelect Class - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-12-21 349640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-12-21 349640] {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-01 279664] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-07-04 16250880] "PTHOSTTR"=C:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2006-06-08 131072] "atchk"=C:\Programme\Intel\AMT\atchk.exe [2007-01-10 404288] "PDF Complete"=C:\Programme\PDF Complete\pdfsty.exe [2007-08-07 331288] "SDMSSplash"=C:\Programme\HP_SDMS\SDMSSplash\launcher.exe [2006-03-10 86016] "SetRefresh"=C:\Programme\Compaq\SetRefresh\SetRefresh.exe [2003-11-20 525824] "CognizanceTS"=C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll [2003-12-22 17920] "Recguard"=C:\WINDOWS\Sminst\Recguard.exe [2006-05-12 1138688] "Reminder"=C:\WINDOWS\Creator\Remind_XP.exe [2006-03-31 761856] "Scheduler"=C:\WINDOWS\SMINST\Scheduler.exe [2006-04-24 888832] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-05-27 7577600] "Adobe Reader Speed Launcher"=C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-10-10 39792] "OfficeScanNT Monitor"=C:\Programme\Trend Micro\OfficeScan Client\pccntmon.exe [2007-04-27 399048] "MMReminderService"=C:\Programme\Mindjet\MindManager 7\MMReminderService.exe [2007-05-18 37392] "NeroFilterCheck"=C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [2006-01-12 155648] "CloneCDElbyCDFL"=C:\Programme\Elaborate Bytes\CloneCD\ElbyCheck.exe [2002-11-02 45056] "CloneCDTray"=C:\Programme\Elaborate Bytes\CloneCD\CloneCDTray.exe [2002-12-02 73728] "nwiz"=nwiz.exe /install [] "SSBkgdUpdate"=C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472] "PaperPort PTD"=C:\Programme\ScanSoft\PaperPort\pptd40nt.exe [2007-01-29 30248] "IndexSearch"=C:\Programme\ScanSoft\PaperPort\IndexSearch.exe [2007-01-29 46632] "PPort11reminder"=C:\Programme\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-02-01 255528] "BrMfcWnd"=C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe [2007-03-05 630784] "ControlCenter3"=C:\Programme\Brother\ControlCenter3\brctrcen.exe [2006-11-07 65536] "AppleSyncNotifier"=C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440] "AdobeCS4ServiceManager"=C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2009-03-11 611712] "Adobe Acrobat Speed Launcher"=C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2009-12-22 38840] ""= [] "Acrobat Assistant 8.0"=C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2009-12-21 640440] "Adobe_ID0ENQBO"=C:\PROGRA~1\GEMEIN~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2008-08-15 378224] "TkBellExe"=C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [2009-09-21 198160] "Adobe ARM"=C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672] "QuickTime Task"=C:\Programme\QuickTime\qttask.exe [2009-11-10 417792] "iTunesHelper"=C:\Programme\iTunes\iTunesHelper.exe [2010-01-22 141608] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "Free Download Manager"=C:\Programme\Free Download Manager\fdm.exe [2008-02-25 2465839] "swg"=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-16 39408] "AdobeBridge"= [] C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart AutoCAD-Startbeschleuniger.lnk - C:\Programme\Gemeinsame Dateien\Autodesk Shared\acstart17.exe UltraMon.lnk - C:\Programme\UltraMon\UltraMon.exe WinZip Quick Pick.lnk - C:\Programme\WinZip\WZQKPICK.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IfxWlxEN] C:\WINDOWS\system32\IfxWlxEN.dll [2006-04-07 434176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] igfxdev.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OneCard] C:\Programme\HPQ\IAM\Bin\AsWlnPkg.dll [2006-06-07 40448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli AsWlnPkg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoWelcomeScreen"= "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\WINDOWS\SMINST\Scheduler.exe"="C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler " "C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Programme\Winpopup LAN Messenger\WinPopup.exe"="C:\Programme\Winpopup LAN Messenger\WinPopup.exe:*:Enabled:Winpopup LAN Messenger" "C:\WINDOWS\system32\mstsc.exe"="C:\WINDOWS\system32\mstsc.exe:*:Enabled:Remote Desktop Connection" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Programme\go1984\go1984.exe"="C:\Programme\go1984\go1984.exe:*:Enabled:go1984" "C:\Programme\Winpopup LAN Messenger\WinPopup.exe"="C:\Programme\Winpopup LAN Messenger\WinPopup.exe:LocalSubNet:Enabled:Winpopup LAN Messenger" "C:\WINDOWS\system32\mstsc.exe"="C:\WINDOWS\system32\mstsc.exe:*:Enabled:Remote Desktop Connection" "C:\Dokumente und Einstellungen\sie\Desktop\KIT-Support2005.exe"="C:\Dokumente und Einstellungen\sie\Desktop\KIT-Support2005.exe:*:Enabledcvisit 2005 gast" "C:\Programme\Internet Explorer\iexplore.exe"="C:\Programme\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" "C:\Dokumente und Einstellungen\hb\Desktop\KIT-Support2005.exe"="C:\Dokumente und Einstellungen\hb\Desktop\KIT-Support2005.exe:*isabledcvisit 2005 gast" "\\Gsh-s01\Daten\MACAURUM\Soft\CMS\TYPO3\TYPO3Winstaller\Apache\bin\apache.exe"="\\Gsh-s01\Daten\MACAURUM\Soft\CMS\TYPO3\TYPO3Winstaller\Apache\bin\apache.exe:*:Enabled:Apache HTTP Server" "C:\Programme\Macromedia\Dreamweaver MX\Dreamweaver.exe"="C:\Programme\Macromedia\Dreamweaver MX\Dreamweaver.exe:*:Enabledreamweaver MX" "C:\Programme\TYPO3_4.1.5\Apache\bin\Apache.exe"="C:\Programme\TYPO3_4.1.5\Apache\bin\Apache.exe:*:Enabled:Apache HTTP Server" "C:\Programme\Macromedia\Flash MX\Flash.exe"="C:\Programme\Macromedia\Flash MX\Flash.exe:*:Enabled:Flash 6.0 r25" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Windows Explorer" "C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4" "C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe"="C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:*:Enabled:Adobe Version Cue CS4 Server" "C:\Programme\eMule\emule.exe"="C:\Programme\eMule\emule.exe:*:Enabled:eMule" "C:\Programme\iTunes\iTunes.exe"="C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ce0cc8b-bc7a-11dd-b33a-000ffe795686}] shell\AutoRun\command - J:\starter.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8cbbe8fe-91ec-11dc-b250-000ffe795686}] shell\AutoRun\command - I:\PortableRoboForm.exe shell\RoboForm2Go\command - I:\PortableRoboForm.exe ======File associations====== .js - open - "C:\Programme\Macromedia\Dreamweaver MX\Dreamweaver.exe" "%1" .scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 months====== 2010-02-09 22:11:32 ----D---- C:\rsit 2010-02-09 20:20:37 ----D---- C:\Dokumente und Einstellungen\sie\Anwendungsdaten\Malwarebytes 2010-02-09 20:20:31 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes 2010-02-09 20:20:30 ----D---- C:\Programme\Malwarebytes' Anti-Malware 2010-02-09 18:47:11 ----D---- C:\Programme\CCleaner 2010-02-09 15:21:48 ----D---- C:\Programme\Exterminate It! 2010-02-04 18:57:20 ----D---- C:\WINDOWS\system32\Dell 2010-02-04 18:57:20 ----D---- C:\Programme\Dell 2010-02-03 21:29:40 ----D---- C:\Programme\KC Softwares 2010-02-03 21:01:14 ----D---- C:\Programme\MediaInfo 2010-02-02 19:29:18 ----D---- C:\Dokumente und Einstellungen\sie\Anwendungsdaten\vlc 2010-02-02 17:14:41 ----D---- C:\Programme\iPod 2010-02-02 17:14:31 ----D---- C:\Programme\iTunes 2010-02-02 17:10:22 ----D---- C:\Programme\QuickTime 2010-01-28 21:50:48 ----RA---- C:\WINDOWS\system32\ShExt.dll 2010-01-28 21:50:39 ----D---- C:\Programme\Vivaldi Plus Via Web (German Version) 2010-01-27 20:36:53 ----D---- C:\Dokumente und Einstellungen\sie\Anwendungsdaten\MAGIX 2010-01-27 20:35:53 ----A---- C:\WINDOWS\system32\wmv8dmod.dll 2010-01-27 20:35:53 ----A---- C:\WINDOWS\system32\mpg4c32.dll 2010-01-27 20:34:49 ----A---- C:\WINDOWS\system32\msxml4a.dll 2010-01-27 20:34:48 ----A---- C:\WINDOWS\system32\TTIC32.dll 2010-01-27 20:34:48 ----A---- C:\WINDOWS\system32\TTI32.dll 2010-01-27 20:34:48 ----A---- C:\WINDOWS\system32\STRING32.dll 2010-01-27 20:34:48 ----A---- C:\WINDOWS\system32\MXRestore.exe 2010-01-27 20:34:48 ----A---- C:\WINDOWS\system32\mgxcdr.txt 2010-01-27 20:34:48 ----A---- C:\WINDOWS\system32\mgxasio2.dll 2010-01-27 20:34:47 ----A---- C:\WINDOWS\system32\DLLTPO32.dll 2010-01-27 20:34:47 ----A---- C:\WINDOWS\system32\DLLRES32.dll 2010-01-27 20:34:47 ----A---- C:\WINDOWS\system32\DLLRD32.dll 2010-01-27 20:34:47 ----A---- C:\WINDOWS\system32\DLLPTL32.dll 2010-01-27 20:34:47 ----A---- C:\WINDOWS\system32\DLLPRJ32.dll 2010-01-27 20:34:47 ----A---- C:\WINDOWS\system32\DLLPRF32.dll 2010-01-27 20:34:47 ----A---- C:\WINDOWS\system32\DLLPNT32.dll 2010-01-27 20:34:47 ----A---- C:\WINDOWS\system32\DLLMSC32.dll 2010-01-27 20:34:47 ----A---- C:\WINDOWS\system32\DLLIX.dll 2010-01-27 20:34:47 ----A---- C:\WINDOWS\system32\DLLISO32.dll 2010-01-27 20:34:47 ----A---- C:\WINDOWS\system32\DLLIO32.dll 2010-01-27 20:34:47 ----A---- C:\WINDOWS\system32\DLLIMG32.dll 2010-01-27 20:34:47 ----A---- C:\WINDOWS\system32\DLLDRV32.dll 2010-01-27 20:34:47 ----A---- C:\WINDOWS\system32\DLLDIR32.dll 2010-01-27 20:34:47 ----A---- C:\WINDOWS\system32\DLLDEV32.dll 2010-01-27 20:34:47 ----A---- C:\WINDOWS\system32\DLLCPY32.dll 2010-01-27 20:34:47 ----A---- C:\WINDOWS\system32\DLLCDF32.dll 2010-01-27 20:34:47 ----A---- C:\WINDOWS\system32\DLLCDA32.dll 2010-01-27 20:34:47 ----A---- C:\WINDOWS\system32\DLLAV32.dll 2010-01-27 20:34:25 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX 2010-01-27 20:33:49 ----D---- C:\Programme\MAGIX 2010-01-27 20:33:49 ----A---- C:\WINDOWS\system32\DLLDEV32i.dll 2010-01-27 20:33:12 ----D---- C:\WINDOWS\system32\MAGIX 2010-01-27 20:33:12 ----A---- C:\WINDOWS\system32\mgxoschk.dll 2010-01-27 20:33:12 ----A---- C:\WINDOWS\mgxoschk.ini 2010-01-14 14:57:45 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-01-14 14:56:56 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ ======List of files/folders modified in the last 1 months====== 2010-02-09 22:08:18 ----D---- C:\Dokumente und Einstellungen\sie\Anwendungsdaten\Free Download Manager 2010-02-09 22:07:07 ----D---- C:\WINDOWS\Prefetch 2010-02-09 22:07:01 ----D---- C:\WINDOWS\SMINST 2010-02-09 22:06:53 ----D---- C:\WINDOWS\Temp 2010-02-09 22:05:59 ----D---- C:\WINDOWS 2010-02-09 22:05:47 ----SD---- C:\WINDOWS\Tasks 2010-02-09 22:05:37 ----A---- C:\WINDOWS\system32\log.txt 2010-02-09 22:05:19 ----D---- C:\WINDOWS\system32\drivers 2010-02-09 22:05:19 ----D---- C:\WINDOWS\Debug 2010-02-09 22:04:33 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-02-09 21:59:31 ----D---- C:\Programme\Mozilla Firefox 2010-02-09 21:56:03 ----HD---- C:\WINDOWS\inf 2010-02-09 21:56:03 ----D---- C:\WINDOWS\system32 2010-02-09 20:20:30 ----RD---- C:\Programme 2010-02-09 20:04:18 ----A---- C:\WINDOWS\BRWMARK.INI 2010-02-09 19:31:18 ----A---- C:\WINDOWS\cfgall.ini 2010-02-09 18:33:08 ----D---- C:\Dokumente und Einstellungen\sie\Anwendungsdaten\eMule 2010-02-09 15:28:13 ----D---- C:\WINDOWS\system32\CatRoot2 2010-02-09 13:27:13 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google Updater 2010-02-09 11:35:02 ----D---- C:\WINDOWS\security 2010-02-08 12:05:21 ----D---- C:\Config.Msi 2010-02-05 16:38:41 ----HD---- C:\Programme\InstallShield Installation Information 2010-02-05 16:38:41 ----D---- C:\Programme\Intel 2010-02-04 19:25:01 ----A---- C:\WINDOWS\PhotoSnapViewer.INI 2010-02-04 18:57:24 ----A---- C:\WINDOWS\hpbafd.ini 2010-02-04 18:57:20 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-02-03 22:31:23 ----A---- C:\WINDOWS\NeroDigital.ini 2010-02-03 20:39:53 ----D---- C:\Downloads 2010-02-02 17:16:23 ----SHD---- C:\WINDOWS\Installer 2010-02-02 17:14:35 ----D---- C:\Programme\Gemeinsame Dateien\Apple 2010-01-29 14:59:44 ----D---- C:\Programme\Google 2010-01-28 21:50:43 ----RSD---- C:\WINDOWS\Fonts 2010-01-26 14:56:16 ----D---- C:\Dokumente und Einstellungen\sie\Anwendungsdaten\Adobe 2010-01-22 03:01:02 ----RSHD---- C:\WINDOWS\system32\dllcache 2010-01-22 03:01:01 ----D---- C:\Programme\Internet Explorer 2010-01-22 03:00:26 ----HD---- C:\WINDOWS\$hf_mig$ 2010-01-21 15:46:42 ----D---- C:\Programme\Gemeinsame Dateien\Adobe AIR 2010-01-14 16:01:26 ----D---- C:\WINDOWS\AppPatch 2010-01-13 19:47:29 ----D---- C:\Dokumente und Einstellungen\sie\Anwendungsdaten\Apple Computer ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 PersonalSecureDrive;PersonalSecureDrive; C:\WINDOWS\System32\drivers\psd.sys [2006-04-07 31104] R1 WmiAcpi;Microsoft Windows-Verwaltungsschnittstelle für ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2009-07-15 73312] R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244] R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2002-11-29 16320] R2 TM_CFW;Common Firewall Driver; \??\C:\Programme\Trend Micro\OfficeScan Client\tm_cfw.sys [] R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys [] R2 TmFilter;Trend Micro Filter; \??\C:\Programme\Trend Micro\OfficeScan Client\TmXPFlt.sys [] R2 TmPreFilter;Trend Micro PreFilter; \??\C:\Programme\Trend Micro\OfficeScan Client\TmPreFlt.sys [] R2 UltraMonUtility;UltraMon Utility Driver; \??\C:\Programme\UltraMon\UltraMonUtility.sys [] R2 VSApiNt;Trend Micro VSAPI NT; \??\C:\Programme\Trend Micro\OfficeScan Client\VSApiNt.sys [] R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2006-07-19 230400] R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2002-11-28 15360] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600] R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2006-12-06 44416] R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2006-04-25 36608] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-07-04 4306944] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-05-27 3672672] R3 StillCam;Treiber für serielle Digitalkamera; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-18 7040] R3 UltraMonMirror;UltraMonMirror; C:\WINDOWS\system32\DRIVERS\UltraMonMirror.sys [2003-10-14 3072] R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S1 P3;Intel PentiumIII-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\p3.sys [2008-04-14 46848] S3 ac97intc;Intel(r) 82801 Audiotreiber-Installationsdienst (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256] S3 E100B;Intel(R) PRO-Adaptertreiber; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760] S3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 i81x;i81x; C:\WINDOWS\system32\DRIVERS\i81xnt5.sys [2004-08-03 161020] S3 iAimFP0;iAimFP0; C:\WINDOWS\system32\DRIVERS\wADV01nt.sys [2004-08-03 12415] S3 iAimFP1;iAimFP1; C:\WINDOWS\system32\DRIVERS\wADV02NT.sys [2004-08-03 12127] S3 iAimFP2;iAimFP2; C:\WINDOWS\system32\DRIVERS\wADV05NT.sys [2004-08-03 11775] S3 iAimFP3;iAimFP3; C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys [2004-08-03 12063] S3 iAimFP4;iAimFP4; C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys [2004-08-03 19455] S3 iAimFP5;iAimFP5; C:\WINDOWS\system32\DRIVERS\wADV07nt.sys [2004-08-03 11807] S3 iAimFP6;iAimFP6; C:\WINDOWS\system32\DRIVERS\wADV08nt.sys [2004-08-03 11295] S3 iAimFP7;iAimFP7; C:\WINDOWS\system32\DRIVERS\wADV09nt.sys [2004-08-03 11871] S3 iAimTV0;iAimTV0; C:\WINDOWS\system32\DRIVERS\wATV01nt.sys [2004-08-03 29311] S3 iAimTV1;iAimTV1; C:\WINDOWS\system32\DRIVERS\wATV02NT.sys [2004-08-03 19551] S3 iAimTV3;iAimTV3; C:\WINDOWS\system32\DRIVERS\wATV04nt.sys [2004-08-03 33599] S3 iAimTV4;iAimTV4; C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys [2004-08-03 23615] S3 iAimTV5;iAimTV5; C:\WINDOWS\system32\DRIVERS\wATV10nt.sys [2004-08-03 25471] S3 iAimTV6;iAimTV6; C:\WINDOWS\system32\DRIVERS\wATV06nt.sys [2004-08-03 22271] S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [] S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys [] S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 adpu320;adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [2002-05-08 105472] S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504] S4 Symmpi;Symmpi; C:\WINDOWS\system32\DRIVERS\symmpi.sys [2002-04-04 28416] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712] R2 ASChannel;Lokaler Verbindungskanal; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 atchksrv;Intel(R) AMT System Status Service; C:\Programme\Intel\AMT\atchksrv.exe [2007-01-10 183112] R2 Bonjour Service;Bonjour-Dienst; C:\Programme\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 hpqwmiex;hpqwmiex; C:\Programme\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168] R2 IFXSpMgtSrv;Security Platform Management Service; C:\WINDOWS\system32\IFXSPMGT.exe [2006-04-24 516096] R2 IFXTCS;Trusted Platform Core Service; C:\WINDOWS\system32\IFXTCS.exe [2006-04-07 745472] R2 IviRegMgr;IviRegMgr; C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152] R2 LMS;Intel(R) Active Management Technology LMS Service; C:\Programme\Intel\AMT\LMS.exe [2006-12-06 98304] R2 MDM;Machine Debug Manager; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 ntrtscan;Trend Micro Client/Server Security Agent Echtzeitsuche; C:\Programme\Trend Micro\OfficeScan Client\ntrtscan.exe [2007-04-27 603856] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-05-27 143426] R2 OfcPfwSvc;Trend Micro Client/Server Security Agent Personal Firewall; C:\Programme\Trend Micro\OfficeScan Client\OfcPfwSvc.exe [2007-04-27 282704] R2 pdfcDispatcher;PDF Document Manager; C:\Programme\PDF Complete\pdfsvc.exe [2007-08-07 540184] R2 PersonalSecureDriveService;Personal Secure Drive Service; C:\Programme\ProtectTools\Embedded Security Software\PSDsrvc.EXE [2006-04-07 94208] R2 tmlisten;Trend Micro Client/Server Security Agent Listener; C:\Programme\Trend Micro\OfficeScan Client\tmlisten.exe [2007-04-27 685776] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-05 655624] R3 iPod Service;iPod-Dienst; C:\Programme\iPod\bin\iPodService.exe [2010-01-22 545576] S2 gupdate;Google Update Service (gupdate); C:\Programme\Google\Update\GoogleUpdate.exe [2010-01-06 135664] S2 gusvc;Google Software Updater; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-27 183280] S3 Adobe LM Service;Adobe LM Service; C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-11-13 72704] S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2009-07-15 288112] S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe [2007-11-13 77944] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Programme\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PCA;PC Angel; C:\WINDOWS\SMINST\PCAngel.exe [2006-06-13 364544] S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576] S4 NetTcpPortSharing;Net.Tcp-Portfreigabedienst; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 SQLWriter;SQL Server VSS Writer; c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968] -----------------EOF----------------- |
09.02.2010, 22:28 | #3 |
| IE8 - Popups nach install von "Keygen.Exterminate.It!.1.68.02.03.45057.exe" info.txt:
__________________info.txt logfile of random's system information tool 1.06 2010-02-09 22:11:42 ======Uninstall list====== -->C:\Programme\InstallShield Installation Information\{69333A04-5134-40A5-A055-9166A7AA1EC8}\setup.exe -runfromtemp -l0x0009 -removeonly -->C:\Programme\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNRecode.exe /UNINSTALL -->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095} -->MsiExec.exe /I{84A3E3C0-DD04-4309-ACFC-F7FC2C7D31FC} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf ABBYY PDF Transformer 2.0-->MsiExec.exe /I{FA200000-0001-0000-0000-074957833700} ACDSee 7.0 PowerPack-->MsiExec.exe /I{7242785F-6E89-48C1-A29B-E589FCE30CD4} Acrobat.com-->msiexec /qb /x {C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B} Acrobat.com-->MsiExec.exe /I{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B} Adobe Acrobat 9 Pro - English, Français, Deutsch-->msiexec /I {AC76BA86-1033-F400-7760-000000000004} Adobe After Effects CS4 Presets-->MsiExec.exe /I{44E240EC-2224-4078-A88B-2CEE0D3016EF} Adobe After Effects CS4 Third Party Content-->MsiExec.exe /I{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E} Adobe After Effects CS4-->MsiExec.exe /I{45EC816C-0771-4C14-AE6D-72D1B578F4C8} Adobe AIR-->c:\Programme\Gemeinsame Dateien\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8} Adobe Asset Services CS4-->MsiExec.exe /I{B9F4561A-924D-4510-A85A-BB0960C338CB} Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103} Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0} Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191} Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02} Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1} Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F} Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A} Adobe Color Video Profiles AE CS4-->MsiExec.exe /I{B15381DD-FF97-4FCD-A881-ED4DB0975500} Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D} Adobe Contribute CS4-->MsiExec.exe /I{A6EC82A0-1414-475D-8AFD-469089F3080D} Adobe Creative Suite 4 Master Collection-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\b2d6abde968e6f277ddbfd501383e02\Setup.exe --uninstall=1 Adobe Creative Suite 4 Master Collection-->MsiExec.exe /I{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C} Adobe CS4 American English Speech Analysis Models-->MsiExec.exe /I{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8} Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF} Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683} Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A} Adobe Dreamweaver CS4-->MsiExec.exe /I{30C8AA56-4088-426F-91D1-0EDFD3A25678} Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C} Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D} Adobe Encore CS4 Codecs-->MsiExec.exe /I{FB2A5FCC-B81B-48C2-A009-7804694D83E9} Adobe Encore CS4-->MsiExec.exe /I{5EAD5443-7194-46CC-A055-428E6ABB1BAF} Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5} Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972} Adobe Fireworks CS4-->MsiExec.exe /I{428FDF9F-E010-4C4C-A8BB-156960AFCA1C} Adobe Flash CS4 Extension - Flash Lite STI others-->MsiExec.exe /I{47C6F987-685A-41AE-B092-E75B277AEE39} Adobe Flash CS4 STI-other-->MsiExec.exe /I{BD3374D3-C2E6-42B7-A80B-E850B6886246} Adobe Flash CS4-->MsiExec.exe /I{F6E99614-F042-4459-82B7-8B38B2601356} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794} Adobe Illustrator CS4-->MsiExec.exe /I{87532CAB-7932-4F84-8937-823337622807} Adobe InDesign CS4 Application Feature Set Files (Roman)-->MsiExec.exe /I{2BAF2B96-7560-48B4-87D4-10178DDBE217} Adobe InDesign CS4 Common Base Files-->MsiExec.exe /I{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C} Adobe InDesign CS4 Icon Handler-->MsiExec.exe /I{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1} Adobe InDesign CS4-->MsiExec.exe /I{1DCA3EAA-6EB5-4563-A970-EA14D75037BA} Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67} Adobe Media Encoder CS4 Additional Exporter-->MsiExec.exe /I{BE9CEAAA-F069-4331-BF2F-8D350F6504F4} Adobe Media Encoder CS4 Dolby-->MsiExec.exe /I{EE353798-E875-42E0-B58D-7E6696182EA8} Adobe Media Encoder CS4 Exporter-->MsiExec.exe /I{561968FD-56A1-49FD-9ED0-F55482C7C5BC} Adobe Media Encoder CS4 Importer-->MsiExec.exe /I{8186FF34-D389-4B7E-9A2F-C197585BCFBD} Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E} Adobe Media Player-->MsiExec.exe /X{95264530-5A22-8E7E-FE9D-D63A927BCAEA} Adobe MotionPicture Color Files CS4-->MsiExec.exe /I{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15} Adobe OnLocation CS4-->MsiExec.exe /I{7406DF60-016D-476B-A2C7-55D997592047} Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A} Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353} Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD} Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494} Adobe Premiere Pro CS4 Functional Content-->MsiExec.exe /I{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7} Adobe Premiere Pro CS4 Third Party Content-->MsiExec.exe /I{C938BE91-3BB5-4B84-9EF6-88F0505D0038} Adobe Premiere Pro CS4-->MsiExec.exe /I{D499F8DE-3F31-4900-9157-61061613704B} Adobe Reader 8.1.1 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81000000003} Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA} Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7} Adobe Setup-->MsiExec.exe /I{E8EE9410-8AC4-4F43-A626-DDECA75C79F3} Adobe SGM CS4-->MsiExec.exe /I{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B} Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe" Adobe SING CS4-->MsiExec.exe /I{4A52555C-032A-4083-BDD9-6A85ABFB39A8} Adobe Soundbooth CS4 Codecs-->MsiExec.exe /I{52232EF4-CC12-4C21-ABCF-ADB79618302D} Adobe Soundbooth CS4-->MsiExec.exe /I{14F70205-1940-4000-88C7-BE799A6B2CAD} Adobe Stock Photos 1.0-->MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A} Adobe SVG Viewer 3.0-->C:\Programme\Gemeinsame Dateien\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Programme\Gemeinsame Dateien\Adobe\SVG Viewer 3.0\Uninstall\Install.log Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230} Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755} Adobe Version Cue CS4 Server-->MsiExec.exe /I{1B7C06E1-4888-47A6-992A-0990B9683486} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF} Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739} AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4} AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4} Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143} Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} AutoCAD 2007 - Deutsch-->MsiExec.exe /I{5783F2D7-5001-0407-0002-0060B0CE6BBA} Autodesk DWF Viewer-->C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove /q0 AXIS Media Control Embedded-->C:\Programme\Axis Communications\AXIS Media Control Embedded\setup.exe setup.rem remove Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} Brother MFL-Pro Suite-->"C:\Programme\InstallShield Installation Information\{C83FB11D-9EC6-49D7-99A7-DDDB2264883C}\Setup.exe" -runfromtemp -l0x0007 Brunin03.dll -removeonly CCleaner-->"C:\Programme\CCleaner\uninst.exe" CloneCD-->"C:\Programme\Elaborate Bytes\CloneCD\ccd-uninst.exe" /D="C:\Programme\Elaborate Bytes\CloneCD" Compatibility Pack für 2007 Office System-->MsiExec.exe /X{90120000-0020-0407-0000-0000000FF1CE} Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D} Corel Graphics Suite 11-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015} DHL Paketmarken Ausfüllhilfe 2.3-->C:\WINDOWS\unvise32.exe C:\Programme\DHL Paketmarken Ausfüllhilfe 2.3\uninstal.log Exterminate It!-->C:\Programme\Exterminate It!\ExterminateIt_Uninst.exe Firebird SQL Server - MAGIX Edition-->C:\Programme\MAGIX\Common\Database\unwise.exe Free Download Manager 2.5-->"C:\Programme\Free Download Manager\unins000.exe" go1984 Desktop Client, Version 3.8.0.2-->"C:\Programme\go1984 Desktop Client\unins000.exe" Google Earth-->MsiExec.exe /X{2EAF7E61-068E-11DF-953C-005056806466} Google Toolbar for Internet Explorer-->"C:\Programme\Google\Google Toolbar\Component\GoogleToolbarManager_E85CDE7661A53A6A.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Updater-->"C:\Programme\Google\Google Updater\GoogleUpdater.exe" -uninstall HijackThis 2.0.2-->"C:\Dokumente und Einstellungen\sie\Lokale Einstellungen\Temp\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840} Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hotfix für Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Hotfix für Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Hotfix für Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Hotfix für Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" HP Backup and Recovery Manager-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}\setup.exe" -l0x7 -uninst -removeonly HP BIOS Configuration for ProtectTools 2.00 J2-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{AE052EF7-2640-48D7-8915-69B810D975CB}\Setup.Exe" -l0x7 biosuninst HP Credential Manager for ProtectTools-->MsiExec.exe /X{D173E50C-D87F-40A1-BFB2-FFEA51F92CB1} HP Embedded Security for ProtectTools-->MsiExec.exe /I{2BB2B8D4-5753-45C8-8073-765AFAF053BC} HP Help and Support-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\SETUP.exe" -l0x7 -removeonly HP ProtectTools Security Manager 2.00 D3-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{914E1AB1-DCA0-4A7D-935F-B58C4B887A2B}\SETUP.exe" -l0x7 -removeonly hpquninst Intel(R) Active Management Technology LMS Service and SOL Driver-->C:\WINDOWS\system32\mesoludlg.exe -uninstall Intel(R) Management Engine Interface-->C:\WINDOWS\system32\heciudlg.exe -uninstall Intel(R) PRO Network Connections-->MsiExec.exe /I{111A3D14-7596-43B0-92BA-418435C90672} InterVideo WinDVD-->"C:\Programme\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL iTunes-->MsiExec.exe /I{F439D7AF-03F3-4F8E-AEC4-571BFE977C61} Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} KC Softwares VideoInspector-->"C:\Programme\KC Softwares\VideoInspector\unins000.exe" kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243} LiveReg (Symantec Corporation)-->C:\Programme\Gemeinsame Dateien\Symantec Shared\LiveReg\VcSetup.exe /REMOVE Macromedia Dreamweaver MX-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{8B4AB829-DFD3-436D-B808-D9733D76C590}\Setup.exe" -l0x7 mmUninstall Macromedia Extension Manager-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" -l0x7 mmUninstall Macromedia Flash MX-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}\Setup.exe" -l0x7 UNINSTALL MAGIX Music Maker for MySpace 15.0.1.8 (D)-->C:\Programme\MAGIX\MusicMaker15_for_MySpace\unwise.exe Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe" MediaInfo 0.7.27-->C:\Programme\MediaInfo\uninst.exe Microsoft .NET Framework 1.1 German Language Pack-->MsiExec.exe /X{E78BFA60-5393-4C38-82AB-E8019E464EB4} Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU-->MsiExec.exe /I{C314CE45-3392-3B73-B4E1-139CD41CA933} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 German Language Pack-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 German Language Pack\setup.exe Microsoft .NET Framework 3.0 German Language Pack-->MsiExec.exe /X{F2A7F421-1679-48D5-B918-96999014ED53} Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU-->MsiExec.exe /I{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Office 2003 Web Components-->MsiExec.exe /I{90A40407-6000-11D3-8CFE-0150048383C9} Microsoft Office Professional Edition 2003-->MsiExec.exe /I{91110407-6000-11D3-8CFE-0150048383C9} Microsoft SQL Server Native Client-->MsiExec.exe /I{1D1D8ADC-BF08-4E61-9393-5FA305B16864} Microsoft SQL Server VSS Writer-->MsiExec.exe /I{5C759B74-34F4-43C6-A5D9-039CB754C5E9} Mindjet MindManager Pro 7-->MsiExec.exe /I{3CDFEE23-66D2-4DB0-8269-12634E871725} MobileMe Control Panel-->MsiExec.exe /I{3AC54383-31D1-4907-961B-B12CBB1D0AE8} Mozilla Firefox (3.5.7)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{C4A230B7-518F-4224-A5A3-27F06CC57111} MySQL Connector/ODBC 3.51-->MsiExec.exe /I{88164D59-4FFD-4874-93BC-5E001A7938F3} Nero 7 Premium-->MsiExec.exe /I{70AB1576-7883-2313-C650-7A71270B1031} Nero BurnRights-->C:\WINDOWS\UNNeroBurnRights.exe /UNINSTALL NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI O&O DiskRecovery-->MsiExec.exe /X{53480070-8E5F-4678-B8E0-2525A719DD39} O&O SafeErase-->MsiExec.exe /I{53480280-DE8B-445F-9676-FAE6293E06E5} PaperPort Image Printer-->MsiExec.exe /X{332CC6BF-E6C7-48EE-BA3D-435E576AD67F} PDF Complete-->C:\Programme\PDF Complete\pdfiutil.exe /UGUI PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9} PDF-XChange 3.0-->"C:\Programme\Mindjet\MindManager 7\PDF-XChange\unins000.exe" Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8} Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9} QuarkXPress 7.0-->MsiExec.exe /I{A38048C6-89D1-44EC-BC95-E95DD4A19B5E} QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2} RealPlayer-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0 Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.exe" -l0x7 -removeonly Safari-->MsiExec.exe /I{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90} ScanSoft PaperPort 11-->MsiExec.exe /I{B6C89654-A6A2-477C-873B-724EC1C56407} SDMSSplash-->MsiExec.exe /X{4B92A11C-F48F-430A-AB8D-3F7CA80669CD} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Sicherheitsupdate für Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434} Total Commander (Remove or Repair)-->C:\Programme\TotalCommander\totalcmd\tcuninst.exe Trend Micro Client/Server Security Agent-->"C:\Programme\Trend Micro\OfficeScan Client\ntrmv.exe" TYPO3Winstaller - TYPO3 4.1.5-->C:\Programme\TYPO3_4.1.5\Uninstall.exe UltraMon-->MsiExec.exe /I{A3F43B68-254E-4D88-A577-334F458D7702} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update für Windows Internet Explorer 8 (KB969497)-->"C:\WINDOWS\ie8updates\KB969497-IE8\spuninst\spuninst.exe" Update für Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe" Update für Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Update für Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Update für Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Update für Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Update für Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Update für Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Update für Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Update für Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Update für Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Vivaldi Plus Via Web (German Version)-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{7477335F-48F4-4CA2-88A0-F51E050E065A}\Setup.exe" -l0x7 VLC media player 1.0.5-->C:\Programme\VideoLAN\VLC\uninstall.exe Wichtiges Update für Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Media Format 11 runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Player 11-->"C:\Programme\Windows Media Player\Setup_wm.exe" /Uninstall Windows Presentation Foundation Language Pack (DEU)-->MsiExec.exe /X{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790} Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" Winpopup LAN Messenger 4.8-->"C:\Programme\Winpopup LAN Messenger\unins000.exe" WinRAR-->C:\Programme\WinRAR 3.90\uninstall.exe WinZip-->"C:\Programme\WinZip\WINZIP32.EXE" /uninstall YOU DON'T KNOW JACK®-->C:\PROGRA~1\YDKJ\Uninst.exe ======Hosts File====== 127.0.0.1 activate.adobe.com ======Security center information====== AV: Trend Micro Client/Server Security Agent Virenschutz FW: Trend Micro Client-Server Security Agent Firewall (disabled) ======System event log====== Computer Name: XP7700 Event Code: 7036 Message: Dienst "Windows-Bilderfassung (WIA)" befindet sich jetzt im Status "Ausgeführt". Record Number: 35965 Source Name: Service Control Manager Time Written: 20091120032726.000000+060 Event Type: Informationen User: Computer Name: XP7700 Event Code: 7036 Message: Dienst "Windows-Bilderfassung (WIA)" befindet sich jetzt im Status "Ausgeführt". Record Number: 35964 Source Name: Service Control Manager Time Written: 20091120032517.000000+060 Event Type: Informationen User: Computer Name: XP7700 Event Code: 7036 Message: Dienst "IMAPI-CD-Brenn-COM-Dienste" befindet sich jetzt im Status "Beendet". Record Number: 35963 Source Name: Service Control Manager Time Written: 20091120032322.000000+060 Event Type: Informationen User: Computer Name: XP7700 Event Code: 7036 Message: Dienst "IMAPI-CD-Brenn-COM-Dienste" befindet sich jetzt im Status "Ausgeführt". Record Number: 35962 Source Name: Service Control Manager Time Written: 20091120032311.000000+060 Event Type: Informationen User: Computer Name: XP7700 Event Code: 7035 Message: Der Steuerbefehl "starten" wurde erfolgreich an den Dienst "IMAPI-CD-Brenn-COM-Dienste" gesendet. Record Number: 35961 Source Name: Service Control Manager Time Written: 20091120032311.000000+060 Event Type: Informationen User: NT-AUTORITÄT\SYSTEM =====Application event log===== Computer Name: XP7700 Event Code: 1704 Message: Die Sicherheitsrichtlinie in den Gruppenrichtlinienobjekten wurde erfolgreich angewendet. Record Number: 5644 Source Name: SceCli Time Written: 20090211103401.000000+060 Event Type: Informationen User: Computer Name: XP7700 Event Code: 1800 Message: Der Windows-Sicherheitscenterdienst wurde gestartet. Record Number: 5643 Source Name: SecurityCenter Time Written: 20090211103347.000000+060 Event Type: Informationen User: Computer Name: XP7700 Event Code: 0 Message: Record Number: 5642 Source Name: pdfcDispatcher Time Written: 20090211103345.000000+060 Event Type: Informationen User: Computer Name: XP7700 Event Code: 1 Message: Record Number: 5641 Source Name: Bonjour Service Time Written: 20090211103344.000000+060 Event Type: Informationen User: Computer Name: XP7700 Event Code: 0 Message: LMS Service connected to HECI driver Record Number: 5640 Source Name: LMS Time Written: 20090211103344.000000+060 Event Type: Informationen User: NT-AUTORITÄT\SYSTEM ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\Intel\DMIX;C:\Programme\HPQ\IAM\bin;C:\Programme\QuickTime\QTSys tem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 2, GenuineIntel "PROCESSOR_REVISION"=0f02 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Programme\Java\jre1.6.0_05\lib\ext\QTJava.zip "QTJAVA"=C:\Programme\Java\jre1.6.0_05\lib\ext\QTJava.zip -----------------EOF----------------- Freue mich auf Euer Feedack! LG S. |
11.02.2010, 14:53 | #4 | ||
/// Helfer-Team | IE8 - Popups nach install von "Keygen.Exterminate.It!.1.68.02.03.45057.exe" Dann ziehe ich mir mal mit einem gewissen Grinsen den Schuh an, dir mitzuteilen, dass es für die Benutzung von Keygens und Cracks sowie die daraus herrührenden Folgen hier keinen Support gibt, wie es übrigens im seriösen Teil des Internets überall ist. Entweder Du fummelst es dir so zurecht oder Du formatierst und installierst neu. In diesem Fall halte ich das hier für gefährlich: Zitat:
Zitat:
|
Themen zu IE8 - Popups nach install von "Keygen.Exterminate.It!.1.68.02.03.45057.exe" |
.dll, anleitung, anti-malware, ccleaner, dateien, einstellungen, explorer, exterminate, fehler, install, logfiles, malware.trace, malwarebytes, microsoft, msa.exe, nicht mehr, pdf, popups, prüfen, registrierungsschlüssel, relevant knowledge, rogue.multiple, schnell, sicherheit, sshnas21.dll, system, system32, tool, trojan.agent, trojan.downloader, trojan.fakealert, version, {66ba574b-1e11-49b8-909c-8cc9e0e8e015}.job |