| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows Update und Windows Gadgets durch Virus blockiertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.09.2010, 11:16
| #1 |
 |  Windows Update und Windows Gadgets durch Virus blockiert Hallo zusammen, es ist zwar Sonntag, aber ich muss euch leider mit meinen "wehwehchen" nerven. Ich hatte gestern einen Fraud.sysguard infekt, den ich durch Malewarebythes, Spybot und Antivir gelöscht habe (hoffe ich zmd). Smitfraudfix und cc cleaner sind auch schon drüber gelaufen. Seitdiesem Infekt funktioniert mein Radiogadget bei den Windwos-Minianwendungen nicht mehr, Windows Update zeigt mit eine tolle Fehlermeldung und Antivir sowie auch andere automatische Updatesachen haben keine Verbindung zum Internet. Weiß jemand woran das liegt ? Habe das gefühl, dass sich da nochmehr eingenistet hat, allerdings finden meine Programme nichts mehr. Bitte um Hilfe =) in diesem Sinne : schönes wochenende >windows 7 32-bit home premium __________________________________ HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:54:48, on 12.09.2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe D:\Programme\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe C:\Windows\System32\Ctxfihlp.exe D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe D:\Programme\RocketDock\RocketDock.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Programme\Logitech\SetPoint\SetPoint.exe F:\Logitech\G15\NM Monitor\nmmonitor.exe D:\Programme\RivaTuner\RivaTuner.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Users\Marko\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUMonitor.gadget\GPUMonitor.exe C:\Windows\SYSTEM32\CTXFISPI.EXE D:\Programme\Mozilla Firefox\firefox.exe D:\Programme\Mozilla Firefox\plugin-container.exe C:\Windows\system32\SearchFilterHost.exe F:\Spybot\HiJackThis204.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6092 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Programme\Real\rpbrowserrecordplugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll O4 - HKLM\..\Run: [avgnt] "D:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe" O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKLM\..\Run: [RivaTuner] "D:\Programme\RivaTuner\RivaTunerWrapper.exe" /T O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "D:\Programme\RivaTuner\RivaTunerWrapper.exe" /S O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\MP3SurroundDecode.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\MP3SurroundDecode.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer O4 - HKCU\..\Run: [RocketDock] "D:\Programme\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user') O4 - Startup: nmmonitor.exe - Verknüpfung.lnk = F:\Logitech\G15\NM Monitor\nmmonitor.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Marko\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{AC144823-F474-49DE-991A-FB2148ECCBA1}: NameServer = 192.168.2.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{AC144823-F474-49DE-991A-FB2148ECCBA1}: NameServer = 192.168.2.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{AC144823-F474-49DE-991A-FB2148ECCBA1}: NameServer = 192.168.2.1 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\avmailc.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Programme\Hamachi\hamachi-2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: MBAMService - Malwarebytes Corporation - D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - D:\Programme\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- End of file - 14787 bytes |
|
13.09.2010, 07:00
| #2 | ||
| /// Helfer-Team    |  Windows Update und Windows Gadgets durch Virus blockiert Hallo und Herzlich Willkommen!
__________________ Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]: Zitat:
Code:
ATTFilter Antivir
Malwarebytes
- Lade dir RSIT - http://filepony.de/download-rsit/: - an einen Ort deiner Wahl und führe die rsit.exe aus - wird "Hijackthis" auch von RSIT installiert und ausgeführt - RSIT erstellt 2 Logfiles (C:\rsit\log.txt und C:\rsit\info.txt) mit erweiterten Infos von deinem System - diese beide bitte komplett hier posten 2. Bitte Versteckte - und Systemdateien sichtbar machen den Link hier anklicken: System-Dateien und -Ordner unter XP und Vista sichtbar machen Am Ende unserer Arbeit, kannst wieder rückgängig machen! 3. → Lade Dir HJTscanlist.zip herunter → entpacke die Datei auf deinem Desktop → Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren → per Doppelklick starten → Wähle dein Betriebsystem aus - Vista → Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen → Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren → Bitte kopiere den Inhalt hier in Deinen Thread. 4. Ich würde gerne noch all deine installierten Programme sehen: Lade dir das Tool "Ccleaner" herunter installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..." wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein 5. läuft unter XP, Vista mit (32Bit) und Windows 7 (32Bit) Achtung!: WENN GMER NICHT AUSGEFÜHRT WERDEN KANN ODER PROBMLEME VERURSACHT, fahre mit dem nächsten Punkt fort!- Es ist NICHT sinnvoll einen zweiten Versuch zu starten! Um einen tieferen Einblick in dein System, um eine mögliche Infektion mit einem Rootkit/Info v.wikipedia.org) aufzuspüren, werden wir ein Tool - Gmer - einsetzen :
** keine Verbindung zu einem Netzwerk und Internet - WLAN nicht vergessen Wenn der Scan beendet ist, bitte alle Programme und Tools wieder aktivieren! 6. läuft unter XP, Vista mit (32Bit) und Windows 7 (32Bit) Lade und installiere das Tool RootRepeal herunter
Zitat:
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw grußCoverflow |
|
14.09.2010, 16:12
| #3 |
| | Windows Update und Windows Gadgets durch Virus blockiert Hi,
__________________danke für deine ausführliche Hilfe !! hier die Logfiles etc... Malewarebytes Logfile Code:
ATTFilter Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4613
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
14.09.2010 16:45:30
mbam-log-2010-09-14 (16-45-30).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 151104
Laufzeit: 5 Minute(n), 8 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
|
|
14.09.2010, 16:13
| #4 |
| | Windows Update und Windows Gadgets durch Virus blockiert RSIT info.txt Code:
ATTFilter logfile of random's system information tool 1.08 2010-09-14 16:41:16
======Uninstall list======
-->C:\ProgramData\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x7 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x7 /remove
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
3DMark06-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -l0x9 -removeonly
7-Zip 4.62-->"D:\Programme\7-Zip\Uninstall.exe"
Acrobat.com-->msiexec /qb /x {C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}
Acrobat.com-->MsiExec.exe /I{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}
Adobe Acrobat 9 Pro - English, Français, Deutsch-->msiexec /I {AC76BA86-1033-F400-7760-000000000004}
Adobe After Effects CS4 Presets-->MsiExec.exe /I{44E240EC-2224-4078-A88B-2CEE0D3016EF}
Adobe After Effects CS4 Third Party Content-->MsiExec.exe /I{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}
Adobe After Effects CS4-->MsiExec.exe /I{45EC816C-0771-4C14-AE6D-72D1B578F4C8}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Asset Services CS4-->MsiExec.exe /I{B9F4561A-924D-4510-A85A-BB0960C338CB}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}
Adobe Color Video Profiles AE CS4-->MsiExec.exe /I{B15381DD-FF97-4FCD-A881-ED4DB0975500}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe Contribute CS4-->MsiExec.exe /I{A6EC82A0-1414-475D-8AFD-469089F3080D}
Adobe Creative Suite 4 Master Collection-->C:\Program Files\Common Files\Adobe\Installers\b2d6abde968e6f277ddbfd501383e02\Setup.exe --uninstall=1
Adobe Creative Suite 4 Master Collection-->MsiExec.exe /I{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}
Adobe CS4 American English Speech Analysis Models-->MsiExec.exe /I{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Dreamweaver CS4-->MsiExec.exe /I{30C8AA56-4088-426F-91D1-0EDFD3A25678}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
Adobe Encore CS4 Codecs-->MsiExec.exe /I{FB2A5FCC-B81B-48C2-A009-7804694D83E9}
Adobe Encore CS4-->MsiExec.exe /I{5EAD5443-7194-46CC-A055-428E6ABB1BAF}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Fireworks CS4-->MsiExec.exe /I{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}
Adobe Flash CS4 Extension - Flash Lite STI en-->MsiExec.exe /I{793D1D88-6141-43DE-BE58-59BCE31B4090}
Adobe Flash CS4 STI-en-->MsiExec.exe /I{2168245A-B5AD-40D8-A641-48E3E070B5B6}
Adobe Flash CS4-->MsiExec.exe /I{F6E99614-F042-4459-82B7-8B38B2601356}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Illustrator CS4-->MsiExec.exe /I{87532CAB-7932-4F84-8937-823337622807}
Adobe InDesign CS4 Application Feature Set Files (Roman)-->MsiExec.exe /I{2BAF2B96-7560-48B4-87D4-10178DDBE217}
Adobe InDesign CS4 Common Base Files-->MsiExec.exe /I{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}
Adobe InDesign CS4 Icon Handler-->MsiExec.exe /I{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}
Adobe InDesign CS4-->MsiExec.exe /I{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Encoder CS4 Additional Exporter-->MsiExec.exe /I{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}
Adobe Media Encoder CS4 Dolby-->MsiExec.exe /I{EE353798-E875-42E0-B58D-7E6696182EA8}
Adobe Media Encoder CS4 Exporter-->MsiExec.exe /I{561968FD-56A1-49FD-9ED0-F55482C7C5BC}
Adobe Media Encoder CS4 Importer-->MsiExec.exe /I{8186FF34-D389-4B7E-9A2F-C197585BCFBD}
Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe MotionPicture Color Files CS4-->MsiExec.exe /I{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}
Adobe OnLocation CS4-->MsiExec.exe /I{7406DF60-016D-476B-A2C7-55D997592047}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Premiere Pro CS4 Functional Content-->MsiExec.exe /I{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}
Adobe Premiere Pro CS4 Third Party Content-->MsiExec.exe /I{C938BE91-3BB5-4B84-9EF6-88F0505D0038}
Adobe Premiere Pro CS4-->MsiExec.exe /I{D499F8DE-3F31-4900-9157-61061613704B}
Adobe Reader 9 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A90000000001}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}
Adobe SGM CS4-->MsiExec.exe /I{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}
Adobe SING CS4-->MsiExec.exe /I{4A52555C-032A-4083-BDD9-6A85ABFB39A8}
Adobe Soundbooth CS4 Codecs-->MsiExec.exe /I{52232EF4-CC12-4C21-ABCF-ADB79618302D}
Adobe Soundbooth CS4-->MsiExec.exe /I{14F70205-1940-4000-88C7-BE799A6B2CAD}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe Version Cue CS4 Server-->MsiExec.exe /I{1B7C06E1-4888-47A6-992A-0990B9683486}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D}
Age of Empires III-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}
Apple Application Support-->MsiExec.exe /I{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}
Apple Mobile Device Support-->MsiExec.exe /I{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}
Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}
Avira AntiVir Premium-->D:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE
Battlefield 2(TM)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x7 -removeonly
Bonjour-->MsiExec.exe /X{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}
CameraHelperMsi-->MsiExec.exe /I{15634701-BACE-4449-8B25-1567DA8C9FD3}
Canon IJ Network Scan Utility-->"C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSU.exe" /UninstallRemove C:\Program Files\Canon\Canon IJ Network Scan Utility\uninst.ini
Canon IJ Network Tool-->C:\Program Files\Canon\Canon IJ Network Tool\CNMNUU.exe
Canon Kurzwahlprogramm-->"C:\Program Files\Canon\Speed Dial Utility\uninst.exe" /UninstallRemove C:\Program Files\Canon\Speed Dial Utility\uninst.ini
Canon MP Navigator EX 3.1-->"C:\Program Files\Canon\MP Navigator EX 3.1\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 3.1\uninst.ini
Canon MX340 series Benutzerregistrierung-->C:\Program Files\Canon\IJEREG\MX340 series\UNINST.EXE
Canon MX340 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series /L0x0007
Canon Utilities Easy-PhotoPrint EX-->D:\Programme\Canon\Easy-PhotoPrint EX\uninst.exe Uninst.ini uinstrsc.dll
Canon Utilities My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini uinstrsc.dll
CCleaner-->"D:\Programme\CCleaner\uninst.exe"
CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
C-Media USB2.0 Card Reader-->C:\Windows\CmiUCRUninstall.exe C:\Program Files\C-Media USB2.0 Card Reader
Command & Conquer 3-->MsiExec.exe /I{B0C30E93-D3D9-4F04-A2AC-54749B573275}
Command & Conquer™ 3: Kanes Rache-->MsiExec.exe /I{CC2422C9-F7B5-4175-B295-5EC2283AA674}
Command & Conquer™ 4 Tiberian Twilight-->MsiExec.exe /X{82696435-8572-4D8B-A230-D1AA567D0F0F}
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
Counter-Strike 1.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13B792AA-C078-43A4-8A3A-8B12D629940D}\Setup.exe" -l0x19
Creative ALchemy-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x7 /remove
Creative Audio-Systemsteuerung-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x7 /remove
Creative Konsole Starter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x7 /remove
Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x7 /remove
Crysis WARHEAD(R) Patch-->"C:\ProgramData\{7451F7D5-591C-4490-8D3B-C73A69A0E782}\setup.exe" REMOVE=TRUE MODIFY=FALSE
Crysis WARHEAD(R) Patch-->C:\ProgramData\{7451F7D5-591C-4490-8D3B-C73A69A0E782}\setup.exe
Crysis WARHEAD(R)-->"C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe" REMOVE=TRUE MODIFY=FALSE
Crysis WARHEAD(R)-->C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
Crysis(R)-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
CyberLink BD Advisor 2.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}\Setup.exe" -uninstall
CyberLink Blu-ray Disc Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink Blu-ray Disc Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall
CyberLink MediaShow-->"C:\Program Files\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\Setup.exe" /z-uninstall
CyberLink MediaShow-->"C:\Program Files\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink PowerDVD-->"C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
CyberLink PowerProducer-->"C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" /z-uninstall
CyberLink PowerProducer-->"C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" /z-uninstall
CyberLink UDF Reader 5.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{22D90DD2-8654-4E8A-B2F1-B6B86A2BF390}\Setup.exe" -uninstall
DivX Converter-->C:\ProgramData\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER
DivX Plus DirectShow Filters-->C:\ProgramData\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe /DSFILTERS
DivX-Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
DolbyFiles-->MsiExec.exe /X{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}
Easy Tune 6 B09.1120.1-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{457D7505-D665-4F95-91C3-ECB8C56E9ACA}
Eigenschaften von Creative Sound Blaster-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x7 /remove
erLT-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x0007 -removeonly
Fraps (remove only)-->"D:\Programme\Fraps\uninstall.exe"
Free Audio CD Burner version 1.4-->"C:\Program Files\DVDVideoSoft\Free Audio CD Burner\unins000.exe"
Free YouTube to MP3 Converter version 3.7-->"D:\Programme\Free YouTube to MP3 Converter\unins000.exe"
Grand Theft Auto IV-->"C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0007 -removeonly
Großer ADAC ReisePlaner 2008/2009-->"C:\Program Files\InstallShield Installation Information\{9A1D26C2-DC3A-4207-82B3-2983693869D1}\setup.exe" -runfromtemp -l0x0007 -removeonly
ICQ 7.2 Build #3129 Banner Remover 1.0-->"D:\Programme\ICQ-Banner-Remover\unins000.exe"
ICQ7.2-->"C:\Program Files\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
iPhone Explorer-->"D:\Programme\iPhone Explorer\unins000.exe"
iTunes-->MsiExec.exe /I{350FB27C-CF62-4EF3-AF9D-70FF313FE221}
James Cameron's AVATAR(tm): DAS SPIEL-->"C:\Program Files\InstallShield Installation Information\{7E19B002-4CA3-4C9F-BA92-91D101B97219}\setup.exe" -runfromtemp -l0x0007 -removeonly
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
LexiROM 2.0-->"D:\Programme\Microsoft Nachschlagewerke\LexiROM 2.0\Setup\setup.exe"
LG Tool Kit-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\Setup.exe"
LightScribe System Software-->MsiExec.exe /X{CC8E94A2-55C7-4460-953C-2A790180578C}
Logitech GamePanel Software 3.06.109-->MsiExec.exe /X{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}
Logitech SetPoint-->"C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l0x0007 -removeonly
Logitech Webcam Software-->"C:\Program Files\Common Files\LogiShrd\Installer\{D40EB009-0499-459c-A8AF-C9C110766215}\setup.exe" /lang=DEU /guid="{D40EB009-0499-459c-A8AF-C9C110766215}"
Logitech Webcam Software-Treiberpaket-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\12.10.1110\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=200 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_12.10" /clone_wait /hide_progress
LogMeIn Hamachi-->C:\Windows\system32\\msiexec.exe /i {8A74DEFD-A224-49CC-AB80-4E88BC730125} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{8A74DEFD-A224-49CC-AB80-4E88BC730125}
LWS Facebook-->MsiExec.exe /I{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}
LWS Gallery-->MsiExec.exe /I{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}
LWS Help_main-->MsiExec.exe /I{1651216E-E7AD-4250-92A1-FB8ED61391C9}
LWS Launcher-->MsiExec.exe /I{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}
LWS Motion Detection-->MsiExec.exe /I{71E66D3F-A009-44AB-8784-75E2819BA4BA}
LWS Pictures And Video-->MsiExec.exe /I{08610298-29AE-445B-B37D-EFBE05802967}
LWS Video Mask Maker-->MsiExec.exe /I{EED027B7-0DB6-404B-8F45-6DFEE34A0441}
LWS VideoEffects-->MsiExec.exe /I{138A4072-9E64-46BD-B5F9-DB2BB395391F}
LWS Webcam Software-->MsiExec.exe /I{8937D274-C281-42E4-8CDB-A0B2DF979189}
LWS WLM Plugin-->MsiExec.exe /I{9DAEA76B-E50F-4272-A595-0124E826553D}
LWS YouTube Plugin-->MsiExec.exe /I{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}
Malwarebytes' Anti-Malware-->"D:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
Menu Templates - Starter Kit-->MsiExec.exe /X{B78120A0-CF84-4366-A393-4D0A59BC546C}
Microsoft .NET Framework 4 Client Profile DEU Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1031 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile DEU Language Pack-->MsiExec.exe /X{F750C986-5310-3A5A-95F8-4EC71C8AC01C}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{8FB1B528-E260-451E-9B55-E9152F94B80B}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F97E3841-CA9D-4964-9D64-26066241D26F}
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Groove MUI (German) 2007-->MsiExec.exe /X{90120000-00BA-0407-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (German) 2007-->MsiExec.exe /X{90120000-0044-0407-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.5-->MsiExec.exe /I{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Rechner-Plus-->MsiExec.exe /I{437C19B3-7E20-4E39-B868-CA6BAA820E1C}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Movie Templates - Starter Kit-->MsiExec.exe /X{E498385E-1C51-459A-B45F-1721E37AA1A0}
Mozilla Firefox (3.6.8)-->D:\Programme\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Need For Speed SHIFT-->"E:\Spiele\Need For Speed SHIFT\Uninstall\unins000.exe"
Need for Speed™ SHIFT-->hex(2):4d,00,73,00,69,00,45,00,78,00,65,00,63,00,2e,00,65,00,78,00,65,00,20,00,2f,00,58,00,7b,00,42,00,42,00,46,00,30,00,41,00,36,00,37,00,42,00,2d,00,35,00,44,00,42,00,41,00,2d,00,34,00,35,00,32,00,46,00,2d,00,39,00,44,00,32,00,45,00,2d,00,36,00,46,00,31,00,36,00,38,00,42,00,43,00,32,00,32,00,36,00,45,00,34,00,7d,00,00,00
Nero 9 Trial-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="8M01-209M-AH6P-5UW0-WHAW-C53X-473X-79MH"
Nero BurnRights-->MsiExec.exe /X{7829DB6F-A066-4E40-8912-CB07887C20BB}
Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
Nero CoverDesigner-->MsiExec.exe /X{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}
Nero Disc Copy Gadget-->MsiExec.exe /X{F1861F30-3419-44DB-B2A1-C274825698B3}
Nero DiscSpeed-->MsiExec.exe /X{869200DB-287A-4DC0-B02B-2B6787FBCD4C}
Nero DriveSpeed-->MsiExec.exe /X{33CF58F5-48D8-4575-83D6-96F574E4D83A}
Nero InfoTool-->MsiExec.exe /X{FBCDFD61-7DCF-4E71-9226-873BA0053139}
Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
Nero PhotoSnap-->MsiExec.exe /X{9E82B934-9A25-445B-B8DF-8012808074AC}
Nero Recode-->MsiExec.exe /X{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}
Nero Rescue Agent-->MsiExec.exe /X{368BA326-73AD-4351-84ED-3C0A7A52CC53}
Nero ShowTime-->MsiExec.exe /X{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}
Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2}
Nero Vision-->MsiExec.exe /X{43E39830-1826-415D-8BAE-86845787B54B}
Nero WaveEditor-->MsiExec.exe /X{A209525B-3377-43F4-B886-32F6B6E7356F}
NeroBurningROM-->MsiExec.exe /X{D025A639-B9C9-417D-8531-208859000AF8}
NeroExpress-->MsiExec.exe /X{595A3116-40BB-4E0F-A2E8-D7951DA56270}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel
NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->"C:\Program Files\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -runfromtemp -l0x0407 -removeonly
NVIDIA ForceWare Network Access Manager-->MsiExec.exe /I{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
NVIDIA Performance-->"C:\Program Files\InstallShield Installation Information\{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}\setup.exe" -runfromtemp -l0x0407 -removeonly
NVIDIA Performance-->MsiExec.exe /I{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA System Monitor-->"C:\Program Files\InstallShield Installation Information\{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}\setup.exe" -runfromtemp -l0x0407 -removeonly
NVIDIA System Monitor-->MsiExec.exe /I{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}
NVIDIA System Update-->"C:\Program Files\InstallShield Installation Information\{65A92AAA-3D05-4C94-9F70-731C05E60C16}\setup.exe" -runfromtemp -l0x0407 -removeonly
NVIDIA System Update-->MsiExec.exe /I{65A92AAA-3D05-4C94-9F70-731C05E60C16}
OpenAL-->"C:\Program Files\OpenAL\OALInst.exe" /U
oZone3D.Net FurMark v1.7.0-->"D:\Programme\FurMark_v1.7.0\unins000.exe"
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
pdf24-->"D:\Programme\pdf24\unins000.exe"
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9}
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
QuickTime-->MsiExec.exe /I{EB900AF8-CC61-4E15-871B-98D1EA3E8025}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition-->"D:\Programme\RivaTuner\uninstall.exe"
Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0007 -removeonly
Security Update for 2007 Microsoft Office System (KB2277947)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5857EE21-03D0-482E-9620-5A30B314A2AE}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office Outlook 2007 (KB980376)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {48113C06-9BA2-4D54-A731-D1D2C5B3144A}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office Publisher 2007 (KB982124)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {289FA8BC-6A8E-4341-B194-EB26B49E9F5D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2251419)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7E9103DA-253F-41FF-9E83-7C83806C77DA}
SiSoftware Sandra Lite 2010-->"D:\Programme\SiSoftware\SiSoftware Sandra Lite 2010\unins000.exe"
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SoundTrax-->MsiExec.exe /X{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
SUPER © Version 2009.bld.36 (June 10, 2009)-->D:\PROGRA~1\SUPER\Setup.exe /remove /q0
Tom Clancy's Splinter Cell Conviction-->"C:\Program Files\InstallShield Installation Information\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}\setup.exe" -runfromtemp -l0x0007 -removeonly
TuneUp Utilities-->D:\Programme\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall
Ubisoft Game Launcher-->"C:\Program Files\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Outlook 2007 Junk Email Filter (kb2279264)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {01D475AB-57B1-44CC-8A8F-3A6B0FA4989F}
Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
Update für Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {F6828576-6F79-470D-AB50-69D1BBADBD30}
Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Virtual DJ - Atomix Productions-->D:\PROGRA~1\VIRTUA~3\UNWISE.EXE D:\PROGRA~1\VIRTUA~3\INSTALL.LOG
VLC media player 1.0.3-->D:\Programme\VLC\uninstall.exe
WD Diagnostics-->MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
Winamp-->"D:\Programme\Winamp\UninstWA.exe"
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}
Windows Live ID-Anmelde-Assistent-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR-->D:\Programme\WinRAR\uninstall.exe
WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}
======System event log======
Computer Name: Marko-Core2Quad
Event Code: 7036
Message: Dienst "Benutzerprofildienst" befindet sich jetzt im Status "Beendet".
Record Number: 93760
Source Name: Service Control Manager
Time Written: 20100523094637.220000-000
Event Type: Informationen
User:
Computer Name: Marko-Core2Quad
Event Code: 7036
Message: Dienst "IPsec-Richtlinien-Agent" befindet sich jetzt im Status "Beendet".
Record Number: 93759
Source Name: Service Control Manager
Time Written: 20100523094637.220000-000
Event Type: Informationen
User:
Computer Name: Marko-Core2Quad
Event Code: 7036
Message: Dienst "Plug & Play" befindet sich jetzt im Status "Beendet".
Record Number: 93758
Source Name: Service Control Manager
Time Written: 20100523094637.220000-000
Event Type: Informationen
User:
Computer Name: Marko-Core2Quad
Event Code: 20010
Message: Der Status von mindestens einem Subsystem des Plug & Play-Dienstes hat sich geändert.
PlugPlay-Installationssubsystem aktiviert: "false"
PlugPlay-Zwischenspeicherungssubsystem aktiviert: "false"
Record Number: 93757
Source Name: Microsoft-Windows-UserPnp
Time Written: 20100523094637.220000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
Computer Name: Marko-Core2Quad
Event Code: 7036
Message: Dienst "Stromversorgung" befindet sich jetzt im Status "Beendet".
Record Number: 93756
Source Name: Service Control Manager
Time Written: 20100523094637.220000-000
Event Type: Informationen
User:
=====Application event log=====
Computer Name: 37L4247D28-05
Event Code: 1001
Message: Fehlerbucket , Typ 0
Ereignisname: PnPDriverNotFound
Antwort: Nicht verfügbar
CAB-Datei-ID: 0
Problemsignatur:
P1: x86
P2: PCI\VEN_10DE&DEV_0AA3&SUBSYS_0AA31458&REV_B1
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:
Angefügte Dateien:
C:\Windows\Temp\DMI7416.tmp.log.xml
Diese Dateien befinden sich möglicherweise hier:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x86_3f579b17b8205aa3c391feb43aad634ece0c413_cab_06857473
Analysesymbol:
Es wird erneut nach einer Lösung gesucht: 0
Berichts-ID: 2b66d900-e033-11de-9c55-c098735b2bac
Berichtstatus: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20091203174205.000000-000
Event Type: Informationen
User:
Computer Name: 37L4247D28-05
Event Code: 5617
Message: Die Subsysteme des Windows-Verwaltungsinstrumentationsdienstes wurden erfolgreich initialisiert.
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20091203174127.000000-000
Event Type: Informationen
User:
Computer Name: 37L4247D28-05
Event Code: 5615
Message: Der Windows-Verwaltungsinstrumentationsdienst wurde erfolgreich gestartet.
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20091203174125.000000-000
Event Type: Informationen
User:
Computer Name: 37L4247D28-05
Event Code: 1531
Message: Der Benutzerprofildienst wurde erfolgreich gestartet.
Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20091203174123.276400-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
Computer Name: 37L4247D28-05
Event Code: 4625
Message: Das EventSystem-Subsystem unterdrückt duplizierte Ereignisprotokolleinträge für eine Dauer von 86400 Sekunden. Dieses Zeitlimit kann durch den REG_DWORD-Wert SuppressDuplicateDuration unter folgendem Registrierungsschlüssel gesteuert werden: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20091203174123.000000-000
Event Type: Informationen
User:
=====Security event log=====
Computer Name: Marko-Core2Quad
Event Code: 4647
Message: Benutzerinitiierte Abmeldung:
Antragsteller:
Sicherheits-ID: S-1-5-21-1148797400-2758010390-2342801227-1000
Kontoname: Marko
Kontodomäne: Marko-Core2Quad
Anmelde-ID: 0x1dbdc
Dieses Ereignis wird generiert, wenn eine Abmeldung initiiert wird. Es kann keine weitere benutzerinitiierte Aktivität erfolgen. Dieses Ereignis kann als Abmeldeereignis interpretiert werden.
Record Number: 832
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091206125822.167200-000
Event Type: Überwachung erfolgreich
User:
Computer Name: Marko-Core2Quad
Event Code: 4672
Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen.
Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e7
Berechtigungen: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 831
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091206123145.178400-000
Event Type: Überwachung erfolgreich
User:
Computer Name: Marko-Core2Quad
Event Code: 4624
Message: Ein Konto wurde erfolgreich angemeldet.
Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: MARKO-CORE2QUAD$
Kontodomäne: WORKGROUP
Anmelde-ID: 0x3e7
Anmeldetyp: 5
Neue Anmeldung:
Sicherheits-ID: S-1-5-18
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e7
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}
Prozessinformationen:
Prozess-ID: 0x22c
Prozessname: C:\Windows\System32\services.exe
Netzwerkinformationen:
Arbeitsstationsname:
Quellnetzwerkadresse: -
Quellport: -
Detaillierte Authentifizierungsinformationen:
Anmeldeprozess: Advapi
Authentifizierungspaket: Negotiate
Übertragene Dienste: -
Paketname (nur NTLM): -
Schlüssellänge: 0
Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.
Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".
Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).
Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.
Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.
Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
- Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
- Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
- Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
- Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
Record Number: 830
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091206123145.178400-000
Event Type: Überwachung erfolgreich
User:
Computer Name: Marko-Core2Quad
Event Code: 4672
Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen.
Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e7
Berechtigungen: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 829
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091206123144.333400-000
Event Type: Überwachung erfolgreich
User:
Computer Name: Marko-Core2Quad
Event Code: 4624
Message: Ein Konto wurde erfolgreich angemeldet.
Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: MARKO-CORE2QUAD$
Kontodomäne: WORKGROUP
Anmelde-ID: 0x3e7
Anmeldetyp: 5
Neue Anmeldung:
Sicherheits-ID: S-1-5-18
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e7
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}
Prozessinformationen:
Prozess-ID: 0x22c
Prozessname: C:\Windows\System32\services.exe
Netzwerkinformationen:
Arbeitsstationsname:
Quellnetzwerkadresse: -
Quellport: -
Detaillierte Authentifizierungsinformationen:
Anmeldeprozess: Advapi
Authentifizierungspaket: Negotiate
Übertragene Dienste: -
Paketname (nur NTLM): -
Schlüssellänge: 0
Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.
Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".
Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).
Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.
Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.
Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
- Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
- Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
- Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
- Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
Record Number: 828
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091206123144.333400-000
Event Type: Überwachung erfolgreich
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Common Files\DivX Shared\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files\Common Files\Nero\Lib\;C:\Program Files\Common Files\Apple\Mobile Device Support\bin\;C:\Program Files\Common Files\Apple\Apple Application Support\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=1707
"SAN_DIR"=D:\Programme\SiSoftware\SiSoftware Sandra Lite 2010
"RGSCLauncher"=H:\Spiele\Rockstar Games\Rockstar Games Social Club
"RGSC"=H:\Spiele\Rockstar Games\Rockstar Games Social Club\1_0_0_0
"asl.log"=Destination=file;OnFirstLog=command,environment
"CLASSPATH"=.;D:\Programme\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=D:\Programme\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
log.txt RSIT Logfile: Code:
ATTFilter Logfile of random's system information tool 1.08 (written by random/random) Run by xxx at 2010-09-14 16:41:05 Microsoft Windows 7 Home Premium System drive C: has 100 GB (67%) free of 150 GB Total RAM: 3327 MB (60% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:41:14, on 14.09.2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe D:\Programme\Avira\AntiVir Desktop\avgnt.exe C:\Windows\System32\Ctxfihlp.exe D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe D:\Programme\RocketDock\RocketDock.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Programme\Logitech\SetPoint\SetPoint.exe F:\Logitech\G15\NM Monitor\nmmonitor.exe D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe D:\Programme\RivaTuner\RivaTuner.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Windows\SYSTEM32\CTXFISPI.EXE C:\Users\Marko\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUMonitor.gadget\GPUMonitor.exe D:\Programme\Mozilla Firefox\firefox.exe D:\Programme\Mozilla Firefox\plugin-container.exe C:\Windows\system32\SearchFilterHost.exe D:\Programme\Malwarebytes' Anti-Malware\mbam.exe C:\Users\Marko\Desktop\RSIT.exe C:\Program Files\trend micro\Marko.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Programme\Real\rpbrowserrecordplugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O4 - HKLM\..\Run: [avgnt] "D:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [RivaTuner] "D:\Programme\RivaTuner\RivaTunerWrapper.exe" /T O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "D:\Programme\RivaTuner\RivaTunerWrapper.exe" /S O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe" O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKCU\..\Run: [RocketDock] "D:\Programme\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user') O4 - Startup: nmmonitor.exe - Verknüpfung.lnk = F:\Logitech\G15\NM Monitor\nmmonitor.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Marko\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{AC144823-F474-49DE-991A-FB2148ECCBA1}: NameServer = 192.168.2.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{AC144823-F474-49DE-991A-FB2148ECCBA1}: NameServer = 192.168.2.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{AC144823-F474-49DE-991A-FB2148ECCBA1}: NameServer = 192.168.2.1 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\avmailc.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Programme\Hamachi\hamachi-2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: MBAMService - Malwarebytes Corporation - D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - D:\Programme\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- End of file - 13827 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Automatische Wartung.job C:\Windows\tasks\brs.exe_20100218_183231_0539.job C:\Windows\tasks\brs.exe_20100218_205404_0673.job C:\Windows\tasks\PDVDServ.EXE_20100218_183235_0816.job C:\Windows\tasks\PDVDServ.EXE_20100218_205409_0682.job C:\Windows\tasks\SidebarExecute.job C:\Windows\tasks\{0573519D-DF95-4934-9530-B23267EACD99}.job C:\Windows\tasks\{12739128-407D-4DB8-80B3-577F199F1572}.job C:\Windows\tasks\{5438C122-0EC3-4ECF-B357-4D3F4CA1A8BB}.job C:\Windows\tasks\{6FC708E8-D1A8-4975-864D-F5194212C43A}.job C:\Windows\tasks\{D8514EF7-1317-480C-A975-389FDA41E8A8}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}] ContributeBHO Class - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - D:\Programme\Real\rpbrowserrecordplugin.dll [2009-12-03 329312] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID-Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - D:\Programme\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640] {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avgnt"=D:\Programme\Avira\AntiVir Desktop\avgnt.exe [2010-03-26 282792] "RivaTuner"=D:\Programme\RivaTuner\RivaTunerWrapper.exe [2009-08-22 24576] "RivaTunerStartupDaemon"=D:\Programme\RivaTuner\RivaTunerWrapper.exe [2009-08-22 24576] ""= [] "Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2009-06-17 55824] "CTxfiHlp"=C:\Windows\system32\CTXFIHLP.EXE [2010-05-05 25600] "Malwarebytes' Anti-Malware"=D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584] "IJNetworkScanUtility"=C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2009-09-28 140640] "Launch LgDeviceAgent"=C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [2010-08-03 358472] "Launch LCDMon"=C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2010-08-03 1809992] "Launch LGDCore"=C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [2010-08-03 3649096] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "RocketDock"=D:\Programme\RocketDock\RocketDock.exe [2007-09-02 495616] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] D:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2010-06-19 640440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher] D:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2010-06-19 38840] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2009-12-14 611712] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE [2008-08-15 378224] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe [2009-09-04 75048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer] D:\Programme\CyberLink\Power2Go\CLMLSvc.exe [2008-07-18 104936] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] D:\Programme\D-Tools\DTLite.exe [2009-10-30 369200] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core] E:\Spiele\Electronic Arts\EADM\Core.exe -silent [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] D:\Programme\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] D:\Programme\ICQ7.2\ICQ.exe [2010-06-28 133368] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite] D:\Programme\ICQLite\ICQLite.exe -minimize [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020 [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] D:\Programme\iTunes\iTunesHelper.exe [2010-09-01 421160] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] D:\Programme\CyberLink\PowerDVD\Language\Language.exe [2009-04-16 62760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU] C:\Program Files\lg_fwupdate\fwupdate.exe [2010-02-18 557056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] C:\Program Files\Logitech\Webcam\Logitech WebCam Software\LWS.exe /hide [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui] D:\Programme\Hamachi\hamachi-2-ui.exe [2010-03-30 1820040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2010-05-07 165208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NM Monitor] F:\Logitech\G15\NM Monitor\nmmonitor.exe [2010-04-26 1810432] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] D:\Programme\CyberLink\PowerDVD\PDVDServ.exe [2009-04-16 87336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-12-03 198160] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut] D:\Programme\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-02-21 222504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut] D:\Programme\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-09-24 210216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut] D:\Programme\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [2008-06-13 210216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut] D:\Programme\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [2008-10-20 210216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marko^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk] C:\PROGRA~1\Logitech\Webcam\LOGITE~1\eReg.exe /remind /language=DEU /_WFM=. [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marko^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk] D:\PROGRA~1\MICROS~1\Office12\ONENOTEM.EXE [2009-02-26 97680] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Logitech SetPoint.lnk - C:\Programme\Logitech\SetPoint\SetPoint.exe C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup nmmonitor.exe - Verknüpfung.lnk - F:\Logitech\G15\NM Monitor\nmmonitor.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn] c:\program files\common files\logitech\bluetooth\LBTWlgn.dll [2009-07-20 72208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoRecentDocsNetHood"=1 "NoDrives"=0x00000000 "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-09-14 16:41:07 ----D---- C:\Program Files\trend micro 2010-09-14 16:41:05 ----D---- C:\rsit 2010-09-12 13:44:52 ----D---- C:\Program Files\iPod 2010-09-12 13:43:29 ----D---- C:\Program Files\QuickTime 2010-09-12 13:42:39 ----D---- C:\Program Files\Apple Software Update 2010-09-12 13:41:54 ----D---- C:\Program Files\Bonjour 2010-09-12 13:13:01 ----A---- C:\Windows\system32\CNMXLMA5.DLL 2010-09-12 10:31:34 ----A---- C:\Windows\system32\o4Patch.exe 2010-09-11 18:56:47 ----D---- C:\Users\Marko\AppData\Roaming\citidcgjg 2010-09-10 16:30:38 ----D---- C:\ProgramData\Spybot - Search & Destroy 2010-09-10 16:30:38 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-09-10 00:04:54 ----D---- C:\Program Files\Avira 2010-09-09 22:01:07 ----D---- C:\Users\Marko\AppData\Roaming\vnckrnaux 2010-09-09 22:00:37 ----D---- C:\Users\Marko\AppData\Roaming\E7270447A11B5D97670355A83EA350FD 2010-09-05 18:01:02 ----D---- C:\Users\Marko\AppData\Roaming\Canon 2010-09-05 17:42:10 ----A---- C:\Windows\system32\SETC52D.tmp 2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNHMCA.dll 2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNC340U.dll 2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNC340L.dll 2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNC340I.dll 2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNC340C.dll 2010-09-05 17:38:49 ----D---- C:\Program Files\Common Files\CANON 2010-09-05 17:37:25 ----HD---- C:\ProgramData\CanonBJ 2010-09-05 17:37:18 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information 2010-09-05 17:37:05 ----A---- C:\Windows\system32\CNMLMA5.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkUS.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkTW.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkTR.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkTH.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkSE.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkRU.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkPT.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkPL.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkNO.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkNL.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkKR.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkJP.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkIT.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkID.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkHU.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkGR.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkFR.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkFI.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkES.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkDK.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkDE.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkCZ.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkCN.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkAR.DLL 2010-09-05 17:36:59 ----A---- C:\Windows\system32\CNCFMSk.EXE 2010-09-05 17:36:59 ----A---- C:\Windows\system32\CNCF2Lk.DLL 2010-09-05 17:36:51 ----A---- C:\Windows\system32\CNMIUA5.DLL 2010-09-05 17:36:40 ----HD---- C:\Program Files\CanonBJ 2010-09-05 17:36:31 ----D---- C:\Windows\system32\STRING 2010-09-05 17:36:31 ----A---- C:\Windows\system32\CNMNPUI.DLL 2010-09-05 17:36:31 ----A---- C:\Windows\system32\CNMNPPM.DLL 2010-09-05 17:36:30 ----D---- C:\Windows\system32\CHM 2010-09-05 17:34:41 ----D---- C:\Program Files\Canon 2010-08-30 23:12:10 ----N---- C:\Windows\system32\oleaut32.dll 2010-08-30 23:12:10 ----A---- C:\Windows\system32\oleaut32(815).dll 2010-08-30 19:08:13 ----D---- C:\Users\Marko\AppData\Roaming\NVIDIA 2010-08-30 19:07:46 ----A---- C:\Windows\system32\XAudio2_7.dll 2010-08-30 19:07:46 ----A---- C:\Windows\system32\XAPOFX1_5.dll 2010-08-30 19:07:46 ----A---- C:\Windows\system32\xactengine3_7.dll 2010-08-30 19:07:46 ----A---- C:\Windows\system32\D3DX9_43.dll 2010-08-30 19:07:46 ----A---- C:\Windows\system32\d3dx11_43.dll 2010-08-30 19:07:46 ----A---- C:\Windows\system32\d3dx10_43.dll 2010-08-30 19:07:46 ----A---- C:\Windows\system32\d3dcsx_43.dll 2010-08-30 19:07:46 ----A---- C:\Windows\system32\D3DCompiler_43.dll 2010-08-30 19:07:45 ----A---- C:\Windows\system32\XAudio2_6.dll 2010-08-30 19:07:45 ----A---- C:\Windows\system32\XAPOFX1_4.dll 2010-08-30 19:07:45 ----A---- C:\Windows\system32\xactengine3_6.dll 2010-08-30 19:07:45 ----A---- C:\Windows\system32\X3DAudio1_7.dll 2010-08-29 19:58:01 ----RA---- C:\Windows\system32\AdobePDFUI.dll 2010-08-19 09:40:35 ----D---- C:\Users\Marko\AppData\Roaming\Vodafone 2010-08-19 09:40:35 ----D---- C:\Users\Marko\AppData\Roaming\Bytemobile 2010-08-19 09:40:06 ----D---- C:\ProgramData\Vodafone 2010-08-19 09:39:59 ----D---- C:\Program Files\Vodafone 2010-08-19 09:39:28 ----A---- C:\Windows\system32\SpOrder.dll ======List of files/folders modified in the last 1 months====== 2010-09-14 16:41:14 ----D---- C:\Windows\Temp 2010-09-14 16:41:07 ----D---- C:\Program Files 2010-09-14 16:35:54 ----D---- C:\ProgramData\NVIDIA 2010-09-14 16:35:53 ----D---- C:\Windows\system32\logishrd 2010-09-13 23:52:15 ----D---- C:\Windows\System32 2010-09-13 23:49:48 ----D---- C:\Windows 2010-09-13 23:49:15 ----D---- C:\Windows\AppPatch 2010-09-13 23:46:58 ----D---- C:\Windows\system32\LogFiles 2010-09-13 22:20:14 ----D---- C:\Users\Marko\AppData\Roaming\ICQ 2010-09-13 19:15:51 ----SHD---- C:\System Volume Information 2010-09-12 23:01:39 ----D---- C:\Windows\system32\config 2010-09-12 22:56:45 ----D---- C:\Users\Marko\AppData\Roaming\Skype 2010-09-12 22:56:02 ----D---- C:\Windows\system32\drivers 2010-09-12 20:56:46 ----D---- C:\Users\Marko\AppData\Roaming\skypePM 2010-09-12 13:58:59 ----D---- C:\Boot 2010-09-12 13:58:03 ----D---- C:\Windows\system32\catroot 2010-09-12 13:45:28 ----SHD---- C:\Windows\Installer 2010-09-12 13:45:23 ----SHD---- C:\Config.Msi 2010-09-12 13:44:52 ----D---- C:\Program Files\Common Files\Apple 2010-09-12 13:42:33 ----D---- C:\Windows\inf 2010-09-12 13:42:17 ----D---- C:\Windows\system32\DriverStore 2010-09-12 13:29:53 ----D---- C:\Windows\Minidump 2010-09-12 13:15:45 ----D---- C:\ProgramData\Logitech 2010-09-12 13:13:14 ----D---- C:\Windows\system32\catroot2 2010-09-12 13:12:36 ----D---- C:\ProgramData 2010-09-12 13:12:32 ----D---- C:\Windows\twain_32 2010-09-12 13:07:26 ----D---- C:\Users\Marko\AppData\Roaming\Taypy 2010-09-12 13:04:15 ----D---- C:\Windows\system32\wbem 2010-09-12 13:03:11 ----D---- C:\Windows\winsxs 2010-09-12 13:03:11 ----D---- C:\Windows\Tasks 2010-09-12 13:03:11 ----D---- C:\Windows\system32\wfp 2010-09-12 13:03:11 ----D---- C:\Users 2010-09-12 13:03:10 ----D---- C:\Windows\system32\Tasks 2010-09-12 13:03:06 ----D---- C:\Windows\system32\CodeIntegrity 2010-09-12 13:03:05 ----D---- C:\Windows\Media 2010-09-12 13:03:05 ----D---- C:\Windows\Downloaded Program Files 2010-09-12 13:03:05 ----D---- C:\Users\Marko\AppData\Roaming\Winamp 2010-09-12 13:03:05 ----D---- C:\Users\Marko\AppData\Roaming\Kaam 2010-09-12 13:03:00 ----D---- C:\ProgramData\DivX 2010-09-12 13:03:00 ----D---- C:\ProgramData\Apple Computer 2010-09-12 13:02:58 ----D---- C:\Program Files\Microsoft Silverlight 2010-09-12 13:02:57 ----D---- C:\Program Files\DVDVideoSoft 2010-09-12 13:02:57 ----D---- C:\Program Files\DivX 2010-09-12 13:02:57 ----D---- C:\Program Files\Common Files\PX Storage Engine 2010-09-12 13:02:57 ----D---- C:\Program Files\Common Files\Logishrd 2010-09-12 13:02:57 ----D---- C:\Program Files\Common Files\DVDVideoSoft 2010-09-12 13:02:56 ----D---- C:\Program Files\Common Files 2010-09-12 13:02:55 ----D---- C:\NVIDIA 2010-09-12 13:02:47 ----D---- C:\Windows\registration 2010-09-12 13:01:41 ----D---- C:\Users\Marko\AppData\Roaming\Adobe 2010-09-12 13:01:34 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-09-10 18:39:46 ----D---- C:\Windows\Sun 2010-09-10 17:46:07 ----D---- C:\Windows\debug 2010-09-09 22:33:02 ----D---- C:\Windows\SoftwareDistribution 2010-09-04 13:07:28 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-09-02 17:10:49 ----D---- C:\ProgramData\Adobe 2010-08-31 16:12:49 ----A---- C:\Windows\ULead32.ini 2010-08-30 19:07:59 ----D---- C:\Program Files\NVIDIA Corporation 2010-08-30 19:07:37 ----D---- C:\Windows\assembly 2010-08-26 14:40:34 ----A---- C:\Windows\system32\authuitu(812).dll 2010-08-26 14:40:24 ----A---- C:\Windows\system32\uxtuneup(813).dll 2010-08-25 18:16:51 ----A---- C:\Windows\system32\ssprs.dll 2010-08-25 18:16:50 ----A---- C:\Windows\system32\lsprst7.dll 2010-08-25 18:16:50 ----A---- C:\Windows\SurCode.INI 2010-08-15 13:44:35 ----D---- C:\Users\Marko\AppData\Roaming\vlc ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 CLBStor;CyberLink InstantBurn UDF Reader Help Driver; C:\Windows\system32\drivers\CLBStor.sys [2008-10-20 10368] R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368] R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-02-06 44608] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-03 691696] R1 avgio;avgio; \??\D:\Programme\Avira\AntiVir Desktop\avgio.sys [2009-12-03 11608] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-26 124784] R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160] R1 hwinterface;hwinterface; C:\Windows\System32\Drivers\hwinterface.sys [2009-12-03 2996] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-12-03 28520] R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2009-12-14 73312] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-03-26 60936] R2 CLBUDFR;CyberLink UDF Filesystem; C:\Windows\system32\drivers\CLBUDFR.sys [2008-10-20 154368] R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] R2 vcs;vcs; \??\D:\Programme\AV VCS 3.0 Gold\vcs.sys [2003-04-30 6852] R3 CMISTOR;CMIUCR.SYS CM320/CM220 Card Reader Driver; C:\Windows\system32\DRIVERS\cmiucr.SYS [2007-09-10 95616] R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [2010-05-05 171096] R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2010-05-05 511064] R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2010-05-05 526296] R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS [2010-05-05 1324120] R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS [2010-05-05 72792] R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2010-05-05 14424] R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2010-05-05 158808] R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2006-12-26 34760] R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2007-02-16 11984] R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2010-05-05 95832] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2010-05-05 1178200] R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176] R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720] R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-23 14856] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392] R3 LVPr2Mon;LVPr2Mon Driver; C:\Windows\system32\Drivers\LVPr2Mon.sys [2010-05-07 25824] R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2010-05-15 276448] R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\lvusbsta.sys [2005-01-31 22016] R3 LVUVC;Logitech Webcam Pro 9000(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2010-05-15 6842592] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2010-04-29 20952] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2010-04-29 38224] R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6232.sys [2009-07-30 287392] R3 nvoclock;NVIDIA Enthusiasts Platform KDM; C:\Windows\system32\DRIVERS\nvoclock.sys [2009-09-15 38248] R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-08-24 15872] R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2010-05-05 130136] R3 RivaTuner32;RivaTuner32; \??\D:\Programme\RivaTuner\RivaTuner32.sys [2009-08-22 9088] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312] S3 AODDriver;AODDriver; \??\C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys [2009-02-23 7168] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888] S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS [2010-05-05 171096] S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\Windows\system32\drivers\ctdvda2k.sys [2010-05-05 347144] S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS [2010-05-05 1324120] S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS [2010-05-05 72792] S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2004-10-25 21664] S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2010-01-09 17488] S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-03-06 17488] S3 GVTDrv;GVTDrv; \??\C:\Windows\system32\Drivers\GVTDrv.sys [2010-03-06 24944] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-11-03 2790048] S3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-09-08 1063712] S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2005-01-31 211712] S3 SANDRA;SANDRA; \??\D:\Programme\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x86\Sandra.sys [2009-08-08 23112] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-04-19 41984] S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirMailService;Avira AntiVir MailGuard; D:\Programme\Avira\AntiVir Desktop\avmailc.exe [2010-04-19 337064] R2 AntiVirSchedulerService;Avira AntiVir Planer; D:\Programme\Avira\AntiVir Desktop\sched.exe [2010-03-26 135336] R2 AntiVirService;Avira AntiVir Guard; D:\Programme\Avira\AntiVir Desktop\avguard.exe [2010-04-19 267432] R2 AntiVirWebService;Avira AntiVir WebGuard; D:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE [2010-04-19 405672] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672] R2 Bonjour Service;Dienst "Bonjour"; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376] R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200] R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-08-10 387616] R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; D:\Programme\Hamachi\hamachi-2.exe [2010-03-30 1107336] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728] R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 162648] R2 MBAMService;MBAMService; D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464] R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208] R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-08-10 178720] R2 nTuneService;Performance Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2010-03-22 191080] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-08-11 66872] R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2010-08-11 107832] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-08-26 1051968] R2 UpdateCenterService;Update Center Service; C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe [2009-11-06 195176] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2009-12-14 288112] S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-02-18 79360] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-12-03 79360] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-12-06 655624] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2010-09-01 820008] S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [2009-07-20 121360] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Programme\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 SandraAgentSrv;SiSoftware Deployment Agent Service; D:\Programme\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe [2009-08-24 93336] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-11-15 320760] S3 TuneUp.Defrag;@D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-09-11 435008] -----------------EOF----------------- |
|
14.09.2010, 16:15
| #5 |
| | Windows Update und Windows Gadgets durch Virus blockiert CC Cleaner (Programme) Code:
ATTFilter 3DMark06 Futuremark 03.12.2009 1.0.2
7-Zip 4.62 03.12.2009
Acrobat.com Adobe Systems Incorporated 05.12.2009 1.2.443
Adobe AIR Adobe Systems Inc. 08.04.2010 1.5.3.9130
Adobe Creative Suite 4 Master Collection Adobe Systems Incorporated 05.12.2009 933,4MB 4.0
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 02.07.2010 6,00MB 10.1.53.64
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 27.08.2010 6,00MB 10.1.82.76
Adobe Media Player Adobe Systems Incorporated 05.12.2009 1.1
Adobe Reader 9 - Deutsch Adobe Systems Incorporated 02.12.2009 194,7MB 9.0.0
Age of Empires III Microsoft Game Studios 19.12.2009 2.113,9MB 1.00.0000
Apple Application Support Apple Inc. 11.09.2010 42,8MB 1.3.2
Apple Mobile Device Support Apple Inc. 11.09.2010 20,1MB 3.2.0.47
Apple Software Update Apple Inc. 11.09.2010 2,26MB 2.1.2.120
Avira AntiVir Premium Avira GmbH 21.04.2010 10.0.0.603
Battlefield 2(TM) 10.12.2009
Bonjour Apple Inc. 11.09.2010 0,76MB 2.0.3.0
C-Media USB2.0 Card Reader 03.12.2009
Canon IJ Network Scan Utility 11.09.2010
Canon IJ Network Tool 11.09.2010
Canon Kurzwahlprogramm 04.09.2010
Canon MP Navigator EX 3.1 04.09.2010
Canon MX340 series Benutzerregistrierung 04.09.2010
Canon MX340 series MP Drivers 04.09.2010
Canon Utilities Easy-PhotoPrint EX 04.09.2010
Canon Utilities My Printer 04.09.2010
CCleaner Piriform 02.08.2010 2.34
Command & Conquer 3 Ihr Firmenname 26.12.2009 1.210,3MB 1.00.0000
Command & Conquer™ 3: Kanes Rache Ihr Firmenname 26.12.2009 3.365,8MB 1.00.0000
Command & Conquer™ 4 Tiberian Twilight Electronic Arts 02.08.2010 422,2MB 1.0.0.0
Counter-Strike 1.6 01.01.2010 1.00.0000
Creative ALchemy Creative Technology Limited 17.02.2010 1.41
Creative Audio-Systemsteuerung Creative Technology Limited 02.08.2010 2.00
Creative Konsole Starter Creative Technology Limited 02.12.2009
Creative Software AutoUpdate Creative Technology Limited 02.08.2010 1.40
Crysis WARHEAD(R) Electronic Arts 11.02.2010
Crysis WARHEAD(R) Patch Electronic Arts 11.02.2010
Crysis(R) Electronic Arts 01.01.2010 2.959,3MB 1.21.0000
CyberLink BD Advisor 2.0 17.02.2010
CyberLink Blu-ray Disc Suite CyberLink Corp. 17.02.2010 12,4MB 6.0.2201
CyberLink LabelPrint CyberLink Corp. 17.02.2010 2.0.3301
CyberLink MediaShow CyberLink Corp. 17.02.2010 186,9MB 4.1.2124
CyberLink Power2Go CyberLink Corp. 17.02.2010 99,7MB 6.0.2221
CyberLink PowerDVD CyberLink Corp. 17.02.2010 7.3.5711.1
CyberLink PowerProducer CyberLink Corp. 17.02.2010 150,3MB 5.0819
CyberLink UDF Reader 5.0 17.02.2010
DivX Converter DivX, Inc. 30.06.2010 7.1.0
DivX Plus DirectShow Filters DivX, Inc. 30.06.2010
DivX-Setup DivX, Inc. 03.09.2010 2.0.4.2
Easy Tune 6 B09.1120.1 GIGABYTE 08.01.2010 21,0MB 1.00.0000
Eigenschaften von Creative Sound Blaster Creative Technology Limited 02.08.2010 1.02
Facebook Plug-In Facebook, Inc. 19.06.2010
Far Cry 2 Ubisoft 10.08.2010 1.03.00
Fraps (remove only) 12.12.2009
Free Audio CD Burner version 1.4 DVDVideoSoft Limited. 02.08.2010 8,08MB
Free YouTube to MP3 Converter version 3.7 DVDVideoSoft Limited. 02.08.2010 32,0MB
Grand Theft Auto IV Rockstar Games 10.12.2009 1.00.0000
Großer ADAC ReisePlaner 2008/2009 03.12.2009
ICQ 7.2 Build #3129 Banner Remover 1.0 murb.com 27.06.2010 1,02MB
ICQ7.2 ICQ 27.06.2010 7.2
iPhone Explorer Marx Softwareentwicklung (Germany) 30.01.2010 4,79MB 0.9.0
iTunes Apple Inc. 11.09.2010 135,9MB 10.0.0.68
James Cameron's AVATAR(tm): DAS SPIEL Ubisoft 26.01.2010 1.02.00
Java(TM) 6 Update 17 Sun Microsystems, Inc. 02.12.2009 94,9MB 6.0.170
LexiROM 2.0 02.12.2009
LG Tool Kit 17.02.2010 9.01.1124.01
LightScribe System Software LightScribe 17.02.2010 24,0MB 1.18.8.1
Logitech GamePanel Software 3.06.109 Logitech Inc. 11.09.2010 17,6MB 3.06.109
Logitech SetPoint Logitech 03.01.2010 17,00KB 4.80
Logitech Webcam Software Logitech Inc. 23.07.2010 2.0
Logitech Webcam Software-Treiberpaket Logitech Inc. 04.05.2010 12.10.1110
LogMeIn Hamachi LogMeIn, Inc. 29.03.2010 2.0.2.85
Malwarebytes' Anti-Malware Malwarebytes Corporation 11.09.2010 8,51MB
Microsoft .NET Compact Framework 2.0 SP1 Microsoft Corporation 08.04.2010 91,0MB 2.0.6129
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 25.06.2010 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 25.06.2010 2,94MB 4.0.30319
Microsoft Games for Windows - LIVE Microsoft Corporation 16.06.2010 7,86MB 3.3.24.0
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 16.06.2010 32,3MB 3.2.3.0
Microsoft Office Enterprise 2007 Microsoft Corporation 03.12.2009 12.0.6425.1000
Microsoft Office Live Add-in 1.5 Microsoft Corporation 16.06.2010 0,50MB 2.0.4024.1
Microsoft Rechner-Plus Microsoft 02.12.2009 0,92MB 1.0.0
Microsoft Silverlight Microsoft Corporation 16.06.2010 60,8MB 4.0.50524.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 02.12.2009 0,25MB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 17.02.2010 2,69MB 8.0.59193
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 02.12.2009 0,20MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 02.12.2009 0,58MB 9.0.30729
Mozilla Firefox (3.6.8) Mozilla 24.07.2010 3.6.8 (de)
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 04.12.2009 35,00KB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 04.12.2009 1,33MB 4.20.9876.0
Need For Speed SHIFT Electronic Arts 26.12.2009
Nero 9 Trial Nero AG 17.02.2010
NVIDIA Display Control Panel NVIDIA Corporation 02.08.2010 129,0MB 6.14.12.5896
NVIDIA Drivers NVIDIA Corporation 02.08.2010 67,5MB 1.10.62.40
NVIDIA ForceWare Network Access Manager NVIDIA Corporation 02.12.2009 32,9MB 1.00.7316
NVIDIA Performance NVIDIA Corporation 02.08.2010 23,4MB 6.5
NVIDIA PhysX NVIDIA Corporation 29.08.2010 73,2MB 9.10.0513
NVIDIA Stereoscopic 3D Driver NVIDIA Corporation 02.08.2010 7.17.12.5896
NVIDIA System Monitor NVIDIA Corporation 02.08.2010 18,0MB 6.5
NVIDIA System Update NVIDIA Corporation 02.08.2010 3,60MB 3.00
OpenAL 02.12.2009
oZone3D.Net FurMark v1.7.0 oZone3D.Net 05.12.2009
pdf24 PDF24.org 03.12.2009
PunkBuster Services Even Balance, Inc. 01.01.2010 0.986
QuickTime Apple Inc. 11.09.2010 73,7MB 7.67.75.0
RealPlayer RealNetworks 02.12.2009
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 07.12.2009 6.0.1.5973
RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition Alexey Nicolaychuk 05.12.2009 v2.24 MSI Master Overclocking Arena 2009 edition
Rockstar Games Social Club Rockstar Games 10.12.2009 1.00.0000
SiSoftware Sandra Lite 2010 SiSoftware 08.12.2009 67,7MB 16.11.2010.1
Skype™ 4.2 Skype Technologies S.A. 23.07.2010 31,7MB 4.2.169
SUPER © Version 2009.bld.36 (June 10, 2009) eRightSoft 13.12.2009 Version 2009.bld.36 (June 10, 2009)
Tom Clancy's Splinter Cell Conviction Ubisoft 31.05.2010 1.04.000
TuneUp Utilities TuneUp Software 02.12.2009 9.0.2010.9
Ubisoft Game Launcher UBISOFT 31.05.2010 1.0.0.0
Uninstall 1.0.0.1 02.08.2010 10,5MB
Virtual DJ - Atomix Productions 14.12.2009
VLC media player 1.0.3 VideoLAN Team 02.12.2009 1.0.3
WD Diagnostics Western Digital Technologies 03.08.2010 0,81MB 1.09.0002
Winamp Nullsoft, Inc 19.07.2010 5.581
Winamp Erkennungs-Plug-in Nullsoft, Inc 19.07.2010 75,00KB 1.0.0.1
Windows Live Essentials Microsoft Corporation 02.12.2009 14.0.8089.0726
Windows Live ID-Anmelde-Assistent Microsoft Corporation 16.06.2010 5,52MB 6.500.3165.0
Windows Live-Uploadtool Microsoft Corporation 02.12.2009 0,22MB 14.0.8014.1029
Windows Media Player Firefox Plugin Microsoft Corp 02.12.2009 0,29MB 1.0.0.8
WinRAR 02.12.2009
WinZip 11.1 WinZip Computing, S.L. 02.12.2009 11,1MB 11.1.7466
Code:
ATTFilter GMER 1.0.15.15281 - hxxp://www.gmer.net
Rootkit scan 2010-09-14 17:02:22
Windows 6.1.7600
Running: gmer.exe; Driver: C:\Users\Marko\AppData\Local\Temp\awryyaog.sys
---- System - GMER 1.0.15 ----
INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83243AF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83243104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 832433F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322C2D8
INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8322B898
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 832431DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83243958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 832436F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83243F2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 832441A8
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82E5C599 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82E80F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
? System32\Drivers\spoz.sys Das System kann den angegebenen Pfad nicht finden. !
.text USBPORT.SYS!DllUnload 913AECA0 5 Bytes JMP 86C7B1D8
.text aui70y7t.SYS 93F9B000 12 Bytes CALL 7AE83327
.text aui70y7t.SYS 93F9B00D 9 Bytes [C7, 22, 83, 48, EB, 22, 83, ...]
.text aui70y7t.SYS 93F9B017 20 Bytes [00, DE, B7, F8, 8B, E6, B5, ...]
.text aui70y7t.SYS 93F9B02C 149 Bytes [00, 00, 00, 00, D0, 71, E5, ...]
.text aui70y7t.SYS 93F9B0C3 8 Bytes [00, 00, 00, 00, 00, 00, 00, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL}
.text ...
.text peauth.sys A882BC9D 28 Bytes [5E, 00, AE, 55, A1, 57, 40, ...]
.text peauth.sys A882BCC1 28 Bytes [5E, 00, AE, 55, A1, 57, 40, ...]
PAGE peauth.sys A8831E20 101 Bytes [66, A1, 19, 11, 82, 36, E8, ...]
PAGE peauth.sys A883202C 102 Bytes [01, F9, 99, 6C, 4E, C1, 7E, ...]
.text D:\Programme\CyberLink\PowerDVD\000.fcl section is writeable [0xA88F8000, 0x2892, 0xE8000020]
.vmp2 D:\Programme\CyberLink\PowerDVD\000.fcl entry point in ".vmp2" section [0xA891B050]
? \Programme\D-Tools\Engine.dll Das System kann den angegebenen Pfad nicht finden. !
---- User code sections - GMER 1.0.15 ----
.text D:\Programme\Mozilla Firefox\plugin-container.exe[1092] USER32.dll!TrackPopupMenu 77234B3B 5 Bytes JMP 6432098F D:\Programme\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text D:\Programme\Mozilla Firefox\firefox.exe[2776] ntdll.dll!NtProtectVirtualMemory 77715380 5 Bytes JMP 0019000A
.text D:\Programme\Mozilla Firefox\firefox.exe[2776] ntdll.dll!NtWriteVirtualMemory 77715F00 5 Bytes JMP 001A000A
.text D:\Programme\Mozilla Firefox\firefox.exe[2776] ntdll.dll!KiUserExceptionDispatcher 77716448 5 Bytes JMP 0016000A
.text D:\Programme\Mozilla Firefox\firefox.exe[2776] ntdll.dll!LdrLoadDll 7772F625 5 Bytes JMP 012013F0 D:\Programme\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
.text C:\Windows\explorer.exe[4616] ntdll.dll!NtProtectVirtualMemory 77715380 5 Bytes JMP 001F000A
.text C:\Windows\explorer.exe[4616] ntdll.dll!NtWriteVirtualMemory 77715F00 5 Bytes JMP 0020000A
.text C:\Windows\explorer.exe[4616] ntdll.dll!KiUserExceptionDispatcher 77716448 5 Bytes JMP 001A000A
.text C:\Windows\system32\svchost.exe[5752] ntdll.dll!NtProtectVirtualMemory 77715380 5 Bytes JMP 0038000A
.text C:\Windows\system32\svchost.exe[5752] ntdll.dll!NtWriteVirtualMemory 77715F00 5 Bytes JMP 0039000A
.text C:\Windows\system32\svchost.exe[5752] ntdll.dll!KiUserExceptionDispatcher 77716448 5 Bytes JMP 0037000A
.text C:\Windows\system32\svchost.exe[5752] ole32.dll!CoCreateInstance 773257FC 5 Bytes JMP 008F000A
.text C:\Windows\system32\svchost.exe[5752] USER32.dll!GetCursorPos 7720C198 5 Bytes JMP 00A5000A
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [8BE8F042] \SystemRoot\System32\Drivers\spoz.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [8BE8F6D6] \SystemRoot\System32\Drivers\spoz.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [8BE8F800] \SystemRoot\System32\Drivers\spoz.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8BE8F13E] \SystemRoot\System32\Drivers\spoz.sys
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortNotification] 00147880
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortQuerySystemTime] 78800C75
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortReadPortUchar] 06750015
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortStallExecution] C25DC033
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortWritePortUchar] 458B0008
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortWritePortUlong] 6A006A08
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortGetPhysicalAddress] 50056A24
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] 005AB7E8
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortGetScatterGatherList] 0001B800
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortGetParentBusType] C25D0000
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortRequestCallback] CCCC0008
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortWritePortBufferUshort] CCCCCCCC
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortGetUnCachedExtension] CCCCCCCC
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortCompleteRequest] CCCCCCCC
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortCopyMemory] 53EC8B55
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortEtwTraceLog] 800C5D8B
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 7500117B
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 127B806A
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 80647500
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortReadPortBufferUshort] 7500137B
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortInitialize] 157B805E
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortGetDeviceBase] 56587500
IAT \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortDeviceStateChange] 8008758B
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 859491F8
Device \Driver\usbohci \Device\USBPDO-0 86C7C1F8
Device \Driver\usbehci \Device\USBPDO-1 86A871F8
Device \Driver\usbohci \Device\USBPDO-2 86C7C1F8
Device \Driver\usbehci \Device\USBPDO-3 86A871F8
Device \Driver\sptd \Device\257802016 spoz.sys
Device \Driver\volmgr \Device\HarddiskVolume1 859451F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume2 859451F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\cdrom \Device\CdRom0 86AAA500
Device \Driver\volmgr \Device\HarddiskVolume3 859451F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort0 859471F8
Device \Driver\atapi \Device\Ide\IdePort1 859471F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-2 859471F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{AC144823-F474-49DE-991A-FB2148ECCBA1} 86BC41F8
Device \Driver\volmgr \Device\HarddiskVolume4 859451F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume5 859451F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume6 859451F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\PCI_PNP8016 \Device\00000069 spoz.sys
Device \Driver\volmgr \Device\HarddiskVolume7 859451F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume7 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBt_Wins_Export 86BC41F8
Device \Driver\volmgr \Device\HarddiskVolume8 859451F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume8 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume9 859451F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume9 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBT_Tcpip_{E7E4CB07-0008-45AC-A96C-15E6D252AFE5} 86BC41F8
Device \Driver\ACPI_HAL \Device\0000005f halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device \Driver\usbohci \Device\USBFDO-0 86C7C1F8
Device \Driver\usbehci \Device\USBFDO-1 86A871F8
Device \Driver\usbohci \Device\USBFDO-2 86C7C1F8
Device \Driver\usbehci \Device\USBFDO-3 86A871F8
Device \Driver\volmgr \Device\HarddiskVolume10 859451F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume10 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\aui70y7t \Device\Scsi\aui70y7t1 86E443A8
Device -> \Driver\atapi \Device\Harddisk0\DR0 86B54EC5
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 D:\Programme\D-Tools\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x2F 0xC8 0xB4 0x22 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x1A 0xE8 0x5E 0x96 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x71 0x50 0x01 0xB1 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 D:\Programme\D-Tools\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x2F 0xC8 0xB4 0x22 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x1A 0xE8 0x5E 0x96 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x71 0x50 0x01 0xB1 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version
Reg HKLM\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version@Version 0xC4 0x50 0x5E 0x1D ...
---- Files - GMER 1.0.15 ----
File C:\Windows\system32\drivers\atapi.sys suspicious modification
---- EOF - GMER 1.0.15 ----
|
|
14.09.2010, 19:23
| #6 |
| /// Helfer-Team | Windows Update und Windows Gadgets durch Virus blockiert - Punkt 3. fehlt noch:-> http://www.trojaner-board.de/90678-w...tml#post567361 ausserdem: ** Update Malwarebytes Anti-Malware, lass es nochmal anhand der folgenden Anleitung laufen:
|
|
14.09.2010, 21:38
| #7 |
| | Windows Update und Windows Gadgets durch Virus blockiert hey, ich habe den suchslauf von mbam nun auf C und D komplett laufen lassen, F bis H ist bei mir nur ablagefläche, wo nur spiele, mp3 und tools drauf sind. Hoffe das reicht dir soweit DANKE NOCHMAL dass du soviel mühe machst !! hier noch Punkt 3 im anhang (lässt sich leider nicht in code schreiben und auch nicht als txt anhängen..bringt mir dann immer "seite kann nicht angezeigt werden" =/ musste es zippen) |
|
14.09.2010, 22:45
| #8 |
| | Windows Update und Windows Gadgets durch Virus blockiertCode:
ATTFilter Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4613
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
14.09.2010 23:43:28
mbam-log-2010-09-14 (23-43-28).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 415445
Laufzeit: 1 Stunde(n), 9 Minute(n), 13 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
|
|
15.09.2010, 20:34
| #9 |
| /// Helfer-Team | Windows Update und Windows Gadgets durch Virus blockiert 1. starte HijackThis--> wähle Open the Misc Tools section --> dann Delete a file on reboot... --> wähle die zu löschende Datei (sehe der Inhalt dieser Code-Box), die Frage zum Neustart mit NEIN beantworten, wieder Delete a file on reboot wählen, nächste Datei auswählen usw., bis Du die letzte Datei ausgewählt hast, nun antwortest du auf die Frage zum Neustart mit JA >> Text kopieren und einfügen (oder "Durchsuchen"):: Code:
ATTFilter C:\Windows\system32\ssprs.tgz
C:\Windows\system32\ssprs.dll
C:\Windows\system32\lsprst7.tgz
C:\Windows\system32\lsprst7.dll
einige unnötig, andere schädlich deswegen... - unter Start->Programme-> Zubehör-> Systemprogramme-> geplante Tasks (Anleitung-> Ändern geplanter Tasks in Windows XP und dort auch einfach löschen: Code:
ATTFilter C:\Windows\Tasks\{0573519D-DF95-4934-9530-B23267EACD99}.job
C:\Windows\Tasks\PDVDServ.EXE_20100218_205409_0682.job
C:\Windows\Tasks\brs.exe_20100218_205404_0673.job
C:\Windows\Tasks\PDVDServ.EXE_20100218_183235_0816.job
C:\Windows\Tasks\brs.exe_20100218_183231_0539.job
C:\Windows\Tasks\{12739128-407D-4DB8-80B3-577F199F1572}.job
C:\Windows\Tasks\{D8514EF7-1317-480C-A975-389FDA41E8A8}.job
C:\Windows\Tasks\{6FC708E8-D1A8-4975-864D-F5194212C43A}.job
C:\Windows\Tasks\{5438C122-0EC3-4ECF-B357-4D3F4CA1A8BB}.job
→ besuche die Seite von virustotal und die Datei/en aus Codebox bitte prüfen lassen - inklusive Dateigröße und Name, MD5 und SHA1 auch mitkopieren: → Tipps für die Suche nach Dateien Code:
ATTFilter C:\Windows\system32\drivers\atapi.sys
→ Suche die Datei auf deinem Rechner→ Doppelklick auf die zu prüfende Datei (oder kopiere den Inhalt ab aus der Codebox) → "Senden der Datei" und Warte, bis der Scandurchlauf aller Virenscanner beendet ist → das Ergebnis wie Du es bekommst (NICHT AUSLASSEN!) da reinkoperen (inklusive <geprüfter Dateiname> + Dateigröße und Name, MD5 und SHA1) ** Beispiel - das zu postende Logfile von Virustotal soll so wie hier aussehen Also nicht auslassen, sondern wie Du es bekommst da reinkopieren!: Code:
ATTFilter Datei <hier kommt die Dateiname> empfangen 2009.xx.xx xx:xx:xx (CET)
Antivirus Version letzte aktualisierung Ergebnis
a-squared 4.0.0.73 2009.01.28 -
AhnLab-V3 5.0.0.2 2009.01.28 -
AntiVir 7.9.0.60 2009.01.28 -
Authentium 5.1.0.4 2009.01.27 -
...über 40 Virenscannern...also Geduld!!
|
|
16.09.2010, 13:51
| #10 |
| | Windows Update und Windows Gadgets durch Virus blockiert alle dateien, die du beschrieben hast entfernt hier das virustotal log : Code:
ATTFilter File name:
atapi.sys
Submission date:
2010-09-16 12:38:31 (UTC)
Current status:
queued (#1) queued (#1) analysing finished
Result:
1/ 41 (2.4%)
VT Community
not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2010.09.16.01 2010.09.16 -
AntiVir 8.2.4.52 2010.09.16 -
Antiy-AVL 2.0.3.7 2010.09.16 -
Authentium 5.2.0.5 2010.09.16 -
Avast 4.8.1351.0 2010.09.16 -
Avast5 5.0.594.0 2010.09.16 -
AVG 9.0.0.851 2010.09.16 -
BitDefender 7.2 2010.09.16 -
CAT-QuickHeal 11.00 2010.09.16 -
ClamAV 0.96.2.0-git 2010.09.16 -
Comodo 6097 2010.09.16 -
DrWeb 5.0.2.03300 2010.09.16 -
Emsisoft 5.0.0.37 2010.09.16 -
eSafe 7.0.17.0 2010.09.15 Win32.TrojanHorse
eTrust-Vet 36.1.7859 2010.09.16 -
F-Prot 4.6.1.107 2010.09.16 -
F-Secure 9.0.15370.0 2010.09.16 -
Fortinet 4.1.143.0 2010.09.16 -
GData 21 2010.09.16 -
Ikarus T3.1.1.88.0 2010.09.16 -
Jiangmin 13.0.900 2010.09.16 -
K7AntiVirus 9.63.2522 2010.09.15 -
Kaspersky 7.0.0.125 2010.09.16 -
McAfee 5.400.0.1158 2010.09.16 -
McAfee-GW-Edition 2010.1C 2010.09.16 -
NOD32 5454 2010.09.16 -
nProtect 2010-09-16.02 2010.09.16 -
Panda 10.0.2.7 2010.09.16 -
PCTools 7.0.3.5 2010.09.16 -
Prevx 3.0 2010.09.16 -
Rising 22.65.03.04 2010.09.16 -
Sophos 4.57.0 2010.09.16 -
Sunbelt 6882 2010.09.16 -
SUPERAntiSpyware 4.40.0.1006 2010.09.16 -
Symantec 20101.1.1.7 2010.09.16 -
TheHacker 6.7.0.0.020 2010.09.16 -
TrendMicro 9.120.0.1004 2010.09.16 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.16 -
VBA32 3.12.14.0 2010.09.16 -
ViRobot 2010.8.25.4006 2010.09.16 -
VirusBuster 12.65.8.0 2010.09.15 -
Additional information
Show all
MD5 : 338c86357871c167a96ab976519bf59e
SHA1 : e99e20970139fb1e67bbc54fa8a61c18a4fce36e
SHA256: f28cc534523d1701b0552f5d7e18e88369c4218bdb1f69110c3e31d395884ad6
|
|
17.09.2010, 07:45
| #11 | |
| /// Helfer-Team | Windows Update und Windows Gadgets durch Virus blockiert Falls das Problem weiterhin besteht: - Wenn du einen sauberen Systempunkt hast, wähle ihn aus, das erspart Dir die langwierigen Reinigungsmethoden, ist zumindest einen Versuch wert!: Zitat:
► - auch, ob die SWH funktioniert hat, bzw ob Du das System auf einen früheren Wiederherstellungspunkt zurückstellen können? (Kannst noch immer bis zum heutigen Zeitpunkt rückgängig machen, falls liefert nicht das gewünschte Ergebnis) ► Da die SWH nur ein Notlösung ist und/oder die Systemwiederherstellung ist nicht durchführbar, Rückmeldung erwünscht |
|
17.09.2010, 12:49
| #12 |
| | Windows Update und Windows Gadgets durch Virus blockiert systemwiederhestellung durchgeführt.. windwos gadgets funktionieren wieder... allerdings macht das windows update immernoch den fehlercode 80072EFD =( |
|
19.09.2010, 07:50
| #13 |
| /// Helfer-Team | Windows Update und Windows Gadgets durch Virus blockiert zunächst die Schritte 1-4 erneut bitte abarbeiten:-> http://www.trojaner-board.de/90678-w...tml#post567361 |
|
19.09.2010, 17:21
| #14 |
| | Windows Update und Windows Gadgets durch Virus blockiert [CODE] RSIT Logfile: Code:
ATTFilter Logfile of random's system information tool 1.08 (written by random/random) Run by xxx at 2010-09-19 18:16:18 Microsoft Windows 7 Home Premium System drive C: has 100 GB (66%) free of 150 GB Total RAM: 3327 MB (62% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:16:29, on 19.09.2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE D:\Programme\Avira\AntiVir Desktop\avgnt.exe C:\Windows\System32\Ctxfihlp.exe D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe D:\Programme\RocketDock\RocketDock.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Programme\Logitech\SetPoint\SetPoint.exe F:\Logitech\G15\NM Monitor\nmmonitor.exe D:\Programme\RivaTuner\RivaTuner.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe C:\Windows\SYSTEM32\CTXFISPI.EXE C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe C:\Users\Marko\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUMonitor.gadget\GPUMonitor.exe D:\Programme\Microsoft Office\Office12\OUTLOOK.EXE D:\Programme\Mozilla Firefox\firefox.exe C:\Users\Marko\Desktop\Help\RSIT.exe C:\Program Files\trend micro\Marko.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Programme\Real\rpbrowserrecordplugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O4 - HKLM\..\Run: [avgnt] "D:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [RivaTuner] "D:\Programme\RivaTuner\RivaTunerWrapper.exe" /T O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "D:\Programme\RivaTuner\RivaTunerWrapper.exe" /S O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe" O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKCU\..\Run: [RocketDock] "D:\Programme\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user') O4 - Startup: nmmonitor.exe - Verknüpfung.lnk = F:\Logitech\G15\NM Monitor\nmmonitor.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Marko\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{AC144823-F474-49DE-991A-FB2148ECCBA1}: NameServer = 192.168.2.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{AC144823-F474-49DE-991A-FB2148ECCBA1}: NameServer = 192.168.2.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{AC144823-F474-49DE-991A-FB2148ECCBA1}: NameServer = 192.168.2.1 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\avmailc.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Programme\Hamachi\hamachi-2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: MBAMService - Malwarebytes Corporation - D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - D:\Programme\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- End of file - 13741 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Automatische Wartung.job C:\Windows\tasks\SidebarExecute.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}] ContributeBHO Class - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - D:\Programme\Real\rpbrowserrecordplugin.dll [2009-12-03 329312] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID-Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - D:\Programme\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640] {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avgnt"=D:\Programme\Avira\AntiVir Desktop\avgnt.exe [2010-03-26 282792] "RivaTuner"=D:\Programme\RivaTuner\RivaTunerWrapper.exe [2009-08-22 24576] "RivaTunerStartupDaemon"=D:\Programme\RivaTuner\RivaTunerWrapper.exe [2009-08-22 24576] ""= [] "Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2009-06-17 55824] "CTxfiHlp"=C:\Windows\system32\CTXFIHLP.EXE [2010-05-05 25600] "Malwarebytes' Anti-Malware"=D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584] "IJNetworkScanUtility"=C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2009-09-28 140640] "Launch LgDeviceAgent"=C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [2010-08-03 358472] "Launch LCDMon"=C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2010-08-03 1809992] "Launch LGDCore"=C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [2010-08-03 3649096] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "RocketDock"=D:\Programme\RocketDock\RocketDock.exe [2007-09-02 495616] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] D:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2010-06-19 640440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher] D:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2010-06-19 38840] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2009-12-14 611712] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE [2008-08-15 378224] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe [2009-09-04 75048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer] D:\Programme\CyberLink\Power2Go\CLMLSvc.exe [2008-07-18 104936] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] D:\Programme\D-Tools\DTLite.exe [2009-10-30 369200] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core] E:\Spiele\Electronic Arts\EADM\Core.exe -silent [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] D:\Programme\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] D:\Programme\ICQ7.2\ICQ.exe [2010-06-28 133368] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite] D:\Programme\ICQLite\ICQLite.exe -minimize [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020 [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] D:\Programme\iTunes\iTunesHelper.exe [2010-09-01 421160] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] D:\Programme\CyberLink\PowerDVD\Language\Language.exe [2009-04-16 62760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU] C:\Program Files\lg_fwupdate\fwupdate.exe [2010-02-18 557056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] C:\Program Files\Logitech\Webcam\Logitech WebCam Software\LWS.exe /hide [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui] D:\Programme\Hamachi\hamachi-2-ui.exe [2010-03-30 1820040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2010-05-07 165208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NM Monitor] F:\Logitech\G15\NM Monitor\nmmonitor.exe [2010-04-26 1810432] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] D:\Programme\CyberLink\PowerDVD\PDVDServ.exe [2009-04-16 87336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-12-03 198160] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut] D:\Programme\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-02-21 222504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut] D:\Programme\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-09-24 210216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut] D:\Programme\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [2008-06-13 210216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut] D:\Programme\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [2008-10-20 210216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marko^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk] C:\PROGRA~1\Logitech\Webcam\LOGITE~1\eReg.exe /remind /language=DEU /_WFM=. [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marko^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk] D:\PROGRA~1\MICROS~1\Office12\ONENOTEM.EXE [2009-02-26 97680] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Logitech SetPoint.lnk - C:\Programme\Logitech\SetPoint\SetPoint.exe C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup nmmonitor.exe - Verknüpfung.lnk - F:\Logitech\G15\NM Monitor\nmmonitor.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn] c:\program files\common files\logitech\bluetooth\LBTWlgn.dll [2009-07-20 72208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoRecentDocsNetHood"=1 "NoDrives"=0x00000000 "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-09-17 14:18:30 ----A---- C:\Windows\system32\spoolsv.exe 2010-09-16 16:17:32 ----D---- C:\ProgramData\Sun 2010-09-16 16:17:31 ----D---- C:\Program Files\Common Files\Java 2010-09-16 16:17:26 ----A---- C:\Windows\system32\javaws.exe 2010-09-16 16:17:26 ----A---- C:\Windows\system32\javaw.exe 2010-09-16 16:17:26 ----A---- C:\Windows\system32\java.exe 2010-09-16 16:17:26 ----A---- C:\Windows\system32\deployJava1.dll 2010-09-16 16:16:07 ----D---- C:\Program Files\QuickTime 2010-09-14 16:41:07 ----D---- C:\Program Files\trend micro 2010-09-14 16:41:05 ----D---- C:\rsit 2010-09-12 13:44:52 ----D---- C:\Program Files\iPod 2010-09-12 13:42:39 ----D---- C:\Program Files\Apple Software Update 2010-09-12 13:41:54 ----D---- C:\Program Files\Bonjour 2010-09-12 13:13:01 ----A---- C:\Windows\system32\CNMXLMA5.DLL 2010-09-12 10:31:34 ----A---- C:\Windows\system32\o4Patch.exe 2010-09-11 18:56:47 ----D---- C:\Users\Marko\AppData\Roaming\citidcgjg 2010-09-10 16:30:38 ----D---- C:\ProgramData\Spybot - Search & Destroy 2010-09-10 16:30:38 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-09-10 00:04:54 ----D---- C:\Program Files\Avira 2010-09-09 22:01:07 ----D---- C:\Users\Marko\AppData\Roaming\vnckrnaux 2010-09-09 22:00:37 ----D---- C:\Users\Marko\AppData\Roaming\E7270447A11B5D97670355A83EA350FD 2010-09-05 18:01:02 ----D---- C:\Users\Marko\AppData\Roaming\Canon 2010-09-05 17:42:10 ----A---- C:\Windows\system32\SETC52D.tmp 2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNHMCA.dll 2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNC340U.dll 2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNC340L.dll 2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNC340I.dll 2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNC340C.dll 2010-09-05 17:38:49 ----D---- C:\Program Files\Common Files\CANON 2010-09-05 17:37:25 ----HD---- C:\ProgramData\CanonBJ 2010-09-05 17:37:18 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information 2010-09-05 17:37:05 ----A---- C:\Windows\system32\CNMLMA5.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkUS.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkTW.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkTR.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkTH.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkSE.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkRU.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkPT.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkPL.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkNO.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkNL.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkKR.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkJP.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkIT.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkID.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkHU.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkGR.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkFR.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkFI.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkES.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkDK.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkDE.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkCZ.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkCN.DLL 2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkAR.DLL 2010-09-05 17:36:59 ----A---- C:\Windows\system32\CNCFMSk.EXE 2010-09-05 17:36:59 ----A---- C:\Windows\system32\CNCF2Lk.DLL 2010-09-05 17:36:51 ----A---- C:\Windows\system32\CNMIUA5.DLL 2010-09-05 17:36:40 ----HD---- C:\Program Files\CanonBJ 2010-09-05 17:36:31 ----D---- C:\Windows\system32\STRING 2010-09-05 17:36:31 ----A---- C:\Windows\system32\CNMNPUI.DLL 2010-09-05 17:36:31 ----A---- C:\Windows\system32\CNMNPPM.DLL 2010-09-05 17:36:30 ----D---- C:\Windows\system32\CHM 2010-09-05 17:34:41 ----D---- C:\Program Files\Canon 2010-08-30 23:12:10 ----N---- C:\Windows\system32\oleaut32.dll 2010-08-30 23:12:10 ----A---- C:\Windows\system32\oleaut32(815).dll 2010-08-30 19:08:13 ----D---- C:\Users\Marko\AppData\Roaming\NVIDIA 2010-08-30 19:07:46 ----A---- C:\Windows\system32\XAudio2_7.dll 2010-08-30 19:07:46 ----A---- C:\Windows\system32\XAPOFX1_5.dll 2010-08-30 19:07:46 ----A---- C:\Windows\system32\xactengine3_7.dll 2010-08-30 19:07:46 ----A---- C:\Windows\system32\D3DX9_43.dll 2010-08-30 19:07:46 ----A---- C:\Windows\system32\d3dx11_43.dll 2010-08-30 19:07:46 ----A---- C:\Windows\system32\d3dx10_43.dll 2010-08-30 19:07:46 ----A---- C:\Windows\system32\d3dcsx_43.dll 2010-08-30 19:07:46 ----A---- C:\Windows\system32\D3DCompiler_43.dll 2010-08-30 19:07:45 ----A---- C:\Windows\system32\XAudio2_6.dll 2010-08-30 19:07:45 ----A---- C:\Windows\system32\XAPOFX1_4.dll 2010-08-30 19:07:45 ----A---- C:\Windows\system32\xactengine3_6.dll 2010-08-30 19:07:45 ----A---- C:\Windows\system32\X3DAudio1_7.dll 2010-08-29 19:58:01 ----RA---- C:\Windows\system32\AdobePDFUI.dll ======List of files/folders modified in the last 1 months====== 2010-09-19 18:16:28 ----D---- C:\Windows\Temp 2010-09-19 18:09:19 ----D---- C:\ProgramData\NVIDIA 2010-09-19 18:09:14 ----D---- C:\Windows\system32\logishrd 2010-09-17 14:31:47 ----D---- C:\Windows\winsxs 2010-09-17 14:31:33 ----D---- C:\Windows\system32\config 2010-09-17 14:30:23 ----D---- C:\Windows\System32 2010-09-17 14:18:43 ----D---- C:\Windows 2010-09-17 14:18:33 ----D---- C:\Windows\system32\catroot 2010-09-17 14:18:26 ----SHD---- C:\System Volume Information 2010-09-17 14:17:32 ----D---- C:\Windows\SoftwareDistribution 2010-09-17 14:05:31 ----SHD---- C:\Windows\Installer 2010-09-17 14:05:11 ----SHD---- C:\Config.Msi 2010-09-17 14:00:29 ----D---- C:\Windows\system32\drivers 2010-09-17 13:46:34 ----D---- C:\Users 2010-09-17 12:15:01 ----D---- C:\Users\Marko\AppData\Roaming\ICQ 2010-09-16 21:18:45 ----A---- C:\Windows\ULead32.ini 2010-09-16 17:12:29 ----D---- C:\Users\Marko\AppData\Roaming\Skype 2010-09-16 16:22:31 ----D---- C:\Users\Marko\AppData\Roaming\skypePM 2010-09-16 16:17:32 ----D---- C:\ProgramData 2010-09-16 16:17:31 ----D---- C:\Program Files\Common Files 2010-09-16 16:16:07 ----D---- C:\Program Files 2010-09-16 14:37:16 ----D---- C:\Windows\Tasks 2010-09-16 14:24:25 ----D---- C:\Windows\system32\catroot2 2010-09-15 08:38:28 ----D---- C:\Windows\registration 2010-09-13 23:49:15 ----D---- C:\Windows\AppPatch 2010-09-13 23:46:58 ----D---- C:\Windows\system32\LogFiles 2010-09-12 13:58:59 ----D---- C:\Boot 2010-09-12 13:44:52 ----D---- C:\Program Files\Common Files\Apple 2010-09-12 13:42:33 ----D---- C:\Windows\inf 2010-09-12 13:42:17 ----D---- C:\Windows\system32\DriverStore 2010-09-12 13:29:53 ----D---- C:\Windows\Minidump 2010-09-12 13:15:45 ----D---- C:\ProgramData\Logitech 2010-09-12 13:12:32 ----D---- C:\Windows\twain_32 2010-09-12 13:07:26 ----D---- C:\Users\Marko\AppData\Roaming\Taypy 2010-09-12 13:04:15 ----D---- C:\Windows\system32\wbem 2010-09-12 13:03:11 ----D---- C:\Windows\system32\wfp 2010-09-12 13:03:10 ----D---- C:\Windows\system32\Tasks 2010-09-12 13:03:06 ----D---- C:\Windows\system32\CodeIntegrity 2010-09-12 13:03:05 ----D---- C:\Windows\Media 2010-09-12 13:03:05 ----D---- C:\Windows\Downloaded Program Files 2010-09-12 13:03:05 ----D---- C:\Users\Marko\AppData\Roaming\Winamp 2010-09-12 13:03:05 ----D---- C:\Users\Marko\AppData\Roaming\Kaam 2010-09-12 13:03:00 ----D---- C:\ProgramData\DivX 2010-09-12 13:03:00 ----D---- C:\ProgramData\Apple Computer 2010-09-12 13:02:58 ----D---- C:\Program Files\Microsoft Silverlight 2010-09-12 13:02:57 ----D---- C:\Program Files\DVDVideoSoft 2010-09-12 13:02:57 ----D---- C:\Program Files\DivX 2010-09-12 13:02:57 ----D---- C:\Program Files\Common Files\PX Storage Engine 2010-09-12 13:02:57 ----D---- C:\Program Files\Common Files\Logishrd 2010-09-12 13:02:57 ----D---- C:\Program Files\Common Files\DVDVideoSoft 2010-09-12 13:02:55 ----D---- C:\NVIDIA 2010-09-12 13:01:41 ----D---- C:\Users\Marko\AppData\Roaming\Adobe 2010-09-12 13:01:34 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-09-10 18:39:46 ----D---- C:\Windows\Sun 2010-09-10 17:46:07 ----D---- C:\Windows\debug 2010-09-04 13:07:28 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-09-02 17:10:49 ----D---- C:\ProgramData\Adobe 2010-08-30 19:07:59 ----D---- C:\Program Files\NVIDIA Corporation 2010-08-30 19:07:37 ----D---- C:\Windows\assembly 2010-08-26 14:40:34 ----A---- C:\Windows\system32\authuitu(812).dll 2010-08-26 14:40:24 ----A---- C:\Windows\system32\uxtuneup(813).dll 2010-08-25 18:16:50 ----A---- C:\Windows\SurCode.INI ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 CLBStor;CyberLink InstantBurn UDF Reader Help Driver; C:\Windows\system32\drivers\CLBStor.sys [2008-10-20 10368] R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368] R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-02-06 44608] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-03 691696] R1 avgio;avgio; \??\D:\Programme\Avira\AntiVir Desktop\avgio.sys [2009-12-03 11608] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-26 124784] R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160] R1 hwinterface;hwinterface; C:\Windows\System32\Drivers\hwinterface.sys [2009-12-03 2996] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-12-03 28520] R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2009-12-14 73312] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-03-26 60936] R2 CLBUDFR;CyberLink UDF Filesystem; C:\Windows\system32\drivers\CLBUDFR.sys [2008-10-20 154368] R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] R2 vcs;vcs; \??\D:\Programme\AV VCS 3.0 Gold\vcs.sys [2003-04-30 6852] R3 CMISTOR;CMIUCR.SYS CM320/CM220 Card Reader Driver; C:\Windows\system32\DRIVERS\cmiucr.SYS [2007-09-10 95616] R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [2010-05-05 171096] R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2010-05-05 511064] R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2010-05-05 526296] R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS [2010-05-05 1324120] R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS [2010-05-05 72792] R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2010-05-05 14424] R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2010-05-05 158808] R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2006-12-26 34760] R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2007-02-16 11984] R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2010-05-05 95832] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2010-05-05 1178200] R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176] R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720] R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-23 14856] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392] R3 LVPr2Mon;LVPr2Mon Driver; C:\Windows\system32\Drivers\LVPr2Mon.sys [2010-05-07 25824] R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2010-05-15 276448] R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\lvusbsta.sys [2005-01-31 22016] R3 LVUVC;Logitech Webcam Pro 9000(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2010-05-15 6842592] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2010-04-29 20952] R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6232.sys [2009-07-30 287392] R3 nvoclock;NVIDIA Enthusiasts Platform KDM; C:\Windows\system32\DRIVERS\nvoclock.sys [2009-09-15 38248] R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-08-24 15872] R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2010-05-05 130136] R3 RivaTuner32;RivaTuner32; \??\D:\Programme\RivaTuner\RivaTuner32.sys [2009-08-22 9088] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312] S3 AODDriver;AODDriver; \??\C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys [2009-02-23 7168] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888] S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS [2010-05-05 171096] S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\Windows\system32\drivers\ctdvda2k.sys [2010-05-05 347144] S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS [2010-05-05 1324120] S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS [2010-05-05 72792] S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2004-10-25 21664] S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2010-01-09 17488] S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-03-06 17488] S3 GVTDrv;GVTDrv; \??\C:\Windows\system32\Drivers\GVTDrv.sys [2010-03-06 24944] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-11-03 2790048] S3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-09-08 1063712] S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2005-01-31 211712] S3 SANDRA;SANDRA; \??\D:\Programme\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x86\Sandra.sys [2009-08-08 23112] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-04-19 41984] S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirMailService;Avira AntiVir MailGuard; D:\Programme\Avira\AntiVir Desktop\avmailc.exe [2010-04-19 337064] R2 AntiVirSchedulerService;Avira AntiVir Planer; D:\Programme\Avira\AntiVir Desktop\sched.exe [2010-03-26 135336] R2 AntiVirService;Avira AntiVir Guard; D:\Programme\Avira\AntiVir Desktop\avguard.exe [2010-04-19 267432] R2 AntiVirWebService;Avira AntiVir WebGuard; D:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE [2010-04-19 405672] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672] R2 Bonjour Service;Dienst "Bonjour"; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376] R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200] R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-08-10 387616] R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; D:\Programme\Hamachi\hamachi-2.exe [2010-03-30 1107336] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728] R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 162648] R2 MBAMService;MBAMService; D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464] R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208] R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-08-10 178720] R2 nTuneService;Performance Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2010-03-22 191080] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-08-11 66872] R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2010-08-11 107832] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-08-26 1051968] R2 UpdateCenterService;Update Center Service; C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe [2009-11-06 195176] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2009-12-14 288112] S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-02-18 79360] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-12-03 79360] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-12-06 655624] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2010-09-01 820008] S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [2009-07-20 121360] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Programme\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 SandraAgentSrv;SiSoftware Deployment Agent Service; D:\Programme\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe [2009-08-24 93336] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-11-15 320760] S3 TuneUp.Defrag;@D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-09-11 435008] -----------------EOF----------------- Code:
ATTFilter 3DMark06 Futuremark 04.12.2009 1.0.2
7-Zip 4.62
Acrobat.com Adobe Systems Incorporated 1.2.443
Adobe AIR Adobe Systems Inc. 1.5.3.9130
Adobe Creative Suite 4 Master Collection Adobe Systems Incorporated 4.0
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 10.1.53.64
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 10.1.82.76
Adobe Media Player Adobe Systems Incorporated 1.1
Adobe Reader 9 - Deutsch Adobe Systems Incorporated 03.12.2009 9.0.0
Age of Empires III Microsoft Game Studios 20.12.2009 1.00.0000
Apple Application Support Apple Inc. 12.09.2010 1.3.2
Apple Mobile Device Support Apple Inc. 12.09.2010 3.2.0.47
Apple Software Update Apple Inc. 12.09.2010 2.1.2.120
Avira AntiVir Premium Avira GmbH 10.0.0.603
Battlefield 2(TM) 11.12.2009
Bonjour Apple Inc. 12.09.2010 2.0.3.0
C-Media USB2.0 Card Reader
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon Kurzwahlprogramm
Canon MP Navigator EX 3.1
Canon MX340 series Benutzerregistrierung
Canon MX340 series MP Drivers
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
CCleaner Piriform 2.34
Command & Conquer 3 Ihr Firmenname 27.12.2009 1.00.0000
Command & Conquer™ 3: Kanes Rache Ihr Firmenname 27.12.2009 1.00.0000
Command & Conquer™ 4 Tiberian Twilight Electronic Arts 03.08.2010 1.0.0.0
Counter-Strike 1.6 1.00.0000
Creative ALchemy Creative Technology Limited 1.41
Creative Audio-Systemsteuerung Creative Technology Limited 2.00
Creative Konsole Starter Creative Technology Limited
Creative Software AutoUpdate Creative Technology Limited 1.40
Crysis WARHEAD(R) Electronic Arts
Crysis WARHEAD(R) Patch Electronic Arts
Crysis(R) Electronic Arts 02.01.2010 1.21.0000
CyberLink BD Advisor 2.0
CyberLink Blu-ray Disc Suite CyberLink Corp. 18.02.2010 6.0.2201
CyberLink LabelPrint CyberLink Corp. 2.0.3301
CyberLink MediaShow CyberLink Corp. 18.02.2010 4.1.2124
CyberLink Power2Go CyberLink Corp. 18.02.2010 6.0.2221
CyberLink PowerDVD CyberLink Corp. 7.3.5711.1
CyberLink PowerProducer CyberLink Corp. 18.02.2010 5.0819
CyberLink UDF Reader 5.0
DivX Converter DivX, Inc. 7.1.0
DivX Plus DirectShow Filters DivX, Inc.
DivX-Setup DivX, Inc. 2.0.4.2
Easy Tune 6 B09.1120.1 GIGABYTE 09.01.2010 1.00.0000
Eigenschaften von Creative Sound Blaster Creative Technology Limited 1.02
Facebook Plug-In Facebook, Inc.
Far Cry 2 Ubisoft 11.08.2010 1.03.00
Fraps (remove only)
Free Audio CD Burner version 1.4 DVDVideoSoft Limited. 03.08.2010
Free YouTube to MP3 Converter version 3.7 DVDVideoSoft Limited. 03.08.2010
Grand Theft Auto IV Rockstar Games 11.12.2009 1.00.0000
Großer ADAC ReisePlaner 2008/2009 04.12.2009
ICQ 7.2 Build #3129 Banner Remover 1.0 murb.com 28.06.2010
ICQ7.2 ICQ 28.06.2010 7.2
iPhone Explorer Marx Softwareentwicklung (Germany) 31.01.2010 0.9.0
iTunes Apple Inc. 12.09.2010 10.0.0.68
James Cameron's AVATAR(tm): DAS SPIEL Ubisoft 27.01.2010 1.02.00
Java(TM) 6 Update 21 Sun Microsystems, Inc. 03.12.2009 6.0.210
LexiROM 2.0
LG Tool Kit 9.01.1124.01
LightScribe System Software LightScribe 18.02.2010 1.18.8.1
Logitech GamePanel Software 3.06.109 Logitech Inc. 12.09.2010 3.06.109
Logitech SetPoint Logitech 04.01.2010 4.80
Logitech Webcam Software Logitech Inc. 2.0
Logitech Webcam Software-Treiberpaket Logitech Inc. 12.10.1110
LogMeIn Hamachi LogMeIn, Inc. 2.0.2.85
Malwarebytes' Anti-Malware Malwarebytes Corporation 12.09.2010
Microsoft .NET Compact Framework 2.0 SP1 Microsoft Corporation 09.04.2010 2.0.6129
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 4.0.30319
Microsoft Games for Windows - LIVE Microsoft Corporation 17.06.2010 3.3.24.0
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 17.06.2010 3.2.3.0
Microsoft Office Enterprise 2007 Microsoft Corporation 12.0.6425.1000
Microsoft Office Live Add-in 1.5 Microsoft Corporation 17.06.2010 2.0.4024.1
Microsoft Rechner-Plus Microsoft 03.12.2009 1.0.0
Microsoft Silverlight Microsoft Corporation 17.06.2010 4.0.50524.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 03.12.2009 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 18.02.2010 8.0.59193
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 03.12.2009 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 03.12.2009 9.0.30729
Mozilla Firefox (3.6.10) Mozilla 3.6.10 (de)
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 05.12.2009 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 05.12.2009 4.20.9876.0
Need For Speed SHIFT Electronic Arts 27.12.2009
Nero 9 Trial Nero AG 18.02.2010
NVIDIA Display Control Panel NVIDIA Corporation 6.14.12.5896
NVIDIA Drivers NVIDIA Corporation 1.10.62.40
NVIDIA ForceWare Network Access Manager NVIDIA Corporation 03.12.2009 1.00.7316
NVIDIA Performance NVIDIA Corporation 03.08.2010 6.5
NVIDIA PhysX NVIDIA Corporation 30.08.2010 9.10.0513
NVIDIA Stereoscopic 3D Driver NVIDIA Corporation 7.17.12.5896
NVIDIA System Monitor NVIDIA Corporation 03.08.2010 6.5
NVIDIA System Update NVIDIA Corporation 03.08.2010 3.00
OpenAL
oZone3D.Net FurMark v1.7.0 oZone3D.Net 06.12.2009
pdf24 PDF24.org 04.12.2009
PunkBuster Services Even Balance, Inc. 0.986
QuickTime Apple Inc. 16.09.2010 7.68.75.0
RealPlayer RealNetworks
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 08.12.2009 6.0.1.5973
RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition Alexey Nicolaychuk v2.24 MSI Master Overclocking Arena 2009 edition
Rockstar Games Social Club Rockstar Games 11.12.2009 1.00.0000
SiSoftware Sandra Lite 2010 SiSoftware 09.12.2009 16.11.2010.1
Skype™ 4.2 Skype Technologies S.A. 24.07.2010 4.2.169
SUPER © Version 2009.bld.36 (June 10, 2009) eRightSoft Version 2009.bld.36 (June 10, 2009)
Tom Clancy's Splinter Cell Conviction Ubisoft 01.06.2010 1.04.000
TuneUp Utilities TuneUp Software 9.0.2010.9
Ubisoft Game Launcher UBISOFT 01.06.2010 1.0.0.0
Uninstall 1.0.0.1 03.08.2010
Virtual DJ - Atomix Productions
VLC media player 1.0.3 VideoLAN Team 1.0.3
WD Diagnostics Western Digital Technologies 04.08.2010 1.09.0002
Winamp Nullsoft, Inc 5.581
Winamp Erkennungs-Plug-in Nullsoft, Inc 20.07.2010 1.0.0.1
Windows Live Essentials Microsoft Corporation 14.0.8089.0726
Windows Live ID-Anmelde-Assistent Microsoft Corporation 17.06.2010 6.500.3165.0
Windows Live-Uploadtool Microsoft Corporation 03.12.2009 14.0.8014.1029
Windows Media Player Firefox Plugin Microsoft Corp 03.12.2009 1.0.0.8
WinRAR
WinZip 11.1 WinZip Computing, S.L. 03.12.2009 11.1.7466
|
|
20.09.2010, 06:38
| #15 |
| /// Helfer-Team | Windows Update und Windows Gadgets durch Virus blockiert hi 1. ** Update Malwarebytes Anti-Malware, lass es nochmal anhand der folgenden Anleitung laufen:
Achtung!: >>Du sollst die Programme nicht installieren, sondern dein System nur online scannen<< 2. → Den kompletten Rechner (also das ganze System) zu überprüfen (Systemprüfung ohne Säuberung) mit Kaspersky Online Scanner/klicke hier → um mit dem Vorgang fortzufahren klicke auf "Accept" → dann wähle "My computer" aus - Es dauert einige Zeit, bis ein Komplett-Scan durch gelaufen ist, also bitte um Geduld! Es kann einige Zeit dauern, bis der Scan abgeschlossen ist - je nach Größe der Festplatte eine oder mehrere Stunden - also Geduld... → Report angezeigt, klicke auf "Save as" - den bitte kopieren und in deinem Thread hier einfügen Vor dem Scan Einstellungen im Internet Explorer: → "Extras→ Internetoptionen→ Sicherheit": → alles auf Standardstufe stellen → Active X erlauben - damit die neue Virendefinitionen installiert werden können 3. Führe dann einen Komplett-Systemcheck mit Nod32 - die Scanergebnis als *.txt Dateien speichern) - (ESET Online Scanner (Sicherheitseinstellungen wie unter Punkt 1.) Speichere und Poste bitte das Logfile Du musst einen Haken bei "Remove found threads" und "Scan archives" setzen |
|
| Themen zu Windows Update und Windows Gadgets durch Virus blockiert |
| 32-bit, antivir, antivir guard, avira, bho, blockiert, bonjour, c:\windows\system32\rundll32.exe, cc cleaner, converter, desktop, fehlermeldung, firefox, hijack, hijackthis, hkus\s-1-5-18, home, hängen, internet explorer, launch, monitor, mozilla, performance, plug-in, rundll, senden, software, system, virus, windows |
Linear-Darstellung
