Trojaner an Board (Was ist qvyjea.exe bzw. qmadya.exe?)

Leonixx · 01.10.2010, 09:05

Erstmal das Betriebssystem auf den neuestem Stand bringen einschl. aller Sicherheitsupdates. Seit Jahren gibt es das Service Pack 3 für Windows XP sowie mindestens IE7. Bevor wir weitermachen, erstmal System aktualisieren, sonst ist es beim nächsten Onlinegehen schnell wieder verseucht.

Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

desra · 01.10.2010, 23:36

OK!

Habe ich gemacht.

...und dann?

Leonixx · 02.10.2010, 09:48

Nochmals Komplett Scan Malwarebytes.

desra · 03.10.2010, 11:40

OK.

Habe ich gemacht.

Hier die Ergebnisse:

Code:

ATTFilter

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4733

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

03.10.2010 00:50:32
mbam-log-2010-10-03 (00-50-32).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 541438
Laufzeit: 6 Stunde(n), 39 Minute(n), 10 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 5
Infizierte Registrierungswerte: 4
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\20W6RLKX65 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ASH24SXZ9S (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SMH2B46TDP (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ash24sxz9s (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\bk (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\idln2 (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\registrymonitor2 (Malware.Trace) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\WINDOWS\system32\drivers\str.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Ansonsten hatte Antivir gestern noch bei einigen Dateien mit TR/Dldr.WMA.Wimad.Z sowie TR/Dldr.Age.1171323 gefunden, welcher aber anscheinend gelöscht werden konnten...

Leonixx · 03.10.2010, 12:18

Möchte nochmals Logs von RSIT sehen.

desra · 03.10.2010, 18:50

[CODE]info.txtRSIT Logfile:

Code:

ATTFilter

logfile of random's system information tool 1.08 2010-10-03 19:54:34

======Uninstall list======

-->C:\Programme\FriendBot\FriendBot\uninstall.exe
-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware 2007-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe After Effects CS4 Presets-->MsiExec.exe /I{44E240EC-2224-4078-A88B-2CEE0D3016EF}
Adobe After Effects CS4 Template Projects & Footage-->MsiExec.exe /I{F600CCF3-9C88-4A22-B0B4-DDA82E997118}
Adobe After Effects CS4 Third Party Content-->MsiExec.exe /I{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}
Adobe After Effects CS4-->MsiExec.exe /I{45EC816C-0771-4C14-AE6D-72D1B578F4C8}
Adobe AIR-->C:\Programme\Gemeinsame Dateien\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Color Video Profiles AE CS4-->MsiExec.exe /I{B15381DD-FF97-4FCD-A881-ED4DB0975500}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe Creative Suite 3 Design Premium hinzufügen oder entfernen-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\061850775b1c6d22bf2a145678e05e0\Setup.exe
Adobe Creative Suite 3 Design Premium-->MsiExec.exe /I{4393DE35-AD67-4F37-95E4-30F06EA0FDB2}
Adobe Creative Suite 4 Production Premium-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\36ac9dc8c9a94feb9e5886810012e78\Setup.exe --uninstall=1
Adobe Creative Suite 4 Production Premium-->MsiExec.exe /I{70E3A868-C269-4E6D-B225-862AADF7D0AF}
Adobe Creative Suite 5 Master Collection-->C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}"
Adobe CS4 American English Speech Analysis Models-->MsiExec.exe /I{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}
Adobe CS4 French Speech Analysis Models-->MsiExec.exe /I{9AACCD0F-2734-4E8C-8C24-2702D4506E93}
Adobe CS4 German Speech Analysis Models-->MsiExec.exe /I{9A7C4EAC-6E38-42E3-85AA-408874A803DE}
Adobe CS4 International English Speech Analysis Models-->MsiExec.exe /I{4F213D2A-B942-4611-AEE5-49F9D42D0A2F}
Adobe CS4 Italian Speech Analysis Models-->MsiExec.exe /I{0B561CF4-0C7D-4745-AF53-161E24E44F87}
Adobe CS4 Japanese Speech Analysis Models-->MsiExec.exe /I{B35FDD04-48FD-4D3D-B0EB-088C5137CD42}
Adobe CS4 Korean Speech Analysis Models-->MsiExec.exe /I{48E9A4FB-17C6-4B14-BC9D-D83AF2A4059A}
Adobe CS4 Spanish Speech Analysis Models-->MsiExec.exe /I{1FD653A8-9CFA-4392-B89C-CCDB114DE442}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Dreamweaver CS3-->MsiExec.exe /I{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
Adobe Encore CS4 Codecs-->MsiExec.exe /I{FB2A5FCC-B81B-48C2-A009-7804694D83E9}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash CS3-->MsiExec.exe /I{8C640345-AF96-4ABA-A697-97D2A0B8C6DB}
Adobe Flash CS4 Extension - Flash Lite STI others-->MsiExec.exe /I{47C6F987-685A-41AE-B092-E75B277AEE39}
Adobe Flash CS4 STI-other-->MsiExec.exe /I{BD3374D3-C2E6-42B7-A80B-E850B6886246}
Adobe Flash CS4-->MsiExec.exe /I{F6E99614-F042-4459-82B7-8B38B2601356}
Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}
Adobe Flash Video Encoder-->MsiExec.exe /I{BCEDD813-269C-4D8F-A4BA-01FDC66254D3}
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Illustrator CS-->RunDll32 "C:\Programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Programme\InstallShield Installation Information\{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}\setup.exe"
Adobe Illustrator CS3-->MsiExec.exe /I{C8D7A672-F697-4572-AC62-C856053A8DBC}
Adobe Illustrator CS4-->MsiExec.exe /I{87532CAB-7932-4F84-8937-823337622807}
Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe InDesign CS3-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\8fbf74eb27c84640370f87306e8981b\Setup.exe
Adobe InDesign CS3-->MsiExec.exe /I{411E0CC3-587A-468C-B461-95FAFD05E4DE}
Adobe InDesign CS4 Application Feature Set Files (Roman)-->MsiExec.exe /I{2BAF2B96-7560-48B4-87D4-10178DDBE217}
Adobe InDesign CS4 Common Base Files-->MsiExec.exe /I{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}
Adobe InDesign CS4 Icon Handler-->MsiExec.exe /I{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}
Adobe InDesign CS4-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\1710d324011afc3e7658e969025f4ba\Setup.exe --uninstall=1
Adobe InDesign CS4-->MsiExec.exe /I{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Encoder CS4 Additional Exporter-->MsiExec.exe /I{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}
Adobe Media Encoder CS4 Dolby-->MsiExec.exe /I{EE353798-E875-42E0-B58D-7E6696182EA8}
Adobe Media Encoder CS4 Exporter-->MsiExec.exe /I{561968FD-56A1-49FD-9ED0-F55482C7C5BC}
Adobe Media Encoder CS4 Importer-->MsiExec.exe /I{8186FF34-D389-4B7E-9A2F-C197585BCFBD}
Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe MotionPicture Color Files CS4-->MsiExec.exe /I{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}
Adobe OnLocation CS4-->MsiExec.exe /I{7406DF60-016D-476B-A2C7-55D997592047}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS3-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}
Adobe Photoshop CS3-->MsiExec.exe /I{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Premiere Pro CS4 Functional Content-->MsiExec.exe /I{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}
Adobe Premiere Pro CS4 Third Party Content-->MsiExec.exe /I{C938BE91-3BB5-4B84-9EF6-88F0505D0038}
Adobe Premiere Pro CS4-->MsiExec.exe /I{D499F8DE-3F31-4900-9157-61061613704B}
Adobe Reader 9.3.4 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A93000000001}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{5518E08A-2053-4A3E-85B2-F912D4666C9F}
Adobe Setup-->MsiExec.exe /I{AE585DDE-7230-4B57-926B-428C94AA5850}
Adobe Setup-->MsiExec.exe /I{CA1CA5F8-7500-45C5-9D4C-47D13FBC92D2}
Adobe Setup-->MsiExec.exe /I{CA842D69-22DB-456E-95C7-A5C92593C7C4}
Adobe Setup-->MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}
Adobe SGM CS4-->MsiExec.exe /I{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe SING CS4-->MsiExec.exe /I{4A52555C-032A-4083-BDD9-6A85ABFB39A8}
Adobe Soundbooth CS4 Codecs-->MsiExec.exe /I{52232EF4-CC12-4C21-ABCF-ADB79618302D}
Adobe Soundbooth CS4-->MsiExec.exe /I{14F70205-1940-4000-88C7-BE799A6B2CAD}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe SVG Viewer 3.0-->C:\Programme\Gemeinsame Dateien\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Programme\Gemeinsame Dateien\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Version Cue CS3 Server-->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
Adobe Version Cue CS4 Server-->MsiExec.exe /I{1B7C06E1-4888-47A6-992A-0990B9683486}
Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
Artisteer 2-->"C:\Programme\Artisteer 2\bin\Uninstall.exe"
Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x7 
Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
BitTorrent-->C:\Programme\BitTorrent\uninst.exe
Burn4Free CD & DVD 4.9.0.0-->"C:\Programme\Burn4Free\unins000.exe"
Burn4Free CD and DVD-->"C:\Programme\Burn4Free\uninstall.exe"
Canon iP4200-->C:\WINDOWS\system32\CNMCP78.exe "-PRINTERNAMECanon iP4200" "-HELPERDLLC:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\cnmis.dll" "-RCDLLcnmi0407.dll"
Canon Utilities Easy-PhotoPrint-->C:\Programme\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
CD-LabelPrint-->"C:\Programme\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
ConvertHelper 2.2-->"C:\Programme\ConvertHelper\unins000.exe"
Core FTP LE 2.0-->C:\PROGRA~1\CoreFTP\UNWISE.EXE C:\PROGRA~1\CoreFTP\INSTALL.LOG
Core FTP Pro 2.0-->C:\PROGRA~1\CoreFTP\UNWISE.EXE C:\PROGRA~1\CoreFTP\INSTALL.LOG
DivX-Setup-->C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
Easy-WebPrint-->C:\WINDOWS\IsUn0407.exe -fC:\Programme\Canon\Easy-WebPrint\Uninst.isu
ERUNT 1.1j-->C:\Programme\ERUNT\unins000.exe
ESET Online Scanner v3-->C:\Programme\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
EVEREST Home Edition v2.20-->"C:\Programme\Lavalys\EVEREST Home Edition\unins000.exe"
Express Burn-->C:\Programme\NCH Swift Sound\ExpressBurn\uninst.exe
Express Rip-->C:\Programme\NCH Swift Sound\ExpressRip\uninst.exe
foobar2000 v1.0.3-->"C:\Programme\foobar2000\uninstall.exe" _?=C:\Programme\foobar2000
FriendBlasterPro-->"C:\Programme\FriendBlasterPro\unins000.exe"
Geiss2 for Winamp 2x (remove only)-->"C:\Programme\Winamp\uninst-vis_geiss2.dll.exe"
GetDataBack for NTFS-->"C:\Programme\Runtime Software\GetDataBack for NTFS\Uninstall.exe" "C:\Programme\Runtime Software\GetDataBack for NTFS\install.log" -u
GoGear SA19xx Device Manager-->C:\Programme\InstallShield Installation Information\{CF35000B-8247-449B-85C9-D9C2A5936683}\setup.exe -runfromtemp -l0x0007 -removeonly
HD Tune 2.54-->"C:\Programme\HD Tune\unins000.exe"
HijackThis 2.0.2-->"C:\Dokumente und Einstellungen\Administrator\Desktop\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix für Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotspot Shield 1.45-->C:\Programme\Hotspot Shield\Uninstall.exe
IconCool Editor v5.x-->C:\PROGRA~1\ICONCO~1\ICONCO~1\UNWISE.EXE C:\PROGRA~1\ICONCO~1\ICONCO~1\INSTALL.LOG
ICQ7.2-->"C:\Programme\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
iTunes-->MsiExec.exe /I{9357AE3A-B2ED-4138-BB9B-0564352C3F0A}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Keseling Poster-Drucker 1.0.3-->"C:\Programme\Keseling Poster-Drucker 1.0.3\unins000.exe"
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
Last.fm 1.5.4.24567-->"C:\Programme\Last.fm\unins000.exe"
LimeWire 4.14.10-->"C:\Programme\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2000 Disc 2-->MsiExec.exe /I{00040407-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 Professional-->MsiExec.exe /I{00010407-78E1-11D2-B60F-006097C998E7}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
MilkDrop for Winamp 2x (remove only)-->"C:\Programme\Winamp\uninst-vis_milk.dll.exe"
Mozilla Firefox (3.6.10)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
MP3-Cutter-->C:\WINDOWS\IsUninst.exe -fC:\Programme\MP3-Cutter\Uninst.isu
Multimedia Keyboard & Mouse Driver-->C:\Programme\InstallShield Installation Information\{055A9D81-5E0A-4088-94B3-BAC849EC3C20}\setup.exe -runfromtemp -l0x0407
Native Instruments - Traktor 1.06-->C:\Audio\NATIVE~1\Traktor\UNINST~1\106\UNWISE.EXE C:\Audio\NATIVE~1\Traktor\UNINST~1\106\INSTALL.LOG
NSIS Mixxx-->"C:\Programme\Mixxx\uninstall.exe"
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OpenOffice.org 3.0-->MsiExec.exe /I{7EC19307-7C22-47A8-922B-3FA965291260}
Panda ActiveScan 2.0-->C:\Programme\Panda Security\ActiveScan 2.0\as2uninst.exe
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PDFCreator-->C:\Programme\PDFCreator\unins000.exe
Pen Pad Driver with Macro Key Manager-->Rmtablet KNL
Pflanzen gegen Zombies-->C:\Programme\PopCap Games\Plants vs. Zombies\PopUninstall.exe "C:\Programme\PopCap Games\Plants vs. Zombies\Install.log"
Phase 5 HTML-Editor-->MsiExec.exe /I{BCB313A5-1AD0-4829-9D6F-EB41C3CFCD4B}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9}
Poster-Drucker 4-->C:\WINDOWS\cadkasdeinst01.exe "C:\Programme\Poster-Drucker 4\"
QuickTime-->MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
RealPlayer-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F}
RocketDock 1.3.5-->"C:\Programme\RocketDock\unins000.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB2183461)-->"C:\WINDOWS\$NtUninstallKB2183461$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe"
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update für Windows Internet Explorer 8 (KB2362765)-->"C:\WINDOWS\ie8updates\KB2362765-IE8\spuninst\spuninst.exe"
Update für Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Update für Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"
Update für Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update für Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update für Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update für Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update für Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update für Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update für Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
VideoLAN VLC media player 0.8.5-->C:\Programme\VideoLAN\VLC\uninstall.exe
VirtualCloneDrive-->"C:\Programme\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="C:\Programme\Elaborate Bytes\VirtualCloneDrive"
Winamp-->"C:\Programme\Winamp\UninstWA.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR Archivierer-->C:\Programme\WinRAR\uninstall.exe
xp-AntiSpy 3.96-5-->C:\Programme\xp-AntiSpy\Uninstall.exe
Xvid 1.1.3 final uninstall-->"C:\Programme\Xvid\unins000.exe"
Zoomquilt II Screensaver-->C:\WINDOWS\system32\\Zoomquilt II Screensaver_uninst.exe "C:\WINDOWS\system32\" "Zoomquilt II Screensaver"

======Hosts File======

    127.0.0.1        localhost

======Security center information======

AV: Avira AntiVir PersonalEdition

======System event log======

Computer Name: SYSTEM-859057B3
Event Code: 45
Message: Das System konnte den Treiber für das Speicherabbild nicht laden.

Record Number: 106326
Source Name: Ftdisk
Time Written: 20100926214003.000000+120
Event Type: Fehler
User: 

Computer Name: SYSTEM-859057B3
Event Code: 10
Message: Die digitale Audiowiedergabe wird von diesem Laufwerk nicht unterstützt.

Record Number: 106325
Source Name: redbook
Time Written: 20100926214003.000000+120
Event Type: Informationen
User: 

Computer Name: SYSTEM-859057B3
Event Code: 2
Message: Device identified.

Record Number: 106324
Source Name: nvata
Time Written: 20100926214003.000000+120
Event Type: Informationen
User: 

Computer Name: SYSTEM-859057B3
Event Code: 6005
Message: Der Ereignisprotokolldienst wurde gestartet.

Record Number: 106323
Source Name: EventLog
Time Written: 20100926213954.000000+120
Event Type: Informationen
User: 

Computer Name: SYSTEM-859057B3
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Uniprocessor Free.

Record Number: 106322
Source Name: EventLog
Time Written: 20100926213954.000000+120
Event Type: Informationen
User: 

=====Application event log=====

Computer Name: SYSTEM-859057B3
Event Code: 1800
Message: Der Windows-Sicherheitscenterdienst wurde gestartet.

Record Number: 5423
Source Name: SecurityCenter
Time Written: 20100622133534.000000+120
Event Type: Informationen
User: 

Computer Name: SYSTEM-859057B3
Event Code: 2004
Message: Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.

Record Number: 5422
Source Name: PerfNet
Time Written: 20100622133453.000000+120
Event Type: Fehler
User: 

Computer Name: SYSTEM-859057B3
Event Code: 2004
Message: Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.

Record Number: 5421
Source Name: PerfNet
Time Written: 20100622133453.000000+120
Event Type: Fehler
User: 

Computer Name: SYSTEM-859057B3
Event Code: 1
Message: 
Record Number: 5420
Source Name: Bonjour Service
Time Written: 20100622133417.000000+120
Event Type: Informationen
User: 

Computer Name: SYSTEM-859057B3
Event Code: 4096
Message: 
Record Number: 5419
Source Name: Avira AntiVir
Time Written: 20100622133400.000000+120
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

======Environment variables======

"CLASSPATH"=.;C:\Programme\QuickTime\QTSystem\QTJava.zip
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=1
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\QuickTime\QTSystem\;C:\Programme\Gemeinsame Dateien\DivX Shared\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=2c02
"QTJAVA"=C:\Programme\QuickTime\QTSystem\QTJava.zip
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%

-----------------EOF-----------------

--- --- ---

RSIT Logfile:

Code:

ATTFilter

Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2010-10-03 19:54:28
Microsoft Windows XP Professional Service Pack 3
System drive C: has 26 GB (34%) free of 76 GB
Total RAM: 1023 MB (19% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:54:32, on 03.10.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\WTMKM.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Programme\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Dropbox\bin\Dropbox.exe
C:\Programme\Java\jre6\launch4j-tmp\VMLoad.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Programme\Hotspot Shield\HssWPR\hsssrv.exe
C:\Programme\Hotspot Shield\bin\hsswd.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Multimedia Keyboard & Mouse Driver\V5\KMWDSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\atwtusb.exe
C:\WINDOWS\system32\atwtusb.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Dokumente und Einstellungen\Administrator\Desktop\rsit.exe
C:\Programme\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2431245
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) -  - (no file)
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {C3774C9C-A2A1-473A-AE87-8B6D05C56DF3} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Programme\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [MacrokeyManager] WTMKM.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\GEMEIN~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Programme\Gemeinsame Dateien\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Programme\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Kpumejaqap] rundll32.exe "C:\WINDOWS\itamuyosamavabow.dll",Startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Abohunajazetijok] rundll32.exe "C:\WINDOWS\msrcok32.dll",Startup
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Dropbox\bin\Dropbox.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Programme\ERUNT\AUTOBACK.EXE
O4 - Startup: VMLoad.lnk = C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\VMLoad\VMLoad.exe
O4 - Global Startup: Philips SA19xx Gere-Manager.lnk = C:\Programme\Philips\GoGear SA19xx Device Manager\main.exe
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe Version Cue CS3 {de_DE}  (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Hotspot Shield Helper Service (HssSrv) - AnchorFree Inc. - C:\Programme\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Programme\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Programme\Hotspot Shield\bin\hsswd.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Programme\Multimedia Keyboard & Mouse Driver\V5\KMWDSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: WTService - Unknown owner - C:\WINDOWS\system32\atwtusb.exe

--
End of file - 9502 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-SYSTEM-859057B3-Administrator.job
C:\WINDOWS\tasks\expressburnDowngrade.job
C:\WINDOWS\tasks\expressburnSevenDaysInit.job
C:\WINDOWS\tasks\expressburnShakeIcon.job
C:\WINDOWS\tasks\expressripDowngrade.job
C:\WINDOWS\tasks\expressripShakeIcon.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-57989841-839522115-500.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-57989841-839522115-500.job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Programme\Java\jre6\bin\ssv.dll [2009-01-02 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C3774C9C-A2A1-473A-AE87-8B6D05C56DF3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2009-01-02 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-02 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Programme\Hotspot Shield\HssIE\HssIE.dll [2010-05-14 220208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Programme\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-09-25 266497]
"MacrokeyManager"=C:\WINDOWS\system32\WTMKM.exe [2007-09-03 1969824]
"TkBellExe"=C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [2010-02-19 202256]
"Adobe Reader Speed Launcher"=C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"VirtualCloneDrive"=C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]
"Adobe_ID0ENQBO"=C:\PROGRA~1\GEMEIN~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE [2008-08-15 378224]
"AdobeCS4ServiceManager"=C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"AdobeAAMUpdater-1.0"=C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"AdobeCS5ServiceManager"=C:\Programme\Gemeinsame Dateien\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"SwitchBoard"=C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"DivXUpdate"=C:\Programme\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"Kpumejaqap"=C:\WINDOWS\itamuyosamavabow.dll,Startup []
"QuickTime Task"=C:\Programme\QuickTime\qttask.exe [2007-06-29 286720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"AdobeBridge"= []
"Abohunajazetijok"=C:\WINDOWS\msrcok32.dll,Startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0EYTHM]
C:\PROGRA~1\GEMEIN~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]
C:\Programme\BearShare\BearShare.exe /pause []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iconcache]
 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
C:\Programme\ICQLite\ICQLite.exe -minimize []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Programme\iTunes\iTunesHelper.exe [2007-07-10 270648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar]
rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Programme\QuickTime\QTTask.exe [2007-06-29 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RDC_RUN]
C:\Programme\Ragonsoft\RDC2\RDC.exe rdc []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Programme\Java\jre6\bin\jusched.exe [2009-01-02 136600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [2010-02-19 202256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
C:\Programme\Veoh Networks\Veoh\VeohClient.exe /VeohHide []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
C:\Programme\Vidalia Bundle\Vidalia\vidalia.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Programme\Winamp\winampa.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^Administrator^Startmenü^Programme^Autostart^Dropbox.lnk]
C:\DOKUME~1\ADMINI~1\ANWEND~1\Dropbox\bin\Dropbox.exe [2010-02-26 21979992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^Administrator^Startmenü^Programme^Autostart^OpenOffice.org 3.0.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2008-12-15 384000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^Administrator^Startmenü^Programme^Autostart^VMLoad.lnk]
C:\DOKUME~1\ADMINI~1\ANWEND~1\VMLoad\VMLoad.exe [2010-04-01 41984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users.WINDOWS^Startmenü^Programme^Autostart^Acrobat Assistant.lnk]
C:\PROGRA~1\Adobe\ACROBA~3.0\Distillr\acrotray.exe  []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users.WINDOWS^Startmenü^Programme^Autostart^Adobe Gamma Loader.lnk]
C:\PROGRA~1\GEMEIN~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2003-09-18 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users.WINDOWS^Startmenü^Programme^Autostart^Adobe Reader - Schnellstart.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE  []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users.WINDOWS^Startmenü^Programme^Autostart^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [1999-02-17 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users.WINDOWS^Startmenü^Programme^Autostart^Privoxy.lnk]
C:\PROGRA~1\VIDALI~1\Privoxy\privoxy.exe  []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^DESRA.SYSTEM-859057B3^Startmenü^Programme^Autostart^OpenOffice.org 3.0.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2008-12-15 384000]

C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart
Philips SA19xx Gere-Manager.lnk - C:\Programme\Philips\GoGear SA19xx Device Manager\main.exe

C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart
Dropbox.lnk - C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Dropbox\bin\Dropbox.exe
ERUNT AutoBackup.lnk - C:\Programme\ERUNT\AUTOBACK.EXE
VMLoad.lnk - C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\VMLoad\VMLoad.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-08-24 133120]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\vtsqo.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\WINDOWS\system32\vlhyrhyj.exe"="C:\WINDOWS\system32\vlh"
"C:\Programme\fotobuch.de AG\Designer 2.0\Designer.exe"="C:\Programme\fotobuch.de AG\Designer 2.0\Designer.exe:*:Designer.exe"
"C:\Programme\ICQ7.2\ICQ.exe"="C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Programme\ICQ7.2\aolload.exe"="C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\0.4244007584241206.exe"="C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\0.4244007584241206.exe:*:Enabled:ldrsoft"
"C:\Programme\Java\jre6\launch4j-tmp\VMLoad.exe"="C:\Programme\Java\jre6\launch4j-tmp\VMLoad.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Disabled:Skype "
"C:\Programme\Skype\Plugin Manager\skypePM.exe"="C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Dropbox\bin\Dropbox.exe"="C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Disabled:Dropbox"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\ICQ7.2\ICQ.exe"="C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Programme\ICQ7.2\aolload.exe"="C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.js - open - "C:\Programme\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 months======

2010-10-03 01:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-10-03 00:59:57 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-10-03 00:57:02 ----SHD---- C:\Config.Msi
2010-10-03 00:55:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-10-03 00:53:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2010-10-02 03:10:12 ----D---- C:\WINDOWS\system32\XPSViewer
2010-10-02 03:10:06 ----D---- C:\Programme\MSBuild
2010-10-02 03:10:04 ----D---- C:\WINDOWS\system32\en-US
2010-10-02 03:09:50 ----D---- C:\Programme\Reference Assemblies
2010-10-02 03:08:41 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-10-02 03:08:40 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-10-02 03:08:40 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-10-01 22:06:36 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-10-01 22:05:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2183461$
2010-10-01 22:04:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-10-01 22:02:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-10-01 22:02:05 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-10-01 22:01:10 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-10-01 22:00:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-10-01 21:59:21 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-10-01 21:58:27 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-10-01 21:57:33 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-10-01 21:56:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2010-10-01 21:55:44 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-10-01 21:54:49 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-10-01 21:53:54 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$
2010-10-01 21:53:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-10-01 21:52:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2010-10-01 21:51:38 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-10-01 21:51:09 ----D---- C:\WINDOWS\system32\KB905474
2010-10-01 21:49:47 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-10-01 21:48:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-10-01 21:47:31 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-10-01 21:46:37 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-10-01 21:45:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-10-01 21:39:02 ----D---- C:\WINDOWS\ie8updates
2010-10-01 21:34:26 ----HDC---- C:\WINDOWS\ie8
2010-10-01 18:56:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-10-01 18:55:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-10-01 18:54:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-10-01 18:53:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-10-01 18:52:49 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-10-01 18:51:54 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-10-01 18:51:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-10-01 18:50:05 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-10-01 18:48:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-10-01 18:47:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2010-10-01 18:46:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-10-01 18:45:07 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-10-01 18:44:12 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-10-01 18:43:44 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-10-01 18:43:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-10-01 18:42:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2010-10-01 18:41:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-10-01 18:40:35 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-10-01 18:39:41 ----HDC---- C:\WINDOWS\$NtUninstallKB982802$
2010-10-01 18:38:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-10-01 18:37:52 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-10-01 18:37:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-10-01 18:36:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-10-01 18:35:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-10-01 18:34:14 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-10-01 18:33:45 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-10-01 18:32:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-10-01 18:31:57 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-10-01 18:31:27 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2010-10-01 18:30:33 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-10-01 18:29:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-10-01 18:28:44 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-10-01 18:27:23 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-10-01 18:26:55 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-10-01 18:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-10-01 18:24:30 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2010-10-01 18:23:37 ----A---- C:\WINDOWS\system32\MRT.INI
2010-10-01 18:02:32 ----A---- C:\WINDOWS\system32\MRT.exe
2010-10-01 18:01:11 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-10-01 17:59:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-10-01 17:58:55 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-10-01 17:57:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-10-01 17:57:05 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-10-01 17:56:11 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-10-01 17:55:17 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-10-01 17:54:22 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-10-01 17:53:28 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-10-01 17:52:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-10-01 17:51:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-10-01 17:50:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-10-01 17:50:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-10-01 17:48:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2158563$
2010-10-01 17:48:29 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-10-01 17:47:35 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-10-01 17:46:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-10-01 17:45:46 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-10-01 17:43:20 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-10-01 16:28:25 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-10-01 16:20:33 ----D---- C:\WINDOWS\system32\PreInstall
2010-10-01 16:20:06 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-10-01 16:20:06 ----HD---- C:\WINDOWS\$hf_mig$
2010-10-01 14:03:54 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-10-01 14:00:46 ----D---- C:\WINDOWS\Prefetch
2010-10-01 13:52:22 ----N---- C:\WINDOWS\system32\smtpapi.dll
2010-10-01 13:52:22 ----N---- C:\WINDOWS\system32\rwnh.dll
2010-10-01 13:52:22 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2010-10-01 13:52:22 ----N---- C:\WINDOWS\system32\comsdupd.exe
2010-10-01 13:52:20 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2010-10-01 13:52:20 ----N---- C:\WINDOWS\system32\ati3duag.dll
2010-10-01 13:52:20 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2010-10-01 13:52:20 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2010-10-01 13:52:20 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2010-10-01 13:52:20 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2010-10-01 13:52:20 ----N---- C:\WINDOWS\system32\aaclient.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\dot3msm.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\dot3api.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\dimsroam.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\credssp.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\azroles.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\eapsvc.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\eapqec.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\eappprxy.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\eapphost.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\eappgnui.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\eappcfg.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\eapolqec.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\dot3ui.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\dot3svc.dll
2010-10-01 13:52:17 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\mssha.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\mmcperf.exe
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\mmcex.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\kmsvc.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\kbdpash.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2010-10-01 13:52:15 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2010-10-01 13:52:15 ----N---- C:\WINDOWS\system32\onex.dll
2010-10-01 13:52:15 ----N---- C:\WINDOWS\system32\napstat.exe
2010-10-01 13:52:15 ----N---- C:\WINDOWS\system32\napmontr.dll
2010-10-01 13:52:15 ----N---- C:\WINDOWS\system32\napipsec.dll
2010-10-01 13:52:15 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2010-10-01 13:52:15 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\slserv.exe
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\slrundll.exe
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\slgen.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\slextspk.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\slcoinst.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\setupn.exe
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\s3gnb.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\rasqec.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\qutil.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\qcliprov.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\qagentrt.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\qagent.dll
2010-10-01 13:52:13 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2010-10-01 13:52:13 ----N---- C:\WINDOWS\system32\wmphoto.dll
2010-10-01 13:52:13 ----N---- C:\WINDOWS\system32\wlanapi.dll
2010-10-01 13:52:13 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2010-10-01 13:52:13 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2010-10-01 13:52:13 ----N---- C:\WINDOWS\system32\verclsid.exe
2010-10-01 13:52:13 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-10-01 13:52:13 ----N---- C:\WINDOWS\system32\tspkg.dll
2010-10-01 13:52:13 ----N---- C:\WINDOWS\system32\tsgqec.dll
2010-10-01 13:52:12 ----N---- C:\WINDOWS\slrundll.exe
2010-10-01 13:52:10 ----D---- C:\WINDOWS\system32\de
2010-10-01 13:52:10 ----D---- C:\WINDOWS\system32\bits
2010-10-01 13:52:10 ----D---- C:\WINDOWS\l2schemas
2010-10-01 13:50:27 ----D---- C:\WINDOWS\ServicePackFiles
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2010-10-01 13:49:08 ----D---- C:\WINDOWS\network diagnostic
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2010-10-01 13:48:15 ----A---- C:\WINDOWS\002471_.tmp
2010-10-01 13:46:31 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-09-29 16:06:21 ----D---- C:\Programme\trend micro
2010-09-29 16:06:20 ----D---- C:\rsit
2010-09-28 17:57:56 ----A---- C:\WINDOWS\system32\drivers\pavboot.sys
2010-09-28 17:56:00 ----D---- C:\Programme\Panda Security
2010-09-28 17:47:08 ----SHD---- C:\found.001
2010-09-24 13:13:27 ----D---- C:\Programme\ESET
2010-09-24 01:16:41 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes
2010-09-21 20:33:42 ----D---- C:\WINDOWS\ERDNT
2010-09-21 20:33:04 ----D---- C:\Programme\ERUNT
2010-09-21 20:24:18 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-09-21 20:24:17 ----D---- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Malwarebytes
2010-09-21 20:24:16 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2010-09-21 20:24:16 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-09-21 20:16:29 ----D---- C:\Programme\Gemeinsame Dateien\iS3
2010-09-21 20:16:29 ----D---- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\STOPzilla!
2010-09-21 19:51:34 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\download2
2010-09-21 10:03:35 ----A---- C:\WINDOWS\system32\drivers\oopuhnpkpjv.sys
2010-09-20 21:35:06 ----D---- C:\Programme\Artisteer 2
2010-09-20 18:36:39 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Artisteer
2010-09-17 00:41:44 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\WhiteSmokeTranslator
2010-09-17 00:40:25 ----D---- C:\Programme\Search Advisor
2010-09-09 13:01:24 ----D---- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\DivX

======List of files/folders modified in the last 1 months======

2010-10-03 19:33:06 ----A---- C:\WINDOWS\win.ini
2010-10-03 19:33:02 ----D---- C:\WINDOWS\Temp
2010-10-03 19:32:37 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Dropbox
2010-10-03 19:31:25 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-10-03 13:31:56 ----D---- C:\WINDOWS\Microsoft.NET
2010-10-03 13:24:31 ----RSD---- C:\WINDOWS\assembly
2010-10-03 12:39:43 ----D---- C:\WINDOWS\system32
2010-10-03 12:39:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-10-03 12:38:25 ----D---- C:\WINDOWS
2010-10-03 12:35:50 ----D---- C:\WINDOWS\system32\drivers
2010-10-03 01:00:28 ----HD---- C:\WINDOWS\inf
2010-10-03 01:00:27 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-10-03 01:00:23 ----A---- C:\WINDOWS\imsins.BAK
2010-10-03 01:00:17 ----D---- C:\WINDOWS\system32\CatRoot2
2010-10-03 01:00:17 ----D---- C:\WINDOWS\system32\CatRoot
2010-10-03 00:59:55 ----SHD---- C:\WINDOWS\Installer
2010-10-03 00:59:15 ----D---- C:\WINDOWS\WinSxS
2010-10-03 00:50:32 ----SD---- C:\WINDOWS\Tasks
2010-10-02 03:10:06 ----D---- C:\Programme
2010-10-02 03:10:01 ----RSD---- C:\WINDOWS\Fonts
2010-10-02 03:09:15 ----D---- C:\WINDOWS\system32\spool
2010-10-02 03:05:01 ----D---- C:\WINDOWS\system32\mui
2010-10-02 03:05:01 ----D---- C:\Programme\Internet Explorer
2010-10-01 23:10:49 ----D---- C:\WINDOWS\system32\wbem
2010-10-01 23:10:49 ----D---- C:\WINDOWS\system32\de-DE
2010-10-01 23:10:49 ----D---- C:\WINDOWS\Help
2010-10-01 23:10:49 ----D---- C:\WINDOWS\AppPatch
2010-10-01 22:01:36 ----D---- C:\Programme\Messenger
2010-10-01 21:36:18 ----D---- C:\WINDOWS\WBEM
2010-10-01 21:35:51 ----D---- C:\WINDOWS\Media
2010-10-01 18:02:32 ----D---- C:\WINDOWS\Debug
2010-10-01 17:59:21 ----D---- C:\Programme\Outlook Express
2010-10-01 17:54:24 ----D---- C:\Programme\Movie Maker
2010-10-01 14:04:30 ----A---- C:\WINDOWS\OEWABLog.txt
2010-10-01 14:04:03 ----D---- C:\WINDOWS\SoftwareDistribution
2010-10-01 14:03:39 ----A---- C:\WINDOWS\setuplog.txt
2010-10-01 14:00:13 ----D---- C:\WINDOWS\system32\Setup
2010-10-01 13:58:34 ----D---- C:\WINDOWS\security
2010-10-01 13:52:29 ----D---- C:\Programme\Windows Media Player
2010-10-01 13:52:23 ----D---- C:\WINDOWS\ehome
2010-10-01 13:52:22 ----D---- C:\WINDOWS\system32\inetsrv
2010-10-01 13:52:22 ----D---- C:\WINDOWS\ime
2010-10-01 13:52:12 ----D---- C:\WINDOWS\system32\usmt
2010-10-01 13:52:10 ----D---- C:\WINDOWS\PeerNet
2010-10-01 13:50:19 ----D---- C:\WINDOWS\system32\Restore
2010-10-01 13:50:18 ----D---- C:\WINDOWS\system32\npp
2010-10-01 13:50:18 ----D---- C:\WINDOWS\msagent
2010-10-01 13:50:17 ----D---- C:\WINDOWS\srchasst
2010-10-01 13:50:16 ----D---- C:\Programme\NetMeeting
2010-10-01 13:50:15 ----D---- C:\WINDOWS\system32\Com
2010-10-01 13:50:14 ----D---- C:\Programme\Windows NT
2010-10-01 13:50:12 ----D---- C:\Programme\Gemeinsame Dateien\System
2010-10-01 13:50:04 ----D---- C:\WINDOWS\system32\oobe
2010-10-01 13:50:02 ----D---- C:\WINDOWS\system
2010-10-01 13:48:55 ----A---- C:\ntdetect.com
2010-09-30 16:25:00 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Skype
2010-09-30 16:05:04 ----D---- C:\Programme\ICQ7.2
2010-09-30 16:04:39 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\ICQ
2010-09-30 16:02:44 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\skypePM
2010-09-29 22:51:36 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\CoreFTP
2010-09-29 21:20:12 ----D---- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\regid.1986-12.com.adobe
2010-09-28 17:35:15 ----A---- C:\WINDOWS\ntbtlog.txt
2010-09-21 21:54:50 ----D---- C:\WINDOWS\Minidump
2010-09-21 20:16:29 ----D---- C:\Programme\Gemeinsame Dateien
2010-09-21 13:02:26 ----D---- C:\Programme\LimeWire
2010-09-21 09:48:35 ----D---- C:\Programme\BitTorrent
2010-09-21 02:47:09 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\BitTorrent
2010-09-20 21:37:03 ----SD---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft
2010-09-17 10:30:14 ----D---- C:\Programme\Adobe
2010-09-17 10:29:13 ----HD---- C:\Programme\InstallShield Installation Information
2010-09-17 10:27:59 ----RD---- C:\Programme\Skype
2010-09-17 00:04:45 ----D---- C:\Programme\Mozilla Firefox
2010-09-16 13:08:22 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\foobar2000
2010-09-09 13:07:24 ----D---- C:\Programme\Gemeinsame Dateien\DivX Shared
2010-09-09 13:07:24 ----D---- C:\Programme\DivX
2010-09-09 13:06:22 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\DivX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-08-13 98432]
R0 pavboot;pavboot; C:\WINDOWS\system32\drivers\pavboot.sys [2009-06-30 28552]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-08-12 45648]
R1 AmdK8;AMD-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008]
R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-05-28 75096]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2008-04-15 21248]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-12-31 12032]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R3 avgntflt;avgntflt; \??\C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-14 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-07-30 34048]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-07-30 12928]
R3 taphss;Anchorfree HSS Adapter; C:\WINDOWS\system32\DRIVERS\taphss.sys [2009-09-15 32768]
R3 tapvpn;TAP VPN Adapter; C:\WINDOWS\system32\DRIVERS\tapvpn.sys [2008-01-23 27136]
R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-08-09 29696]
S0 khqlmxop;khqlmxop; C:\WINDOWS\system32\drivers\oopuhnpkpjv.sys [2010-09-25 72320]
S1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S2 ASInsHelp;ASInsHelp; \??\C:\WINDOWS\system32\drivers\AsInsHelp32.sys []
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Programme\Lavalys\EVEREST Home Edition\kerneld.wnt []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 SONYPVU1;Sony USB-Filtertreiber (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Ad-Aware 2007 Service; C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe [2007-10-29 587096]
R2 AntiVirScheduler;AntiVir PersonalEdition Classic Planer; C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-23 68865]
R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-23 151297]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Programme\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 HssSrv;Hotspot Shield Helper Service; C:\Programme\Hotspot Shield\HssWPR\hsssrv.exe [2010-05-25 348208]
R2 HssWd;Hotspot Shield Monitoring Service; C:\Programme\Hotspot Shield\bin\hsswd.exe [2010-05-25 323632]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-01-02 152984]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; C:\Programme\Multimedia Keyboard & Mouse Driver\V5\KMWDSrv.exe [2007-05-08 2179072]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 WTService;WTService; C:\WINDOWS\system32\atwtusb.exe [2007-08-31 364192]
S2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S3 Adobe Version Cue CS3;Adobe Version Cue CS3 {de_DE} ; C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-06-14 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Programme\Hotspot Shield\bin\HssTrayService.EXE [2010-05-25 57640]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 SwitchBoard;SwitchBoard; C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 iPod Service;iPod-Dienst; C:\Programme\iPod\bin\iPodService.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

--- --- ---

bitteschön

desra · 05.10.2010, 10:37

Ich will ja nicht zu voreilig sein, aber es sieht so aus, als gäbe es vorerst keine weiteren Probleme.
Hast du noch mal die Logfiles gecheckt?
Wenn da alles ok ist bedanke ich mich ganz sehr für deine Hilfe!

Ohne dir wäre ich ganz schön aufgeschmissen gewesen...

Edit: Ach ja, ähm meine Funktastatur funktionier noch nicht.
Kann aber auch an was anderem liegen...

Leonixx · 09.10.2010, 10:02

Sorry für die verspätete Antwort.

Noch nicht sauber. Checke diese Dateien bei Virustotal.

C:\WINDOWS\itamuyosamavabow.dll
C:\WINDOWS\msrcok32.dll
C:\WINDOWS\system32\vlhyrhyj.exe

desra · 10.10.2010, 17:29

Mmmh, immer noch nicht clean. Schade...

Kann

C:\WINDOWS\itamuyosamavabow.dll
C:\WINDOWS\msrcok32.dll
C:\WINDOWS\system32\vlhyrhyj.exe

allerdings nicht finden.

Versteckte Ordner werden angezeigt, Systemdateien sind eingeblendet.

Sind mögicherweise schon gelöscht...

Kan ich das noch mal genau überprüfen?

Leonixx · 10.10.2010, 17:54

Müssen noch vorhanden sein, wenn sie im Logfile angezeigt werden. Hast du es über die Windows Suchfunktion versucht?

desra · 10.10.2010, 19:25

Ja, habe gesucht...
Hier noch mal frische logs:

[CODE]info.txtRSIT Logfile:

Code:

ATTFilter

logfile of random's system information tool 1.08 2010-10-10 19:25:32

======Uninstall list======

-->C:\Programme\FriendBot\FriendBot\uninstall.exe
-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware 2007-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe After Effects CS4 Presets-->MsiExec.exe /I{44E240EC-2224-4078-A88B-2CEE0D3016EF}
Adobe After Effects CS4 Template Projects & Footage-->MsiExec.exe /I{F600CCF3-9C88-4A22-B0B4-DDA82E997118}
Adobe After Effects CS4 Third Party Content-->MsiExec.exe /I{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}
Adobe After Effects CS4-->MsiExec.exe /I{45EC816C-0771-4C14-AE6D-72D1B578F4C8}
Adobe AIR-->C:\Programme\Gemeinsame Dateien\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Color Video Profiles AE CS4-->MsiExec.exe /I{B15381DD-FF97-4FCD-A881-ED4DB0975500}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe Creative Suite 3 Design Premium hinzufügen oder entfernen-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\061850775b1c6d22bf2a145678e05e0\Setup.exe
Adobe Creative Suite 3 Design Premium-->MsiExec.exe /I{4393DE35-AD67-4F37-95E4-30F06EA0FDB2}
Adobe Creative Suite 4 Production Premium-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\36ac9dc8c9a94feb9e5886810012e78\Setup.exe --uninstall=1
Adobe Creative Suite 4 Production Premium-->MsiExec.exe /I{70E3A868-C269-4E6D-B225-862AADF7D0AF}
Adobe Creative Suite 5 Master Collection-->C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}"
Adobe CS4 American English Speech Analysis Models-->MsiExec.exe /I{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}
Adobe CS4 French Speech Analysis Models-->MsiExec.exe /I{9AACCD0F-2734-4E8C-8C24-2702D4506E93}
Adobe CS4 German Speech Analysis Models-->MsiExec.exe /I{9A7C4EAC-6E38-42E3-85AA-408874A803DE}
Adobe CS4 International English Speech Analysis Models-->MsiExec.exe /I{4F213D2A-B942-4611-AEE5-49F9D42D0A2F}
Adobe CS4 Italian Speech Analysis Models-->MsiExec.exe /I{0B561CF4-0C7D-4745-AF53-161E24E44F87}
Adobe CS4 Japanese Speech Analysis Models-->MsiExec.exe /I{B35FDD04-48FD-4D3D-B0EB-088C5137CD42}
Adobe CS4 Korean Speech Analysis Models-->MsiExec.exe /I{48E9A4FB-17C6-4B14-BC9D-D83AF2A4059A}
Adobe CS4 Spanish Speech Analysis Models-->MsiExec.exe /I{1FD653A8-9CFA-4392-B89C-CCDB114DE442}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Dreamweaver CS3-->MsiExec.exe /I{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
Adobe Encore CS4 Codecs-->MsiExec.exe /I{FB2A5FCC-B81B-48C2-A009-7804694D83E9}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash CS3-->MsiExec.exe /I{8C640345-AF96-4ABA-A697-97D2A0B8C6DB}
Adobe Flash CS4 Extension - Flash Lite STI others-->MsiExec.exe /I{47C6F987-685A-41AE-B092-E75B277AEE39}
Adobe Flash CS4 STI-other-->MsiExec.exe /I{BD3374D3-C2E6-42B7-A80B-E850B6886246}
Adobe Flash CS4-->MsiExec.exe /I{F6E99614-F042-4459-82B7-8B38B2601356}
Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10k_Plugin.exe -maintain plugin
Adobe Flash Video Encoder-->MsiExec.exe /I{BCEDD813-269C-4D8F-A4BA-01FDC66254D3}
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Illustrator CS-->RunDll32 "C:\Programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Programme\InstallShield Installation Information\{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}\setup.exe"
Adobe Illustrator CS3-->MsiExec.exe /I{C8D7A672-F697-4572-AC62-C856053A8DBC}
Adobe Illustrator CS4-->MsiExec.exe /I{87532CAB-7932-4F84-8937-823337622807}
Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe InDesign CS3-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\8fbf74eb27c84640370f87306e8981b\Setup.exe
Adobe InDesign CS3-->MsiExec.exe /I{411E0CC3-587A-468C-B461-95FAFD05E4DE}
Adobe InDesign CS4 Application Feature Set Files (Roman)-->MsiExec.exe /I{2BAF2B96-7560-48B4-87D4-10178DDBE217}
Adobe InDesign CS4 Common Base Files-->MsiExec.exe /I{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}
Adobe InDesign CS4 Icon Handler-->MsiExec.exe /I{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}
Adobe InDesign CS4-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\1710d324011afc3e7658e969025f4ba\Setup.exe --uninstall=1
Adobe InDesign CS4-->MsiExec.exe /I{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Encoder CS4 Additional Exporter-->MsiExec.exe /I{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}
Adobe Media Encoder CS4 Dolby-->MsiExec.exe /I{EE353798-E875-42E0-B58D-7E6696182EA8}
Adobe Media Encoder CS4 Exporter-->MsiExec.exe /I{561968FD-56A1-49FD-9ED0-F55482C7C5BC}
Adobe Media Encoder CS4 Importer-->MsiExec.exe /I{8186FF34-D389-4B7E-9A2F-C197585BCFBD}
Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe MotionPicture Color Files CS4-->MsiExec.exe /I{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}
Adobe OnLocation CS4-->MsiExec.exe /I{7406DF60-016D-476B-A2C7-55D997592047}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS3-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}
Adobe Photoshop CS3-->MsiExec.exe /I{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Premiere Pro CS4 Functional Content-->MsiExec.exe /I{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}
Adobe Premiere Pro CS4 Third Party Content-->MsiExec.exe /I{C938BE91-3BB5-4B84-9EF6-88F0505D0038}
Adobe Premiere Pro CS4-->MsiExec.exe /I{D499F8DE-3F31-4900-9157-61061613704B}
Adobe Reader 9.3.4 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A93000000001}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{5518E08A-2053-4A3E-85B2-F912D4666C9F}
Adobe Setup-->MsiExec.exe /I{AE585DDE-7230-4B57-926B-428C94AA5850}
Adobe Setup-->MsiExec.exe /I{CA1CA5F8-7500-45C5-9D4C-47D13FBC92D2}
Adobe Setup-->MsiExec.exe /I{CA842D69-22DB-456E-95C7-A5C92593C7C4}
Adobe Setup-->MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}
Adobe SGM CS4-->MsiExec.exe /I{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe SING CS4-->MsiExec.exe /I{4A52555C-032A-4083-BDD9-6A85ABFB39A8}
Adobe Soundbooth CS4 Codecs-->MsiExec.exe /I{52232EF4-CC12-4C21-ABCF-ADB79618302D}
Adobe Soundbooth CS4-->MsiExec.exe /I{14F70205-1940-4000-88C7-BE799A6B2CAD}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe SVG Viewer 3.0-->C:\Programme\Gemeinsame Dateien\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Programme\Gemeinsame Dateien\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Version Cue CS3 Server-->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
Adobe Version Cue CS4 Server-->MsiExec.exe /I{1B7C06E1-4888-47A6-992A-0990B9683486}
Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
Artisteer 2-->"C:\Programme\Artisteer 2\bin\Uninstall.exe"
Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x7 
Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
BitTorrent-->C:\Programme\BitTorrent\uninst.exe
Burn4Free CD & DVD 4.9.0.0-->"C:\Programme\Burn4Free\unins000.exe"
Burn4Free CD and DVD-->"C:\Programme\Burn4Free\uninstall.exe"
Canon iP4200-->C:\WINDOWS\system32\CNMCP78.exe "-PRINTERNAMECanon iP4200" "-HELPERDLLC:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\cnmis.dll" "-RCDLLcnmi0407.dll"
Canon Utilities Easy-PhotoPrint-->C:\Programme\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
CD-LabelPrint-->"C:\Programme\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
ConvertHelper 2.2-->"C:\Programme\ConvertHelper\unins000.exe"
Core FTP LE 2.0-->C:\PROGRA~1\CoreFTP\UNWISE.EXE C:\PROGRA~1\CoreFTP\INSTALL.LOG
Core FTP Pro 2.0-->C:\PROGRA~1\CoreFTP\UNWISE.EXE C:\PROGRA~1\CoreFTP\INSTALL.LOG
DivX-Setup-->C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
Easy-WebPrint-->C:\WINDOWS\IsUn0407.exe -fC:\Programme\Canon\Easy-WebPrint\Uninst.isu
ERUNT 1.1j-->C:\Programme\ERUNT\unins000.exe
ESET Online Scanner v3-->C:\Programme\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
EVEREST Home Edition v2.20-->"C:\Programme\Lavalys\EVEREST Home Edition\unins000.exe"
Express Burn-->C:\Programme\NCH Swift Sound\ExpressBurn\uninst.exe
Express Rip-->C:\Programme\NCH Swift Sound\ExpressRip\uninst.exe
foobar2000 v1.0.3-->"C:\Programme\foobar2000\uninstall.exe" _?=C:\Programme\foobar2000
FriendBlasterPro-->"C:\Programme\FriendBlasterPro\unins000.exe"
Geiss2 for Winamp 2x (remove only)-->"C:\Programme\Winamp\uninst-vis_geiss2.dll.exe"
GetDataBack for NTFS-->"C:\Programme\Runtime Software\GetDataBack for NTFS\Uninstall.exe" "C:\Programme\Runtime Software\GetDataBack for NTFS\install.log" -u
GoGear SA19xx Device Manager-->C:\Programme\InstallShield Installation Information\{CF35000B-8247-449B-85C9-D9C2A5936683}\setup.exe -runfromtemp -l0x0007 -removeonly
HD Tune 2.54-->"C:\Programme\HD Tune\unins000.exe"
HijackThis 2.0.2-->"C:\Dokumente und Einstellungen\Administrator\Desktop\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix für Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
IconCool Editor v5.x-->C:\PROGRA~1\ICONCO~1\ICONCO~1\UNWISE.EXE C:\PROGRA~1\ICONCO~1\ICONCO~1\INSTALL.LOG
ICQ7.2-->"C:\Programme\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
iTunes-->MsiExec.exe /I{9357AE3A-B2ED-4138-BB9B-0564352C3F0A}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Keseling Poster-Drucker 1.0.3-->"C:\Programme\Keseling Poster-Drucker 1.0.3\unins000.exe"
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
Last.fm 1.5.4.24567-->"C:\Programme\Last.fm\unins000.exe"
LimeWire 4.14.10-->"C:\Programme\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2000 Disc 2-->MsiExec.exe /I{00040407-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 Professional-->MsiExec.exe /I{00010407-78E1-11D2-B60F-006097C998E7}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
MilkDrop for Winamp 2x (remove only)-->"C:\Programme\Winamp\uninst-vis_milk.dll.exe"
Mozilla Firefox (3.6.10)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
MP3-Cutter-->C:\WINDOWS\IsUninst.exe -fC:\Programme\MP3-Cutter\Uninst.isu
Multimedia Keyboard & Mouse Driver-->C:\Programme\InstallShield Installation Information\{055A9D81-5E0A-4088-94B3-BAC849EC3C20}\setup.exe -runfromtemp -l0x0407
Native Instruments - Traktor 1.06-->C:\Audio\NATIVE~1\Traktor\UNINST~1\106\UNWISE.EXE C:\Audio\NATIVE~1\Traktor\UNINST~1\106\INSTALL.LOG
NSIS Mixxx-->"C:\Programme\Mixxx\uninstall.exe"
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OpenOffice.org 3.0-->MsiExec.exe /I{7EC19307-7C22-47A8-922B-3FA965291260}
Panda ActiveScan 2.0-->C:\Programme\Panda Security\ActiveScan 2.0\as2uninst.exe
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PDFCreator-->C:\Programme\PDFCreator\unins000.exe
Pen Pad Driver with Macro Key Manager-->Rmtablet KNL
Pflanzen gegen Zombies-->C:\Programme\PopCap Games\Plants vs. Zombies\PopUninstall.exe "C:\Programme\PopCap Games\Plants vs. Zombies\Install.log"
Phase 5 HTML-Editor-->MsiExec.exe /I{BCB313A5-1AD0-4829-9D6F-EB41C3CFCD4B}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9}
Poster-Drucker 4-->C:\WINDOWS\cadkasdeinst01.exe "C:\Programme\Poster-Drucker 4\"
QuickTime-->MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
RealPlayer-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F}
RocketDock 1.3.5-->"C:\Programme\RocketDock\unins000.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB2183461)-->"C:\WINDOWS\$NtUninstallKB2183461$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe"
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update für Windows Internet Explorer 8 (KB2362765)-->"C:\WINDOWS\ie8updates\KB2362765-IE8\spuninst\spuninst.exe"
Update für Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Update für Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"
Update für Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update für Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update für Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update für Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update für Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update für Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update für Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
VideoLAN VLC media player 0.8.5-->C:\Programme\VideoLAN\VLC\uninstall.exe
VirtualCloneDrive-->"C:\Programme\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="C:\Programme\Elaborate Bytes\VirtualCloneDrive"
Winamp-->"C:\Programme\Winamp\UninstWA.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR Archivierer-->C:\Programme\WinRAR\uninstall.exe
xp-AntiSpy 3.96-5-->C:\Programme\xp-AntiSpy\Uninstall.exe
Xvid 1.1.3 final uninstall-->"C:\Programme\Xvid\unins000.exe"
Zoomquilt II Screensaver-->C:\WINDOWS\system32\\Zoomquilt II Screensaver_uninst.exe "C:\WINDOWS\system32\" "Zoomquilt II Screensaver"

======Hosts File======

    127.0.0.1        localhost

======Security center information======

AV: Avira AntiVir PersonalEdition

======System event log======

Computer Name: SYSTEM-859057B3
Event Code: 18
Message: TIMEOUT<Dropbox.exe> C:\...pbox\cache\l\4ca5d26b

Record Number: 106986
Source Name: avgntflt
Time Written: 20101001144738.000000+120
Event Type: Warnung
User: 

Computer Name: SYSTEM-859057B3
Event Code: 18
Message: TIMEOUT<Dropbox.exe> C:\...pbox\cache\l\4ca5cede

Record Number: 106985
Source Name: avgntflt
Time Written: 20101001144633.000000+120
Event Type: Warnung
User: 

Computer Name: SYSTEM-859057B3
Event Code: 18
Message: TIMEOUT<Dropbox.exe> C:\...pbox\cache\l\4ca5c7b8

Record Number: 106984
Source Name: avgntflt
Time Written: 20101001144408.000000+120
Event Type: Warnung
User: 

Computer Name: SYSTEM-859057B3
Event Code: 18
Message: TIMEOUT<Dropbox.exe> C:\...pbox\cache\l\4ca5c61e

Record Number: 106983
Source Name: avgntflt
Time Written: 20101001144303.000000+120
Event Type: Warnung
User: 

Computer Name: SYSTEM-859057B3
Event Code: 18
Message: TIMEOUT<Dropbox.exe> C:\...pbox\cache\l\4ca5c486

Record Number: 106982
Source Name: avgntflt
Time Written: 20101001144158.000000+120
Event Type: Warnung
User: 

=====Application event log=====

Computer Name: SYSTEM-859057B3
Event Code: 1041
Message: Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.

Record Number: 5497
Source Name: Userenv
Time Written: 20100624041157.000000+120
Event Type: Fehler
User: NT-AUTORITÄT\SYSTEM

Computer Name: SYSTEM-859057B3
Event Code: 1041
Message: Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.

Record Number: 5496
Source Name: Userenv
Time Written: 20100624041157.000000+120
Event Type: Fehler
User: NT-AUTORITÄT\SYSTEM

Computer Name: SYSTEM-859057B3
Event Code: 1041
Message: Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.

Record Number: 5495
Source Name: Userenv
Time Written: 20100624023456.000000+120
Event Type: Fehler
User: NT-AUTORITÄT\SYSTEM

Computer Name: SYSTEM-859057B3
Event Code: 1041
Message: Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.

Record Number: 5494
Source Name: Userenv
Time Written: 20100624023456.000000+120
Event Type: Fehler
User: NT-AUTORITÄT\SYSTEM

Computer Name: SYSTEM-859057B3
Event Code: 1041
Message: Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.

Record Number: 5493
Source Name: Userenv
Time Written: 20100624021857.000000+120
Event Type: Fehler
User: NT-AUTORITÄT\SYSTEM

======Environment variables======

"CLASSPATH"=.;C:\Programme\QuickTime\QTSystem\QTJava.zip
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=1
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\QuickTime\QTSystem\;C:\Programme\Gemeinsame Dateien\DivX Shared\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=2c02
"QTJAVA"=C:\Programme\QuickTime\QTSystem\QTJava.zip
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%

-----------------EOF-----------------

--- --- ---

RSIT Logfile:

Code:

ATTFilter

Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2010-10-10 19:25:03
Microsoft Windows XP Professional Service Pack 3
System drive C: has 26 GB (34%) free of 76 GB
Total RAM: 1023 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:25:23, on 10.10.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\WTMKM.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\DivX\DivX Update\DivXUpdate.exe
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Multimedia Keyboard & Mouse Driver\V5\KMWDSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\atwtusb.exe
C:\WINDOWS\system32\atwtusb.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Dokumente und Einstellungen\Administrator\Desktop\rsit.exe
C:\Programme\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2431245
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) -  - (no file)
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {C3774C9C-A2A1-473A-AE87-8B6D05C56DF3} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [MacrokeyManager] WTMKM.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [DivXUpdate] "C:\Programme\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Search - hxxp://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?s=100000341&p=GRxdm117YYDE&si=2933&a=Y1sROrBNMSNu2s623NraGw&n=2010100412
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Programme\Multimedia Keyboard & Mouse Driver\V5\KMWDSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: WTService - Unknown owner - C:\WINDOWS\system32\atwtusb.exe

--
End of file - 6964 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-SYSTEM-859057B3-Administrator.job
C:\WINDOWS\tasks\expressburnDowngrade.job
C:\WINDOWS\tasks\expressburnSevenDaysInit.job
C:\WINDOWS\tasks\expressburnShakeIcon.job
C:\WINDOWS\tasks\expressripDowngrade.job
C:\WINDOWS\tasks\expressripShakeIcon.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-57989841-839522115-500.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-57989841-839522115-500.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C3774C9C-A2A1-473A-AE87-8B6D05C56DF3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-04 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Programme\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-09-25 266497]
"MacrokeyManager"=C:\WINDOWS\system32\WTMKM.exe [2007-09-03 1969824]
"TkBellExe"=C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [2010-02-19 202256]
"DivXUpdate"=C:\Programme\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"QuickTime Task"=C:\Programme\QuickTime\qttask.exe [2007-06-29 286720]
"SunJavaUpdateSched"=C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Abohunajazetijok]
C:\WINDOWS\msrcok32.dll,Startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Programme\Gemeinsame Dateien\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO]
C:\PROGRA~1\GEMEIN~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE [2008-08-15 378224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0EYTHM]
C:\PROGRA~1\GEMEIN~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]
C:\Programme\BearShare\BearShare.exe /pause []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iconcache]
 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
C:\Programme\ICQLite\ICQLite.exe -minimize []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Programme\iTunes\iTunesHelper.exe [2007-07-10 270648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kpumejaqap]
C:\WINDOWS\itamuyosamavabow.dll,Startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar]
rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Programme\QuickTime\QTTask.exe [2007-06-29 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RDC_RUN]
C:\Programme\Ragonsoft\RDC2\RDC.exe rdc []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Programme\Java\jre6\bin\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [2010-02-19 202256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
C:\Programme\Veoh Networks\Veoh\VeohClient.exe /VeohHide []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
C:\Programme\Vidalia Bundle\Vidalia\vidalia.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Programme\Winamp\winampa.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^Administrator^Startmenü^Programme^Autostart^Dropbox.lnk]
C:\DOKUME~1\ADMINI~1\ANWEND~1\Dropbox\bin\Dropbox.exe [2010-02-26 21979992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^Administrator^Startmenü^Programme^Autostart^OpenOffice.org 3.0.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2008-12-15 384000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^Administrator^Startmenü^Programme^Autostart^VMLoad.lnk]
C:\DOKUME~1\ADMINI~1\ANWEND~1\VMLoad\VMLoad.exe [2010-04-01 41984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users.WINDOWS^Startmenü^Programme^Autostart^Acrobat Assistant.lnk]
C:\PROGRA~1\Adobe\ACROBA~3.0\Distillr\acrotray.exe  []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users.WINDOWS^Startmenü^Programme^Autostart^Adobe Gamma Loader.lnk]
C:\PROGRA~1\GEMEIN~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2003-09-18 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users.WINDOWS^Startmenü^Programme^Autostart^Adobe Reader - Schnellstart.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE  []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users.WINDOWS^Startmenü^Programme^Autostart^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [1999-02-17 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users.WINDOWS^Startmenü^Programme^Autostart^Privoxy.lnk]
C:\PROGRA~1\VIDALI~1\Privoxy\privoxy.exe  []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^DESRA.SYSTEM-859057B3^Startmenü^Programme^Autostart^OpenOffice.org 3.0.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2008-12-15 384000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Automatic LiveUpdate Scheduler"=2
"Adobe Version Cue CS4"=3
"Adobe Version Cue CS3"=3
"wuauserv"=2
"helpsvc"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-08-24 133120]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\vtsqo.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\WINDOWS\system32\vlhyrhyj.exe"="C:\WINDOWS\system32\vlh"
"C:\Programme\fotobuch.de AG\Designer 2.0\Designer.exe"="C:\Programme\fotobuch.de AG\Designer 2.0\Designer.exe:*:Designer.exe"
"C:\Programme\ICQ7.2\ICQ.exe"="C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Programme\ICQ7.2\aolload.exe"="C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\0.4244007584241206.exe"="C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\0.4244007584241206.exe:*:Enabled:ldrsoft"
"C:\Programme\Java\jre6\launch4j-tmp\VMLoad.exe"="C:\Programme\Java\jre6\launch4j-tmp\VMLoad.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Disabled:Skype "
"C:\Programme\Skype\Plugin Manager\skypePM.exe"="C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Dropbox\bin\Dropbox.exe"="C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Disabled:Dropbox"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\ICQ7.2\ICQ.exe"="C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Programme\ICQ7.2\aolload.exe"="C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.js - open - "C:\Programme\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 months======

2010-10-04 14:14:55 ----D---- C:\Programme\MyWebSearch
2010-10-04 14:14:16 ----D---- C:\Programme\FunWebProducts
2010-10-04 12:33:37 ----D---- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Sun
2010-10-04 12:32:47 ----A---- C:\WINDOWS\system32\javaws.exe
2010-10-04 12:32:47 ----A---- C:\WINDOWS\system32\javaw.exe
2010-10-04 12:32:47 ----A---- C:\WINDOWS\system32\java.exe
2010-10-04 12:32:47 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-10-03 01:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-10-03 00:59:57 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-10-03 00:55:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-10-03 00:53:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2010-10-02 03:10:12 ----D---- C:\WINDOWS\system32\XPSViewer
2010-10-02 03:10:06 ----D---- C:\Programme\MSBuild
2010-10-02 03:10:04 ----D---- C:\WINDOWS\system32\en-US
2010-10-02 03:09:50 ----D---- C:\Programme\Reference Assemblies
2010-10-02 03:08:41 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-10-02 03:08:40 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-10-02 03:08:40 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-10-01 22:06:36 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-10-01 22:05:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2183461$
2010-10-01 22:04:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-10-01 22:02:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-10-01 22:02:05 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-10-01 22:01:10 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-10-01 22:00:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-10-01 21:59:21 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-10-01 21:58:27 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-10-01 21:57:33 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-10-01 21:56:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2010-10-01 21:55:44 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-10-01 21:54:49 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-10-01 21:53:54 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$
2010-10-01 21:53:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-10-01 21:52:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2010-10-01 21:51:38 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-10-01 21:49:47 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-10-01 21:48:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-10-01 21:47:31 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-10-01 21:46:37 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-10-01 21:45:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-10-01 21:39:02 ----D---- C:\WINDOWS\ie8updates
2010-10-01 21:34:26 ----HDC---- C:\WINDOWS\ie8
2010-10-01 18:56:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-10-01 18:55:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-10-01 18:54:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-10-01 18:53:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-10-01 18:52:49 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-10-01 18:51:54 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-10-01 18:51:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-10-01 18:50:05 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-10-01 18:48:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-10-01 18:47:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2010-10-01 18:46:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-10-01 18:45:07 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-10-01 18:44:12 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-10-01 18:43:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-10-01 18:42:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2010-10-01 18:41:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-10-01 18:40:35 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-10-01 18:39:41 ----HDC---- C:\WINDOWS\$NtUninstallKB982802$
2010-10-01 18:38:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-10-01 18:37:52 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-10-01 18:37:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-10-01 18:36:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-10-01 18:35:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-10-01 18:34:14 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-10-01 18:33:45 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-10-01 18:32:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-10-01 18:31:57 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-10-01 18:31:27 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2010-10-01 18:30:33 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-10-01 18:29:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-10-01 18:28:44 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-10-01 18:27:23 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-10-01 18:26:55 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-10-01 18:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-10-01 18:24:30 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2010-10-01 18:23:37 ----A---- C:\WINDOWS\system32\MRT.INI
2010-10-01 18:02:32 ----A---- C:\WINDOWS\system32\MRT.exe
2010-10-01 18:01:11 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-10-01 17:59:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-10-01 17:58:55 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-10-01 17:57:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-10-01 17:57:05 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-10-01 17:56:11 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-10-01 17:55:17 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-10-01 17:54:22 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-10-01 17:53:28 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-10-01 17:52:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-10-01 17:51:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-10-01 17:50:46 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-10-01 17:50:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-10-01 17:48:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2158563$
2010-10-01 17:48:29 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-10-01 17:47:35 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-10-01 17:46:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-10-01 17:45:46 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-10-01 17:43:20 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-10-01 16:28:25 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-10-01 16:20:33 ----D---- C:\WINDOWS\system32\PreInstall
2010-10-01 16:20:06 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-10-01 16:20:06 ----HD---- C:\WINDOWS\$hf_mig$
2010-10-01 14:03:54 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-10-01 14:00:46 ----D---- C:\WINDOWS\Prefetch
2010-10-01 13:52:22 ----N---- C:\WINDOWS\system32\smtpapi.dll
2010-10-01 13:52:22 ----N---- C:\WINDOWS\system32\rwnh.dll
2010-10-01 13:52:22 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2010-10-01 13:52:22 ----N---- C:\WINDOWS\system32\comsdupd.exe
2010-10-01 13:52:20 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2010-10-01 13:52:20 ----N---- C:\WINDOWS\system32\ati3duag.dll
2010-10-01 13:52:20 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2010-10-01 13:52:20 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2010-10-01 13:52:20 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2010-10-01 13:52:20 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2010-10-01 13:52:20 ----N---- C:\WINDOWS\system32\aaclient.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\dot3msm.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\dot3api.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\dimsroam.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\credssp.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\azroles.dll
2010-10-01 13:52:19 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\eapsvc.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\eapqec.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\eappprxy.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\eapphost.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\eappgnui.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\eappcfg.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\eapolqec.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\dot3ui.dll
2010-10-01 13:52:18 ----N---- C:\WINDOWS\system32\dot3svc.dll
2010-10-01 13:52:17 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\mssha.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\mmcperf.exe
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\mmcex.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\kmsvc.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\kbdpash.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2010-10-01 13:52:16 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2010-10-01 13:52:15 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2010-10-01 13:52:15 ----N---- C:\WINDOWS\system32\onex.dll
2010-10-01 13:52:15 ----N---- C:\WINDOWS\system32\napstat.exe
2010-10-01 13:52:15 ----N---- C:\WINDOWS\system32\napmontr.dll
2010-10-01 13:52:15 ----N---- C:\WINDOWS\system32\napipsec.dll
2010-10-01 13:52:15 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2010-10-01 13:52:15 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\slserv.exe
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\slrundll.exe
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\slgen.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\slextspk.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\slcoinst.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\setupn.exe
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\s3gnb.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\rasqec.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\qutil.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\qcliprov.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\qagentrt.dll
2010-10-01 13:52:14 ----N---- C:\WINDOWS\system32\qagent.dll
2010-10-01 13:52:13 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2010-10-01 13:52:13 ----N---- C:\WINDOWS\system32\wmphoto.dll
2010-10-01 13:52:13 ----N---- C:\WINDOWS\system32\wlanapi.dll
2010-10-01 13:52:13 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2010-10-01 13:52:13 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2010-10-01 13:52:13 ----N---- C:\WINDOWS\system32\verclsid.exe
2010-10-01 13:52:13 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-10-01 13:52:13 ----N---- C:\WINDOWS\system32\tspkg.dll
2010-10-01 13:52:13 ----N---- C:\WINDOWS\system32\tsgqec.dll
2010-10-01 13:52:12 ----N---- C:\WINDOWS\slrundll.exe
2010-10-01 13:52:10 ----D---- C:\WINDOWS\system32\de
2010-10-01 13:52:10 ----D---- C:\WINDOWS\system32\bits
2010-10-01 13:52:10 ----D---- C:\WINDOWS\l2schemas
2010-10-01 13:50:27 ----D---- C:\WINDOWS\ServicePackFiles
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2010-10-01 13:49:08 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2010-10-01 13:49:08 ----D---- C:\WINDOWS\network diagnostic
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2010-10-01 13:49:07 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2010-10-01 13:49:06 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2010-10-01 13:49:05 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2010-10-01 13:49:04 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2010-10-01 13:49:03 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2010-10-01 13:48:15 ----A---- C:\WINDOWS\002471_.tmp
2010-10-01 13:46:31 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-09-29 16:06:21 ----D---- C:\Programme\trend micro
2010-09-29 16:06:20 ----D---- C:\rsit
2010-09-28 17:57:56 ----A---- C:\WINDOWS\system32\drivers\pavboot.sys
2010-09-28 17:56:00 ----D---- C:\Programme\Panda Security
2010-09-28 17:47:08 ----SHD---- C:\found.001
2010-09-24 13:13:27 ----D---- C:\Programme\ESET
2010-09-24 01:16:41 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes
2010-09-21 20:33:42 ----D---- C:\WINDOWS\ERDNT
2010-09-21 20:33:04 ----D---- C:\Programme\ERUNT
2010-09-21 20:24:18 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-09-21 20:24:17 ----D---- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Malwarebytes
2010-09-21 20:24:16 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2010-09-21 20:24:16 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-09-21 20:16:29 ----D---- C:\Programme\Gemeinsame Dateien\iS3
2010-09-21 20:16:29 ----D---- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\STOPzilla!
2010-09-21 19:51:34 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\download2
2010-09-21 10:03:35 ----A---- C:\WINDOWS\system32\drivers\oopuhnpkpjv.sys
2010-09-20 21:35:06 ----D---- C:\Programme\Artisteer 2
2010-09-20 18:36:39 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Artisteer
2010-09-17 00:41:44 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\WhiteSmokeTranslator
2010-09-17 00:40:25 ----D---- C:\Programme\Search Advisor

======List of files/folders modified in the last 1 months======

2010-10-10 12:34:56 ----D---- C:\WINDOWS\Temp
2010-10-10 12:34:56 ----A---- C:\WINDOWS\win.ini
2010-10-10 12:33:58 ----D---- C:\WINDOWS\system32
2010-10-09 22:44:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-10-09 19:07:25 ----SHD---- C:\WINDOWS\Installer
2010-10-09 19:06:51 ----D---- C:\WINDOWS
2010-10-09 19:06:44 ----SD---- C:\WINDOWS\Tasks
2010-10-08 16:05:09 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-10-08 16:05:04 ----D---- C:\WINDOWS\system32\drivers
2010-10-08 16:04:51 ----HD---- C:\WINDOWS\inf
2010-10-08 16:04:50 ----D---- C:\WINDOWS\system32\CatRoot2
2010-10-08 13:59:31 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Adobe
2010-10-08 12:25:43 ----D---- C:\Programme
2010-10-08 00:08:34 ----SH---- C:\boot.ini
2010-10-08 00:08:34 ----A---- C:\WINDOWS\system.ini
2010-10-07 23:35:43 ----A---- C:\WINDOWS\imsins.BAK
2010-10-07 23:26:33 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Dropbox
2010-10-07 17:50:07 ----D---- C:\Hotspot Shield
2010-10-05 16:48:05 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\ICQ
2010-10-05 12:38:22 ----D---- C:\Programme\ICQ7.2
2010-10-04 15:42:22 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\CoreFTP
2010-10-04 12:33:37 ----D---- C:\Programme\Gemeinsame Dateien\Java
2010-10-04 12:32:38 ----D---- C:\Programme\Java
2010-10-04 09:42:10 ----D---- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\regid.1986-12.com.adobe
2010-10-03 20:15:23 ----RSD---- C:\WINDOWS\assembly
2010-10-03 20:12:33 ----D---- C:\WINDOWS\Microsoft.NET
2010-10-03 12:39:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-10-03 01:00:17 ----D---- C:\WINDOWS\system32\CatRoot
2010-10-03 00:59:15 ----D---- C:\WINDOWS\WinSxS
2010-10-02 03:10:01 ----RSD---- C:\WINDOWS\Fonts
2010-10-02 03:09:15 ----D---- C:\WINDOWS\system32\spool
2010-10-02 03:05:01 ----D---- C:\WINDOWS\system32\mui
2010-10-02 03:05:01 ----D---- C:\Programme\Internet Explorer
2010-10-01 23:10:49 ----D---- C:\WINDOWS\system32\wbem
2010-10-01 23:10:49 ----D---- C:\WINDOWS\system32\de-DE
2010-10-01 23:10:49 ----D---- C:\WINDOWS\Help
2010-10-01 23:10:49 ----D---- C:\WINDOWS\AppPatch
2010-10-01 22:01:36 ----D---- C:\Programme\Messenger
2010-10-01 21:36:18 ----D---- C:\WINDOWS\WBEM
2010-10-01 21:35:51 ----D---- C:\WINDOWS\Media
2010-10-01 18:02:32 ----D---- C:\WINDOWS\Debug
2010-10-01 17:59:21 ----D---- C:\Programme\Outlook Express
2010-10-01 17:54:24 ----D---- C:\Programme\Movie Maker
2010-10-01 14:04:30 ----A---- C:\WINDOWS\OEWABLog.txt
2010-10-01 14:04:03 ----D---- C:\WINDOWS\SoftwareDistribution
2010-10-01 14:03:39 ----A---- C:\WINDOWS\setuplog.txt
2010-10-01 14:00:13 ----D---- C:\WINDOWS\system32\Setup
2010-10-01 13:58:34 ----D---- C:\WINDOWS\security
2010-10-01 13:52:29 ----D---- C:\Programme\Windows Media Player
2010-10-01 13:52:23 ----D---- C:\WINDOWS\ehome
2010-10-01 13:52:22 ----D---- C:\WINDOWS\system32\inetsrv
2010-10-01 13:52:22 ----D---- C:\WINDOWS\ime
2010-10-01 13:52:12 ----D---- C:\WINDOWS\system32\usmt
2010-10-01 13:52:10 ----D---- C:\WINDOWS\PeerNet
2010-10-01 13:50:19 ----D---- C:\WINDOWS\system32\Restore
2010-10-01 13:50:18 ----D---- C:\WINDOWS\system32\npp
2010-10-01 13:50:18 ----D---- C:\WINDOWS\msagent
2010-10-01 13:50:17 ----D---- C:\WINDOWS\srchasst
2010-10-01 13:50:16 ----D---- C:\Programme\NetMeeting
2010-10-01 13:50:15 ----D---- C:\WINDOWS\system32\Com
2010-10-01 13:50:14 ----D---- C:\Programme\Windows NT
2010-10-01 13:50:12 ----D---- C:\Programme\Gemeinsame Dateien\System
2010-10-01 13:50:04 ----D---- C:\WINDOWS\system32\oobe
2010-10-01 13:50:02 ----D---- C:\WINDOWS\system
2010-10-01 13:48:55 ----A---- C:\ntdetect.com
2010-09-30 16:25:00 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Skype
2010-09-30 16:02:44 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\skypePM
2010-09-28 17:35:15 ----A---- C:\WINDOWS\ntbtlog.txt
2010-09-21 21:54:50 ----D---- C:\WINDOWS\Minidump
2010-09-21 20:16:29 ----D---- C:\Programme\Gemeinsame Dateien
2010-09-21 13:02:26 ----D---- C:\Programme\LimeWire
2010-09-21 09:48:35 ----D---- C:\Programme\BitTorrent
2010-09-21 02:47:09 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\BitTorrent
2010-09-20 21:37:03 ----SD---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft
2010-09-17 10:30:14 ----D---- C:\Programme\Adobe
2010-09-17 10:29:13 ----HD---- C:\Programme\InstallShield Installation Information
2010-09-17 10:27:59 ----RD---- C:\Programme\Skype
2010-09-17 00:04:45 ----D---- C:\Programme\Mozilla Firefox
2010-09-16 13:08:22 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\foobar2000

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-08-13 98432]
R0 pavboot;pavboot; C:\WINDOWS\system32\drivers\pavboot.sys [2009-06-30 28552]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-08-12 45648]
R1 AmdK8;AMD-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008]
R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-05-28 75096]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2008-04-15 21248]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-12-31 12032]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R3 avgntflt;avgntflt; \??\C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-14 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-07-30 34048]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-07-30 12928]
R3 tapvpn;TAP VPN Adapter; C:\WINDOWS\system32\DRIVERS\tapvpn.sys [2008-01-23 27136]
R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-08-09 29696]
S0 khqlmxop;khqlmxop; C:\WINDOWS\system32\drivers\oopuhnpkpjv.sys [2010-09-25 72320]
S2 ASInsHelp;ASInsHelp; \??\C:\WINDOWS\system32\drivers\AsInsHelp32.sys []
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Programme\Lavalys\EVEREST Home Edition\kerneld.wnt []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 SONYPVU1;Sony USB-Filtertreiber (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 taphss;Anchorfree HSS Adapter; C:\WINDOWS\system32\DRIVERS\taphss.sys [2009-09-15 32768]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Ad-Aware 2007 Service; C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe [2007-10-29 587096]
R2 AntiVirScheduler;AntiVir PersonalEdition Classic Planer; C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-23 68865]
R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-23 151297]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Programme\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; C:\Programme\Multimedia Keyboard & Mouse Driver\V5\KMWDSrv.exe [2007-05-08 2179072]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 WTService;WTService; C:\WINDOWS\system32\atwtusb.exe [2007-08-31 364192]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-06-14 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 SwitchBoard;SwitchBoard; C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 Adobe Version Cue CS3;Adobe Version Cue CS3 {de_DE} ; C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]
S4 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S4 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S4 iPod Service;iPod-Dienst; C:\Programme\iPod\bin\iPodService.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

--- --- ---

02.10.2010, 09:48	#18
Leonixx /// Helfer-Team	Trojaner an Board (Was ist qvyjea.exe bzw. qmadya.exe?) Nochmals Komplett Scan Malwarebytes. __________________

03.10.2010, 12:18	#20
Leonixx /// Helfer-Team	Trojaner an Board (Was ist qvyjea.exe bzw. qmadya.exe?) Möchte nochmals Logs von RSIT sehen.

09.10.2010, 10:02	#23
Leonixx /// Helfer-Team	Trojaner an Board (Was ist qvyjea.exe bzw. qmadya.exe?) Sorry für die verspätete Antwort. Noch nicht sauber. Checke diese Dateien bei Virustotal. C:\WINDOWS\itamuyosamavabow.dll C:\WINDOWS\msrcok32.dll C:\WINDOWS\system32\vlhyrhyj.exe

10.10.2010, 17:54	#25
Leonixx /// Helfer-Team	Trojaner an Board (Was ist qvyjea.exe bzw. qmadya.exe?) Müssen noch vorhanden sein, wenn sie im Logfile angezeigt werden. Hast du es über die Windows Suchfunktion versucht?

Trojaner an Board (Was ist qvyjea.exe bzw. qmadya.exe?)

Log-Analyse und Auswertung: Trojaner an Board (Was ist qvyjea.exe bzw. qmadya.exe?)