Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   trojaner, erfolgreich entfernt? (https://www.trojaner-board.de/81436-trojaner-erfolgreich-entfernt.html)

ollus 08.01.2010 14:55
trojaner, erfolgreich entfernt?
 
Hallo,

ich hoffe ich poste hier nicht doppelt (habe gesucht), ich hatte heute morgen einen automatischen Virenscanner auf meinem Rechner, der mir permanent Viren anzeigte. Ich habe den Namen vergessen, nach dem ich gegoogelt hatte fand ich heraus, dass es sich um ein russisches hacker Programm handeln soll. Nach weiterem googeln (u.a. auch hier) habe ich mir anti malware installiert und dieses durchlaufen lassen. Nun wollte ich mal dieses hier kontrollieren lassen und fragen ob alles okay ist:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:50:00, on 08.01.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Intel\Wireless\Bin\EvtEng.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
C:\Programme\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
C:\Programme\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Dell\MediaDirect\PCMService.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Programme\Creative\Mixer\CTSVolFE.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programme\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programme\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\pdf24\PDFBackend.exe
C:\Programme\SweetIM\Messenger\SweetIM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\COOLSP~1\PERSON~1\PID.EXE
C:\Programme\DAEMON Tools Lite\daemon.exe
C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Programme\Electronic Arts\EADM\Core.exe
C:\Programme\Digital Line Detect\DLG.exe
C:\Programme\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\PC Connectivity Solution\ServiceLayer.exe
C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Programme\ICQ6.5\ICQ.exe
C:\Programme\Java\jre1.6.0_05\bin\jucheck.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NavigationEnhancer - {391C0909-C026-3B63-FFDB-93FFF4E81675} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [PCMService] "C:\Programme\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Programme\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S11D.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PDFPrint] "C:\Programme\pdf24\PDFBackend.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Personal ID] C:\COOLSP~1\PERSON~1\PID.EXE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [EA Core] "C:\Programme\Electronic Arts\EADM\Core.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Programme\LimeWire\LimeWire.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: SecretCity 3DChat - {D401C3A2-12EF-4D1D-A086-F3AB10B565BF} - C:\PROGRA~1\SECRET~1\\SECRET~1.EXE (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c9d56474f3b2c6) (gupdate1c9d56474f3b2c6) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programme\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 9370 bytes

Vielen Dank im vorraus, und wie gesagt ich hoffe ich langweile nicht durch evtl. doppelt postens.

ollus 09.01.2010 20:08
Ich habe das Board weiterhin studiert und gelesen. Das Programm hieß security tool, ich bin jetzt noch mehr beunruhigt, da ich von einem user schon gelesen habe, dass er einen blue screen hatte. Ist mein laptop immer noch infeziert?

Moritz009 09.01.2010 20:17
Hallo und :hallo:

Bei Dir fehlen wichtige Updates, wie Das SP3 und der Internet Explorer 8!

Bitte die folgenden Anweisungen gründlich lesen und in dieser Reihenfolge einhalten:

1.
Ich brauche mehr `Übersicht` bzw Daten über einen längeren Zeitraum - dazu bitte Versteckte - und Systemdateien sichtbar machen:
Für XP:
→ Klicke unter Start auf Arbeitsplatz.
→ Klicke im Menü Extras auf Ordneroptionen.
→ Dateien und Ordner/Erweiterungen bei bekannten Dateitypen ausblenden → Haken entfernen
→ Geschützte und Systemdateien ausblenden → Haken entfernen
→ Versteckte Dateien und Ordner/Alle Dateien und Ordner anzeigen → Haken setzen.
→ Bei "Geschützte Systemdateien ausblenden" darf kein Häkchen sein und "Alle Dateien und Ordner anzeigen" muss aktiviert sein.

Für Vista:
→Klicke unter Start auf "Computer"
→Nun oben links auf "Organisieren" →"Ordner und Suchoptionen" anwählen
→Auf den Reiter "Ansicht" klicken
→Bei den erweiterten Einstellungen bei "geschützte Systemdateien ausblenden (empfohlen)" das Häkchen rausnehmen.
→Nach weiter unten zu "Versteckte Dateien und Ordner" navigieren. →Dort "Alle Dateien und Ordner anzeigen" aktivieren.

2
Nun bitte Diese Liste für alle Neuen abarbeiten und die anfallenden Logfiles unter Punkt 2 posten.

3
Außerdem würde ich gerne deine installierten Programme sehen:
Da Du den CCleaner ja nun hast, bitte auf "Extras" klicken und dort auf "als Textdatei speichern" Nun wird eine txt. Datei an dem von Dir gewählten Ort erstellt. Poste bitte den Inhalt dieser Datei hier.

4
Bitte außerdem GMER ausführen und das Log posten.

Am besten postest du dies in Code-Tags, das heißt, vor dein Logfile schreibst du:["CODE"] und nach deinem Logfile dann:["/CODE"] . Bitte jeweils die " weg lassen .
So sieht das dann aus:
Code:
Hier kommt das Logfile rein...

ollus 09.01.2010 22:25
ich hoffe, ich habe es richtig gemacht

Code:
Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3515
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

09.01.2010 22:19:05
mbam-log-2010-01-09 (22-19-05).txt

Scan-Methode: Vollständiger Scan (C:\|)
Durchsuchte Objekte: 213114
Laufzeit: 1 hour(s), 36 minute(s), 32 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\System Volume Information\_restore{47D1BE9F-57E9-4A47-816D-B6CFD543C054}\RP396\A0056455.exe (Rogue.SecurityTool) -> Quarantined and deleted successfully.
Code:
Logfile of random's system information tool 1.06 (written by random/random)
Run by PC User at 2010-01-09 22:31:48
Microsoft Windows XP Professional Service Pack 2
System drive C: has 7 GB (9%) free of 74 GB
Total RAM: 1014 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:31:57, on 09.01.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Intel\Wireless\Bin\EvtEng.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
C:\Programme\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
C:\Programme\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Dell\MediaDirect\PCMService.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Programme\Creative\Mixer\CTSVolFE.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programme\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programme\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Programme\pdf24\PDFBackend.exe
C:\Programme\SweetIM\Messenger\SweetIM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\COOLSP~1\PERSON~1\PID.EXE
C:\Programme\DAEMON Tools Lite\daemon.exe
C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Programme\Electronic Arts\EADM\Core.exe
C:\Programme\Digital Line Detect\DLG.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\PC Connectivity Solution\ServiceLayer.exe
C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Dokumente und Einstellungen\PC User\Eigene Dateien\Downloads\RSIT(3).exe
C:\Programme\Trend Micro\HijackThis\PC User.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NavigationEnhancer - {391C0909-C026-3B63-FFDB-93FFF4E81675} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [PCMService] "C:\Programme\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Programme\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S11D.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PDFPrint] "C:\Programme\pdf24\PDFBackend.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Personal ID] C:\COOLSP~1\PERSON~1\PID.EXE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [EA Core] "C:\Programme\Electronic Arts\EADM\Core.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Programme\LimeWire\LimeWire.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: SecretCity 3DChat - {D401C3A2-12EF-4D1D-A086-F3AB10B565BF} - C:\PROGRA~1\SECRET~1\\SECRET~1.EXE (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c9d56474f3b2c6) (gupdate1c9d56474f3b2c6) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programme\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 9453 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Klick-Wartung.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{391C0909-C026-3B63-FFDB-93FFF4E81675}]
NavigationEnhancer

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-21 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
Google Gears Helper - C:\Programme\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll [2009-10-16 2101248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-05-20 1258808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-05-20 1258808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PCMService"=C:\Programme\Dell\MediaDirect\PCMService.exe [2007-05-02 184320]
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY.exe [2007-03-16 1392640]
"CTSVolFE.exe"=C:\Programme\Creative\Mixer\CTSVolFE.exe [2005-02-23 57344]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-03-30 138008]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-03-30 162584]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-03-30 138008]
"SigmatelSysTrayApp"=C:\Programme\SigmaTel\C-Major Audio\WDM\stsystra.exe [2007-05-10 405504]
"SynTPEnh"=C:\Programme\Synaptics\SynTP\SynTPEnh.exe [2006-03-08 761947]
"IntelZeroConfig"=C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe [2007-10-08 995328]
"IntelWireless"=C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe [2007-10-08 1101824]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"SunJavaUpdateSched"=C:\Programme\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
"QuickTime Task"=C:\Programme\QuickTime\qttask.exe [2008-03-27 98304]
"EPSON Stylus DX4000 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE [2006-02-21 131072]
"avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Adobe Reader Speed Launcher"=C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"PDFPrint"=C:\Programme\pdf24\PDFBackend.exe [2008-01-31 134144]
"SweetIM"=C:\Programme\SweetIM\Messenger\SweetIM.exe [2009-08-26 111928]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"Personal ID"=C:\COOLSP~1\PERSON~1\PID.EXE [2009-04-02 1134008]
"DAEMON Tools Lite"=C:\Programme\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"PC Suite Tray"=C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-12 1414144]
"EA Core"=C:\Programme\Electronic Arts\EADM\Core.exe [2009-04-29 3338240]

C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
Digital Line Detect.lnk - C:\Programme\Digital Line Detect\DLG.exe

C:\Dokumente und Einstellungen\PC User\Startmenü\Programme\Autostart
LimeWire On Startup.lnk - C:\Programme\LimeWire\LimeWire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-03-30 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\Dell\MediaDirect\PCMService.exe"="C:\Programme\Dell\MediaDirect\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"C:\Programme\ICQ6\ICQ.exe"="C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\coolspot\xcMessenger\xcMessenger.exe"="C:\coolspot\xcMessenger\xcMessenger.exe:*:Enabled:X-Check Messenger"
"C:\Programme\LimeWire\LimeWire.exe"="C:\Programme\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Dokumente und Einstellungen\PC User\Desktop\installer-65601-32de-Total-Video-Converter-Deutsch.exe"="C:\Dokumente und Einstellungen\PC User\Desktop\installer-65601-32de-Total-Video-Converter-Deutsch.exe:*:Enabled:installer-65601-32de-Total-Video-Converter-Deutsch"
"C:\Programme\ICQ6.5\ICQ.exe"="C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Dokumente und Einstellungen\PC User\Anwendungsdaten\Facebook\facebook.exe"="C:\Dokumente und Einstellungen\PC User\Anwendungsdaten\Facebook\facebook.exe:127.0.0.1/255.255.255.255:Enabled:Facebook"
"C:\Programme\Ubisoft\Related Designs\ANNO 1404\Anno4.exe"="C:\Programme\Ubisoft\Related Designs\ANNO 1404\Anno4.exe:*:Enabled:ANNO 1404"
"C:\Programme\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe"="C:\Programme\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe:*:Enabled:Anno 1404 Web"
"C:\Programme\Electronic Arts\EADM\Core.exe"="C:\Programme\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Programme\Skype\Plugin Manager\skypePM.exe"="C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Programme\KONAMI\Pro Evolution Soccer 2010\pes2010.exe"="C:\Programme\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{344539a0-7b78-11de-86b3-0015c5c2c837}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe 172-016-161-119.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{73a603cc-d763-11de-8819-0015c5c2c837}]
shell\AutoRun\command - F:\LaunchU3.exe -a


======List of files/folders created in the last 1 months======

2010-01-09 22:31:48 ----D---- C:\rsit
2010-01-09 20:34:26 ----D---- C:\Programme\CCleaner
2010-01-08 14:10:41 ----D---- C:\Programme\Trend Micro
2010-01-08 12:52:19 ----D---- C:\Dokumente und Einstellungen\PC User\Anwendungsdaten\Malwarebytes
2010-01-08 12:51:26 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-01-08 12:51:22 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2010-01-08 11:46:20 ----AD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
2010-01-08 11:29:21 ----D---- C:\Programme\Enigma Software Group
2010-01-01 14:50:05 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2010-01-01 10:05:04 ----A---- C:\WINDOWS\system32\muweb.dll
2010-01-01 10:05:04 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-01-01 10:05:04 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-12-31 17:48:22 ----HD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
2009-12-31 17:48:02 ----A---- C:\WINDOWS\system32\CNMLM99.DLL
2009-12-31 10:47:46 ----D---- C:\Programme\Microsoft
2009-12-31 10:47:28 ----D---- C:\Programme\Windows Live SkyDrive
2009-12-31 10:47:01 ----D---- C:\Programme\Windows Live
2009-12-31 10:42:47 ----D---- C:\Programme\Gemeinsame Dateien\Windows Live

======List of files/folders modified in the last 1 months======

2010-01-09 22:29:40 ----D---- C:\Dokumente und Einstellungen\PC User\Anwendungsdaten\LimeWire
2010-01-09 22:29:23 ----D---- C:\Programme\Mozilla Firefox
2010-01-09 22:28:49 ----D---- C:\WINDOWS\Temp
2010-01-09 22:28:10 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-09 22:28:05 ----SD---- C:\WINDOWS\Tasks
2010-01-09 22:28:05 ----D---- C:\WINDOWS
2010-01-09 22:28:03 ----D---- C:\MDT
2010-01-09 22:27:55 ----A---- C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt
2010-01-09 22:27:13 ----D---- C:\WINDOWS\system32\drivers
2010-01-09 22:26:37 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-09 22:26:11 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
2010-01-09 21:31:01 ----D---- C:\WINDOWS\system32\CatRoot_bak
2010-01-09 21:31:01 ----D---- C:\WINDOWS\system32\CatRoot
2010-01-09 21:30:50 ----HD---- C:\WINDOWS\inf
2010-01-09 20:34:26 ----RD---- C:\Programme
2010-01-09 20:29:21 ----D---- C:\WINDOWS\Debug
2010-01-09 20:29:18 ----D---- C:\WINDOWS\Minidump
2010-01-09 20:09:10 ----D---- C:\Dokumente und Einstellungen\PC User\Anwendungsdaten\ICQ
2010-01-09 13:32:38 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google Updater
2010-01-08 14:38:26 ----D---- C:\Programme\Gemeinsame Dateien
2010-01-08 14:38:25 ----SHD---- C:\Config.Msi
2010-01-08 14:38:25 ----D---- C:\WINDOWS\system32
2010-01-08 14:37:54 ----HDC---- C:\WINDOWS\$NtUninstallKB941568$
2010-01-08 12:51:52 ----D---- C:\WINDOWS\Prefetch
2010-01-08 11:49:38 ----SHD---- C:\WINDOWS\Installer
2010-01-08 11:49:23 ----D---- C:\WINDOWS\WinSxS
2010-01-08 11:10:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-05 16:26:52 ----D---- C:\Programme\LimeWire
2010-01-05 07:23:12 ----D---- C:\Programme\Google
2010-01-03 23:41:42 ----A---- C:\WINDOWS\easyprint.INI
2010-01-03 20:38:43 ----D---- C:\Programme\IKEA HomePlanner
2010-01-02 13:02:42 ----D---- C:\WINDOWS\system32\wbem
2010-01-02 13:02:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-02 10:42:55 ----A---- C:\WINDOWS\win.ini
2010-01-01 14:47:32 ----RSD---- C:\WINDOWS\Fonts
2010-01-01 14:46:58 ----D---- C:\Programme\Gemeinsame Dateien\Microsoft Shared
2010-01-01 11:50:42 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-31 17:48:44 ----D---- C:\WINDOWS\system32\FxsTmp
2009-12-31 10:49:33 ----SD---- C:\Dokumente und Einstellungen\PC User\Anwendungsdaten\Microsoft
2009-12-31 10:47:33 ----SD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft
2009-12-29 11:26:01 ----D---- C:\Programme\ICQ6.5

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-04-28 96104]
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40192]
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-06-10 28520]
R1 WmiAcpi;Microsoft Windows-Verwaltungsschnittstelle für ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-03-25 21361]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-10-17 281760]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-08 56816]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-10-17 25888]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-04 12544]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2006-11-15 32256]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2006-11-14 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376]
R2 s24trans;WLAN-Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-08-27 12288]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2006-11-21 45568]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys [2005-12-01 936960]
R3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys [2005-12-01 192512]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-03-30 5704672]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
R3 NETw4x32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-09-26 2236032]
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 NWADI;NWADI Bus Enumerator; C:\WINDOWS\system32\DRIVERS\NWADIenum.sys [2006-03-27 74752]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-04 67584]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-05-10 1222840]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-08 191872]
R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys [2005-12-01 669696]
S3 61883;61883-Einheitsgerät; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128]
S3 Avc;AVC-Gerät; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912]
S3 ayskyad0;ayskyad0; C:\WINDOWS\system32\drivers\ayskyad0.sys []
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2006-04-10 18560]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 sffdisk;SFF-Speicherklassentreiber; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2004-08-04 11136]
S3 sffp_sd;SFF-Speicherprotokolltreiber für SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2004-08-04 10240]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-06-10 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-08-12 185089]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Programme\Intel\Wireless\Bin\EvtEng.exe [2007-10-08 794624]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [2005-06-20 53248]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Programme\Intel\Wireless\Bin\RegSrvc.exe [2007-10-08 483328]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Programme\Intel\Wireless\Bin\S24EvMon.exe [2007-10-08 1183744]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe [2004-02-26 49152]
R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R2 WLANKEEPER;Intel(R) PROSet/Wireless SSO Service; C:\Programme\Intel\Wireless\Bin\WLKeeper.exe [2007-10-08 356352]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2007-03-16 20480]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R3 ServiceLayer;ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-04 268800]
S2 gupdate1c9d56474f3b2c6;Google Update Service (gupdate1c9d56474f3b2c6); C:\Programme\Google\Update\GoogleUpdate.exe [2009-05-15 133104]
S2 gusvc;Google Software Updater; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-21 183280]
S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TuneUp.Defrag;TuneUp Drive Defrag-Dienst; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-05-14 361728]
S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]

-----------------EOF-----------------
Code:
info.txt logfile of random's system information tool 1.06 2010-01-09 22:32:00

======Uninstall list======

-->C:\Programme\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{7E9BE6D1-680B-49B2-A2B0-CBC32D20DF04}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{AA2CA846-C6DB-4468-B291-18D4BA359656}\setup.exe" -l0x7
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.1 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A91000000001}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
ANNO 1404-->"C:\Programme\InstallShield Installation Information\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}\setup.exe" -runfromtemp -l0x0007 -removeonly
ANNO 1503-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}\Setup.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE
Broadcom 440x 10/100 Integrated Controller-->MsiExec.exe /X{612B9183-67A9-4B44-9877-2F059E35B86A}
Broadcom Management Programs-->MsiExec.exe /I{C99C0593-3B48-41D9-B42F-6E035B320449}
CCleaner-->"C:\Programme\CCleaner\uninst.exe"
Conexant HDA D110 MDC V.92 Modem-->C:\Programme\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -Idel1028p.inf
Dell Mobile Broadband Card Utility-->MsiExec.exe /X{DF62D775-BB7C-4AFA-9CA4-DDA1C4855F28}
Dell Wireless WLAN Card-->"C:\Programme\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Programme\Dell\Dell Wireless WLAN Card"
Digital Line Detect-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x7 ControlPanel
EA Download Manager-->C:\Programme\Electronic Arts\EADM\Uninstall.exe
EA.com Matchup-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2F173C40-563E-11D4-89C5-0010ADDAAC33}\setup.exe"  -l0x0 Uninstall
EA.com Update-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{9AB97F52-512B-43EF-AAEC-4825C17B32ED}\setup.exe"  -l0x0 Uninstall
ElsterFormular 2008/2009-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}\setup.exe" -l0x7  -removeonly
EPSON Scan-->C:\Programme\epson\escndv\setup\setup.exe /r
EPSON-Drucker-Software-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
Facebook Desktop-->C:\Dokumente und Einstellungen\PC User\Anwendungsdaten\Facebook\uninstall.exe
FIFA 10-->MsiExec.exe /X{11202615-E557-4ECF-9B86-F59C81E52909}
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Google Earth-->MsiExec.exe /X{C084BC61-E537-11DE-8616-005056806466}
Google Gears-->MsiExec.exe /I{BC2FE771-EDBE-3087-A676-2B6C45A2BF7E}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Updater-->"C:\Programme\Google\Google Updater\GoogleUpdater.exe" -uninstall
Handball Manager 2010-->"C:\Programme\HandballManager2010\SETUP\setup.exe" /u
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Programme\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
Hotfix für Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
ICQ6.5-->"C:\Programme\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
IKEA Home Planner-->MsiExec.exe /I{AFA9D219-A7FD-4240-8793-E5C7C9D715F4}
Indeo® software-->C:\WINDOWS\IsUninst.exe -fC:\Programme\Intel\Indeo\Uninst.isu
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
LimeWire 5.4.6-->"C:\Programme\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
MediaDirect-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}\Setup.exe" -l0x7  -cluninstall
mHlpDell-->MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110407-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
Mixer-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{7E9BE6D1-680B-49B2-A2B0-CBC32D20DF04}\setup.exe" -l0x7  /remove
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Firefox (3.5.7)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
mSCfg-->MsiExec.exe /I{829CD169-E692-48E8-9BDE-A3E8D8B65538}
mSSO-->MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mWMI-->MsiExec.exe /I{63DB9CCD-2B56-4217-9A3D-507AC78320CA}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
NavigationEnhancer-->C:\Programme\NavigationEnhancer\uninstall.exe
Nero Suite-->C:\Programme\Gemeinsame Dateien\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""
Nokia Connectivity Cable Driver-->MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296}
Nokia PC Suite-->C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Nokia_PC_Suite_7_1_30_8_ger.exe
Nokia PC Suite-->MsiExec.exe /I{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}
OutlookAddinSetup-->MsiExec.exe /I{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}
PC Connectivity Solution-->MsiExec.exe /I{0C973594-7DDF-4BD0-84ED-3517F7622037}
pdf24-->"C:\Programme\pdf24\unins000.exe"
PDFCreator-->C:\Programme\PDFCreator\unins000.exe
Personal ID-->"C:\COOLSP~1\PERSON~1\Uninstall.exe" "C:\COOLSP~1\PERSON~1\install.log" -u
Pixum EasyBook-->"C:\Programme\Pixum\Pixum EasyBook\uninstall.exe"
Pixum EasyPrint 1.2-->C:\Programme\Pixum AG\Pixum EasyPrint\uninstall.exe
Pixum ePrint 1.2-->C:\Programme\Diginet\Pixum ePrint\uninstall.exe
Pro Evolution Soccer 2010-->MsiExec.exe /X{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}
ProtectDisc Driver, Version 11-->C:\Programme\ProtectDisc Driver Installer\uninstall_v11.exe
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sicherheitsupdate für Windows Media Encoder (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 9 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Sicherheitsupdate für Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB937894)-->"C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB944338)-->"C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB944533)-->"C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB947864)-->"C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971032)-->"C:\WINDOWS\$NtUninstallKB971032$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe"
SigmaTel Audio-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x7 -remove -removeonly
SmartSound Quicktracks Plugin-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
Sound Blaster Audigy ADVANCED MB Demo-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{AA2CA846-C6DB-4468-B291-18D4BA359656}\setup.exe" -l0x7  /remove
SweetIM for Messenger 2.7-->MsiExec.exe /X{EC87E256-B0A4-4A41-8682-AB57FF21196D}
SweetIM Toolbar for Internet Explorer 3.4-->MsiExec.exe /X{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Programme\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Total Video Converter 3.12 080330-->"C:\Programme\Total Video Converter\unins000.exe"
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
UEFA EURO 2008™-->MsiExec.exe /X{DE3FCA5F-7B8A-482B-89A9-CC9BD5F656A1}
Ulead VideoStudio 8.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{4F1DA6BF-3614-48A1-9970-9E90F646789E}\setup.exe" -l0x7
Unity Web Player-->C:\Programme\Unity\WebPlayer\Uninstall.exe
Update für Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update für Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Update für Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Update für Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update für Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Update für Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Update für Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Update für Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Update für Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Update für Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Update für Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Update für Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Update für Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Update für Windows XP (KB942840)-->"C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
Update für Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update für Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update für Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Update für Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update für Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update für Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update für Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update für Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Update für Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe"
Wichtiges Update für Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live Anmelde-Assistent-->MsiExec.exe /I{52B97218-98CB-4B8B-9283-D213C85E1AA4}
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Essentials-->C:\Programme\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}
Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Encoder 9-Reihe-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9-Reihe-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Format 11 runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Programme\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP-Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP-Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP-Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Windows XP-Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Windows XP-Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP-Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Windows XP-Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Windows-Treiberpaket - Nokia Modem  (06/01/2009 4.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_C08496D7A0050438DFE13C55799AE2D4157A8E7A\nokia_bluetooth.inf
Windows-Treiberpaket - Nokia Modem  (06/01/2009 7.01.0.3)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_9C48E34C57B7D4AAE5FFF5FB9B476B538394FD30\nokbtmdm.inf
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Windows-Treiberpaket - Ricoh Company (rimsptsk) hdc  (11/14/2006 6.00.01.04)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\dpinst.exe /us C:\PROGRA~1\DIFX\UninstallScripts\4569969E1360D2854474C661EF9B4D54F143EB16
WinRAR-->C:\Programme\WinRAR\uninstall.exe
WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}

======Hosts File======

127.0.0.1        localhost

======Security center information======

AV: AntiVir Desktop

======System event log======

Computer Name: PRIVAT-9CD2D486
Event Code: 4201
Message: Netzwerkadapter "\DEVICE\TCPIP_{59C75092-A6FE-42DB-89B8-A6D73B0E3834}" wurde mit dem Netzwerk verbunden, und das
System wurde über das Netzwerk im normalen Zustand gestartet.

Record Number: 68562
Source Name: Tcpip
Time Written: 20091220100220.000000+060
Event Type: Informationen
User:

Computer Name: PRIVAT-9CD2D486
Event Code: 7036
Message: Dienst "ServiceLayer" befindet sich jetzt im Status "Ausgeführt".

Record Number: 68561
Source Name: Service Control Manager
Time Written: 20091220100219.000000+060
Event Type: Informationen
User:

Computer Name: PRIVAT-9CD2D486
Event Code: 7035
Message: Der Steuerbefehl "starten" wurde erfolgreich an den Dienst "ServiceLayer" gesendet.

Record Number: 68560
Source Name: Service Control Manager
Time Written: 20091220100218.000000+060
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: PRIVAT-9CD2D486
Event Code: 7036
Message: Dienst "IMAPI-CD-Brenn-COM-Dienste" befindet sich jetzt im Status "Beendet".

Record Number: 68559
Source Name: Service Control Manager
Time Written: 20091220100215.000000+060
Event Type: Informationen
User:

Computer Name: PRIVAT-9CD2D486
Event Code: 7036
Message: Dienst "Konfigurationsfreie drahtlose Verbindung" befindet sich jetzt im Status "Beendet".

Record Number: 68558
Source Name: Service Control Manager
Time Written: 20091220100210.000000+060
Event Type: Informationen
User:

=====Application event log=====

Computer Name: PRIVAT-9CD2D486
Event Code: 2002
Message:
Record Number: 25563
Source Name: EAPOL
Time Written: 20091013155153.000000+120
Event Type: Informationen
User:

Computer Name: PRIVAT-9CD2D486
Event Code: 2003
Message:
Record Number: 25562
Source Name: EAPOL
Time Written: 20091013155153.000000+120
Event Type: Informationen
User:

Computer Name: PRIVAT-9CD2D486
Event Code: 0
Message:
Record Number: 25561
Source Name: gusvc
Time Written: 20091013155150.000000+120
Event Type: Informationen
User:

Computer Name: PRIVAT-9CD2D486
Event Code: 0
Message:
Record Number: 25560
Source Name: gupdate1c9d56474f3b2c6
Time Written: 20091013155126.000000+120
Event Type: Informationen
User:

Computer Name: PRIVAT-9CD2D486
Event Code: 4096
Message: Der AntiVir Dienst wurde erfolgreich gestartet!

Record Number: 25559
Source Name: Avira AntiVir
Time Written: 20091013155055.000000+120
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Programme\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\Gemeinsame Dateien\Ulead Systems\MPEG
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0e08
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------
Code:
Adobe Flash Player 10 Plugin        Adobe Systems Incorporated        10.0.32.18
Adobe Flash Player ActiveX        Adobe Systems Incorporated        9.0.124.0
Adobe Reader 9.1 - Deutsch        Adobe Systems Incorporated        9.1.0
Adobe Shockwave Player        Adobe Systems, Inc.        10.2.0.22
ANNO 1404        Ubisoft        1.00.0000
ANNO 1503               
Avira AntiVir Personal - Free Antivirus        Avira GmbH       
Broadcom 440x 10/100 Integrated Controller        Broadcom Corporation        10.04.01
Broadcom Management Programs        Broadcom Corporation        10.15.03
CCleaner        Piriform        2.27
Conexant HDA D110 MDC V.92 Modem               
Dell Mobile Broadband Card Utility        Novatel Wireless        2.01.19.14
Dell Wireless WLAN Card        Dell Inc.        4.100.15.8
Digital Line Detect        BVRP Software, Inc        1.15
EA Download Manager        Electronic Arts, Inc.        5.0.0.288
EA.com Matchup               
EA.com Update               
ElsterFormular 2008/2009        Steuerverwaltung des Bundes und der Länder        10.2.1.0
EPSON Scan               
EPSON-Drucker-Software               
Facebook Desktop               
FIFA 10        Electronic Arts        1.0.0.0
GameSpy Arcade               
Google Earth        Google        5.1.7894.7252
Google Gears        Google        0.5.3300
Google Updater        Google Inc.        2.4.1536.6592
Handball Manager 2010        netmin games       
High Definition Audio Driver Package - KB888111        Microsoft Corporation        20040219.000000
HijackThis 2.0.2        TrendMicro        2.0.2
ICQ6.5        ICQ        6.5
IKEA Home Planner        IKEA IT        2.0.1
Indeo® software               
Intel(R) Graphics Media Accelerator Driver               
Intel(R) PROSet/Wireless Software        Intel Corporation        11.5.0000
Java(TM) 6 Update 5        Sun Microsystems, Inc.        1.6.0.50
LimeWire 5.4.6        Lime Wire, LLC        5.4.6
Malwarebytes' Anti-Malware        Malwarebytes Corporation       
MediaDirect        Dell        4.7
Microsoft Compression Client Pack 1.0 for Windows XP        Microsoft Corporation        1
Microsoft Office Professional Edition 2003        Microsoft Corporation        11.0.8173.0
Microsoft User-Mode Driver Framework Feature Pack 1.5        Microsoft Corporation       
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        8.0.56336
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        9.0.30729
Mixer               
Mozilla Firefox (3.5.7)        Mozilla        3.5.7 (de)
MSXML 4.0 SP2 (KB936181)        Microsoft Corporation        4.20.9848.0
MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        4.20.9870.0
MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        4.20.9876.0
MSXML 6 Service Pack 2 (KB973686)        Microsoft Corporation        6.20.2003.0
NavigationEnhancer               
Nero Suite               
Nokia Connectivity Cable Driver        Nokia        7.1.17.0
Nokia PC Suite        Nokia        7.1.30.8
OutlookAddinSetup        CyberLink        1.0.0
PC Connectivity Solution        Nokia        9.23.3.0
pdf24        PDF24.org       
PDFCreator        Frank Heindörfer, Philip Chinery        0.9.8
Personal ID        coolspot AG        1.8.5
Pixum EasyBook               
Pixum EasyPrint 1.2        Diginet GmbH & Co. KG        1.2.5100.10000
Pixum ePrint 1.2        Diginet GmbH & Co. KG        1.2.5105.10000
Pro Evolution Soccer 2010        KONAMI        1.00.0000
ProtectDisc Driver, Version 11        ProtectDisc Software GmbH        11.0.0.12
QuickTime               
Sicherheitsupdate für Windows Media Encoder (KB954156)        Microsoft Corporation       
SigmaTel Audio        SigmaTel        5.10.5210.0
Skat-Online V7        Skat.com, c/o Markus Riehl       
SmartSound Quicktracks Plugin        SmartSound Software Inc.        3.0.1.2
Sound Blaster Audigy ADVANCED MB Demo               
SweetIM for Messenger 2.7        SweetIM Technologies Ltd.        2.7.0009
SweetIM Toolbar for Internet Explorer 3.4        SweetIM Technologies Ltd.        3.4.0010
Synaptics Pointing Device Driver        Synaptics        8.2.4.6
Total Video Converter 3.12 080330        EffectMatrix Inc.       
TuneUp Utilities 2008        TuneUp Software        7.0.8009
UEFA EURO 2008™        Electronic Arts        1.0.1.1
Ulead VideoStudio 8.0        Ulead System        8.0
Unity Web Player        Unity Technologies ApS        2.0.2f2_13444
Windows Installer 3.1 (KB893803)        Microsoft Corporation        3.1
Windows Live Anmelde-Assistent        Microsoft Corporation        5.000.818.5
Windows Live Essentials        Microsoft Corporation        14.0.8089.0726
Windows Live-Uploadtool        Microsoft Corporation        14.0.8014.1029
Windows Media Encoder 9-Reihe               
Windows Media Format 11 runtime               
Windows Media Player 11               
Windows-Treiberpaket - Nokia Modem  (06/01/2009 4.1)        Nokia        06/01/2009 4.1
Windows-Treiberpaket - Nokia Modem  (06/01/2009 7.01.0.3)        Nokia        06/01/2009 7.01.0.3
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)        Nokia        08/22/2008 7.0.0.0
Windows-Treiberpaket - Ricoh Company (rimsptsk) hdc  (11/14/2006 6.00.01.04)        Ricoh Company        11/14/2006 6.00.01.04
WinRAR               
WinZip 11.1        WinZip Computing, S.L.        11.1.7466g
vielen Dank schon einmal, ich werde das SP3 installieren.

Moritz009 09.01.2010 22:49
Hallo,

du kannst auch alle Logfiles auch in eine Datei zippen (z.B. mit WinZip) und bei www.file-upload.net hochladen und hier den Link zum Download posten :) .

ollus 10.01.2010 12:06
ich hoffe ich brauche es nicht noch einmal durchzuführen

Moritz009 10.01.2010 12:54
Hi,

nein, brauchst du natürlich nicht, habe gerade erst deinen Edit gesehn :) .
Allerdings fehlt noch GMER, in meinem letzten Post der letzte Punkt. Bitte noch nachreichen. Liebe Grüße,

Moritz

ollus 10.01.2010 17:43
Was für ein Akt, nach zahlreichen Abstürzen endlich geschafft:

Code:
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-01-10 17:13:43
Windows 5.1.2600 Service Pack 3
Running: z241bt09.exe; Driver: C:\DOKUME~1\PCUSER~1\LOKALE~1\Temp\agpdafog.sys


---- System - GMER 1.0.15 ----

SSDT            F7BF6D16                                                                                                            ZwCreateKey
SSDT            F7BF6D0C                                                                                                            ZwCreateThread
SSDT            F7BF6D1B                                                                                                            ZwDeleteKey
SSDT            F7BF6D25                                                                                                            ZwDeleteValueKey
SSDT            spdr.sys                                                                                                            ZwEnumerateKey [0xF73DBCA2]
SSDT            spdr.sys                                                                                                            ZwEnumerateValueKey [0xF73DC030]
SSDT            F7BF6D2A                                                                                                            ZwLoadKey
SSDT            spdr.sys                                                                                                            ZwOpenKey [0xF73BD0C0]
SSDT            F7BF6CF8                                                                                                            ZwOpenProcess
SSDT            F7BF6CFD                                                                                                            ZwOpenThread
SSDT            spdr.sys                                                                                                            ZwQueryKey [0xF73DC108]
SSDT            spdr.sys                                                                                                            ZwQueryValueKey [0xF73DBF88]
SSDT            F7BF6D34                                                                                                            ZwReplaceKey
SSDT            F7BF6D2F                                                                                                            ZwRestoreKey
SSDT            F7BF6D20                                                                                                            ZwSetValueKey
SSDT            F7BF6D07                                                                                                            ZwTerminateProcess

INT 0x62        ?                                                                                                                    86567BF8
INT 0x82        ?                                                                                                                    86567BF8
INT 0x84        ?                                                                                                                    865D7BF8
INT 0x94        ?                                                                                                                    865D7BF8
INT 0xA4        ?                                                                                                                    865D7BF8

---- Kernel code sections - GMER 1.0.15 ----

?              spdr.sys                                                                                                            Das System kann die angegebene Datei nicht finden. !
.text          USBPORT.SYS!DllUnload                                                                                                F610A8AC 5 Bytes  JMP 865D71D8
.text          ac6sjq4q.SYS                                                                                                        F5FF0386 35 Bytes  [00, 00, 00, 00, 00, 00, 20, ...]
.text          ac6sjq4q.SYS                                                                                                        F5FF03AA 24 Bytes  [00, 00, 00, 00, 00, 00, 00, ...]
.text          ac6sjq4q.SYS                                                                                                        F5FF03C4 3 Bytes  [00, 70, 02] {ADD [EAX+0x2], DH}
.text          ac6sjq4q.SYS                                                                                                        F5FF03C9 1 Byte  [2E]
.text          ac6sjq4q.SYS                                                                                                        F5FF03C9 11 Bytes  [2E, 00, 00, 00, 5A, 02, 00, ...]
.text          ...                                                                                                                 
.reloc          C:\WINDOWS\system32\drivers\acedrv11.sys                                                                            section is executable [0xA9BFC300, 0x25D4C, 0xE0000060]
.text          C:\WINDOWS\system32\DRIVERS\atksgt.sys                                                                              section is writeable [0xA9B75300, 0x3B6D8, 0xE8000020]
.text          C:\WINDOWS\system32\DRIVERS\lirsgt.sys                                                                              section is writeable [0xF799D300, 0x1BEE, 0xE8000020]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT            atapi.sys[HAL.dll!READ_PORT_UCHAR]                                                                                  [F73BE040] spdr.sys
IAT            atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT]                                                                          [F73BE13C] spdr.sys
IAT            atapi.sys[HAL.dll!READ_PORT_USHORT]                                                                                  [F73BE0BE] spdr.sys
IAT            atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT]                                                                          [F73BE7FC] spdr.sys
IAT            atapi.sys[HAL.dll!WRITE_PORT_UCHAR]                                                                                  [F73BE6D2] spdr.sys
IAT            \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR]                                                  [F73CE048] spdr.sys
IAT            \SystemRoot\System32\Drivers\ac6sjq4q.SYS[HAL.dll!KfAcquireSpinLock]                                                C0840CEC
IAT            \SystemRoot\System32\Drivers\ac6sjq4q.SYS[HAL.dll!READ_PORT_UCHAR]                                                  053C0D74
IAT            \SystemRoot\System32\Drivers\ac6sjq4q.SYS[HAL.dll!KeGetCurrentIrql]                                                  57B80974
IAT            \SystemRoot\System32\Drivers\ac6sjq4q.SYS[HAL.dll!KfRaiseIrql]                                                      8B000000
IAT            \SystemRoot\System32\Drivers\ac6sjq4q.SYS[HAL.dll!KfLowerIrql]                                                      56C35DE5
IAT            \SystemRoot\System32\Drivers\ac6sjq4q.SYS[HAL.dll!HalGetInterruptVector]                                            8D08758B
IAT            \SystemRoot\System32\Drivers\ac6sjq4q.SYS[HAL.dll!HalTranslateBusAddress]                                            8D51FC4D
IAT            \SystemRoot\System32\Drivers\ac6sjq4q.SYS[HAL.dll!KeStallExecutionProcessor]                                        8D52FD55
IAT            \SystemRoot\System32\Drivers\ac6sjq4q.SYS[HAL.dll!KfReleaseSpinLock]                                                8D51FE4D
IAT            \SystemRoot\System32\Drivers\ac6sjq4q.SYS[HAL.dll!READ_PORT_BUFFER_USHORT]                                          8D52FF55
IAT            \SystemRoot\System32\Drivers\ac6sjq4q.SYS[HAL.dll!READ_PORT_USHORT]                                                  8D51F84D
IAT            \SystemRoot\System32\Drivers\ac6sjq4q.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT]                                          5052F455
IAT            \SystemRoot\System32\Drivers\ac6sjq4q.SYS[HAL.dll!WRITE_PORT_UCHAR]                                                  EACAE856
IAT            \SystemRoot\System32\Drivers\ac6sjq4q.SYS[WMILIB.SYS!WmiSystemControl]                                              0FC08520
IAT            \SystemRoot\System32\Drivers\ac6sjq4q.SYS[WMILIB.SYS!WmiCompleteRequest]                                            0001B185

---- Devices - GMER 1.0.15 ----

Device          \FileSystem\Ntfs \Ntfs                                                                                              865D61F8

AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass0                                                                              SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device          \Driver\NetBT \Device\NetBT_Tcpip_{59C75092-A6FE-42DB-89B8-A6D73B0E3834}                                            848D11F8
Device          \Driver\usbuhci \Device\USBPDO-0                                                                                    863851F8
Device          \Driver\PCI_PNP8414 \Device\00000051                                                                                spdr.sys
Device          \Driver\PCI_PNP8414 \Device\00000051                                                                                spdr.sys
Device          \Driver\dmio \Device\DmControl\DmIoDaemon                                                                            865D81F8
Device          \Driver\dmio \Device\DmControl\DmConfig                                                                              865D81F8
Device          \Driver\dmio \Device\DmControl\DmPnP                                                                                865D81F8
Device          \Driver\dmio \Device\DmControl\DmInfo                                                                                865D81F8
Device          \Driver\usbuhci \Device\USBPDO-1                                                                                    863851F8
Device          \Driver\usbuhci \Device\USBPDO-2                                                                                    863851F8
Device          \Driver\sptd \Device\1745023414                                                                                      spdr.sys
Device          \Driver\usbuhci \Device\USBPDO-3                                                                                    863851F8
Device          \Driver\usbehci \Device\USBPDO-4                                                                                    863571F8
Device          \Driver\Ftdisk \Device\HarddiskVolume1                                                                              865681F8
Device          \Driver\Ftdisk \Device\HarddiskVolume2                                                                              865681F8
Device          \Driver\Cdrom \Device\CdRom0                                                                                        862CA1F8
Device          \Driver\Cdrom \Device\CdRom1                                                                                        862CA1F8
Device          \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3                                                                          [F7310B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdePort0                                                                                  [F7310B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdePort1                                                                                  [F7310B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e                                                                          [F7310B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\Ftdisk \Device\HarddiskVolume3                                                                              865681F8
Device          \Driver\NetBT \Device\NetBt_Wins_Export                                                                              848D11F8
Device          \Driver\NetBT \Device\NetbiosSmb                                                                                    848D11F8
Device          \Driver\usbuhci \Device\USBFDO-0                                                                                    863851F8
Device          \Driver\usbuhci \Device\USBFDO-1                                                                                    863851F8
Device          \FileSystem\MRxSmb \Device\LanmanDatagramReceiver                                                                    848CA1F8
Device          \Driver\usbuhci \Device\USBFDO-2                                                                                    863851F8
Device          \FileSystem\MRxSmb \Device\LanmanRedirector                                                                          848CA1F8
Device          \Driver\usbuhci \Device\USBFDO-3                                                                                    863851F8
Device          \Driver\usbehci \Device\USBFDO-4                                                                                    863571F8
Device          \Driver\Ftdisk \Device\FtControl                                                                                    865681F8
Device          \Driver\NetBT \Device\NetBT_Tcpip_{00EBD39A-85D8-44AE-96CE-4EFEFB9E4F2E}                                            848D11F8
Device          \Driver\ac6sjq4q \Device\Scsi\ac6sjq4q1                                                                              862C91F8
Device          \Driver\ac6sjq4q \Device\Scsi\ac6sjq4q1Port2Path0Target0Lun0                                                        862C91F8
Device          \FileSystem\Fastfat \Fat                                                                                            845C91F8
Device          \FileSystem\Fastfat \Fat                                                                                            A8E3C297

AttachedDevice  \FileSystem\Fastfat \Fat                                                                                            fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device          \FileSystem\Cdfs \Cdfs                                                                                              8483F500

---- Registry - GMER 1.0.15 ----

Reg            HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1                                                                  771343423
Reg            HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2                                                                  285507792
Reg            HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0                                                                  1
Reg            HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4                                   
Reg            HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                  C:\Programme\DAEMON Tools Lite\
Reg            HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                  0
Reg            HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                              0xF2 0x10 0x71 0x0A ...
Reg            HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001                           
Reg            HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg            HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                      0xEC 0x57 0x09 0xFF ...
Reg            HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40                     
Reg            HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                0xC3 0xEF 0x81 0x6B ...
Reg            HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)               
Reg            HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                      C:\Programme\DAEMON Tools Lite\
Reg            HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                      0
Reg            HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                                  0xF2 0x10 0x71 0x0A ...
Reg            HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)       
Reg            HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg            HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                          0xEC 0x57 0x09 0xFF ...
Reg            HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) 
Reg            HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                    0xC3 0xEF 0x81 0x6B ...
Reg            HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)               
Reg            HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                      C:\Programme\DAEMON Tools Lite\
Reg            HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                      0
Reg            HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                                  0xF2 0x10 0x71 0x0A ...
Reg            HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)       
Reg            HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg            HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                          0xEC 0x57 0x09 0xFF ...
Reg            HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) 
Reg            HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                    0xC3 0xEF 0x81 0x6B ...
Reg            HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)               
Reg            HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                      C:\Programme\DAEMON Tools Lite\
Reg            HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                      0
Reg            HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                                  0xF2 0x10 0x71 0x0A ...
Reg            HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)       
Reg            HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg            HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                          0xEC 0x57 0x09 0xFF ...
Reg            HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) 
Reg            HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                    0xC3 0xEF 0x81 0x6B ...

---- EOF - GMER 1.0.15 ----


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:10 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19