Trojaner-Board - MSN Virus IM-Worm.win32.agent.ve

Guten Tag

Ich habe vor ein Paar Tagen ein Mail mit folgender Nachricht bekommen:

******************************************************
Heyy Hiii :]]
I know what you did to me..
So!! you must take a look below and find what i wana show ya. heh...

get me here.

******************************************************

"get me here" beinhaltet einen Link zu

hxxp://u.nu/7i32a

Hinter diesem Short-Url verbirgt sich :

hxxp://75.102.9.36/IMAGE46453-facebook.com.JPG.jpg.exe

Da es von einer guten Kollegin von mir ist öffnete ich die Datei.
Und nun , voila eine Woche später zeigt mir Kaspersky internet Security 2010
2 Verseuchte Dateien :

*********************************************

IMAGE46453-facebook.com.JPG.jpg.exe
infocard.exe

*********************************************

Ich habe die beiden Dateien gelöscht.
( infocard.exe ist doch von Windows Live Card Space oder so?)

Danach habe ich OTL laufen Lassen.

Ergebniss datei Extras.txt

***********************************************
OTL EXTRAS Logfile:
Code:
OTL Extras logfile created on: 27.05.2010 17:01:10 - Run 1

OTL by OldTimer - Version 3.2.5.0     Folder = C:\Users\***\Downloads

 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy

 

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 49.00% Memory free

6.00 Gb Paging File | 4.00 Gb Available in Paging File | 71.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 281.28 Gb Total Space | 154.22 Gb Free Space | 54.83% Space Free | Partition Type: NTFS

Drive D: | 11.93 Gb Total Space | 1.91 Gb Free Space | 16.05% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Drive X: | 4.88 Gb Total Space | 4.57 Gb Free Space | 93.57% Space Free | Partition Type: NTFS

 

Computer Name: ***

Current User Name: ***

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Directory [runas] -- cmd.exe /c takeown /f "%1" && icacls "%1" /grant administrators:F (Microsoft Corporation)

Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)

Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)

Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring" = 1

"" = 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 
 ========== Authorized Applications List ==========

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam

"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51

"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool

"{12F3BB85-62FB-476D-AAB9-9AB94AF864D4}" = Network Printer Wizard

"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode

"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18

"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime

"{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}" = GTA2

"{2ADB5A6B-F8CE-4459-B89E-5E2FF2F26F64}" = Multimedia Card Reader

"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Bing Maps 3D

"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons

"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor

"{38C9BDE0-59DB-4DE0-B4C9-AB2A6258108C}" = Löwenzahn 1

"{3D339202-76E6-4815-89D0-B59A8654B812}" = Loewenzahn 2

"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll

"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITECIR

"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger

"{49D41303-D839-40B5-9244-EED5C93C1EA0}" = Loewenzahn Lexikon

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent

"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support

"{55ADF430-E207-4683-943B-ACC7182ED71C}" = On s'entraîne 7

"{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software

"{5C3E7880-7F8B-4A06-A3C3-95509F092161}" = HP MediaSmart SmartMenu

"{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}" = Snagit 9.1.3

"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call

"{65761BAE-11E8-48FE-B30F-1F01011AB906}" = Die Sims™ 3 "Erstelle eine Welt"-Tool - Beta

"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV

"{676B241C-AED4-400B-98FF-267773B94B11}_is1" = QuickFreedom 1.2.0

"{67E9E6C6-ECEF-4195-B719-8788754297C6}" = inSSIDer

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}" = No23 Recorder

"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2

"{71702641-2849-45A4-8E62-4B85974B24A0}_is1" = BumpTop

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{7426D8C8-7323-4A3D-9F94-2465B95C26B5}" = TVCenter

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec

"{7BEF3442-262D-4316-9367-8D6AED374A4D}" = Networking USB Server

"{7CFC17CE-0A66-46B0-BA57-BF8AB674BF5C}" = Loewenzahn 6

"{7FD7F421-39B2-4CAC-BC41-7D83DDBAB329}" = HP 3D DriveGuard

"{8174AEA7-A8D5-450D-8340-51D409CA4D76}" = Sun VirtualBox

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour

"{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}" = DigitalPersona Personal 4.01

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007

"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars

"{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010

"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support

"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Touch Pad Driver

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9CCF5C3-4E30-42E6-992F-3D257B01E292}" = Loewenzahn 3

"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch

"{AD52574F-DE61-D435-93BE-C609634C0845}" = The Simpsons Unleashed

"{ADEBB98C-DCD0-4369-BC4A-71B342CF55B2}" = HT Fireman CD/DVD Burner

"{AE9E39ED-A41A-40D4-B4CD-858A6E41D881}" = Loewenzahn 4

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B94C6815-7BCC-4124-AC39-9208A06FFFA7}" = Disney-Pixar Ratatouille

"{BB1DFC2A-8B34-4632-B3B3-AD037E500A00}" = Multimedia Card Reader

"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3

"{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}" = iPhoneBrowser

"{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited

"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail

"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2

"{D3D1D696-84A8-465A-BC61-CDAC852B24CD}_is1" = Pod Photo Transfer, v2.2

"{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI

"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD

"{DDBB7C89-1A09-441E-AA0F-6AA465755C17}" = REALTEK DTV USB DEVICE

"{DE470016-1C64-11D5-982A-0050DA602C65}" = Löwenzahn 5

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Codeur Windows Media Série 9

"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime

"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F1415AF6-E4ED-4C12-A1A0-08B80177E96D}" = UpdateStar

"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL

"{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1" = AntiBrowserSpy

"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth

"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"7-Zip" = 7-Zip 9.10 beta

"Accent OFFICE Password Recovery" = Accent OFFICE Password Recovery 3.50

"Adobe AIR" = Adobe AIR

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"Adventure Maker v4.5.2_is1" = Adventure Maker v4.5.2 (build1)

"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010

"ASIO4ALL" = ASIO4ALL

"Banana60_is1" = Banana Buchhaltung 6.0

"BitTorrent" = BitTorrent

"Blender" = Blender (remove only)

"CCleaner" = CCleaner

"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI

"com.fox.simpsons.simpsonsgags.8DB2FB41E3AF9617470F9C3E78FDAAA51EF66383.1" = The Simpsons Unleashed

"Connectify" = Connectify

"CopyTrans Suite" = Nur Deinstallierung der CopyTrans Suite möglich.

"Direct MP3 Joiner_is1" = Direct MP3 Joiner version 3.0.1.5

"DivX Setup.divx.com" = DivX-Setup

"EA Download Manager" = EA Download Manager

"Easy WiFi Radar" = Easy WiFi Radar 1.0.3

"EasyBCD" = EasyBCD 1.7.2

"Ekahau HeatMapper" = Ekahau HeatMapper

"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!

"FileZilla Client" = FileZilla Client 3.2.7.1

"FL Studio 9" = FL Studio 9

"Franzis Fahrschule_is1" = Franzis Fahrschule

"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2

"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16

"Free YouTube Download_is1" = Free YouTube Download 2.4

"Free YouTube to iPhone Converter_is1" = Free YouTube to iPhone Converter version 2.3

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2

"FreePDF_XP" = FreePDF (Remove only)

"Game Booster_is1" = Game Booster

"Game Maker 8.0" = Game Maker 8.0

"Google Chrome" = Google Chrome

"GPL Ghostscript 8.71" = GPL Ghostscript 8.71

"Handbrake" = Handbrake 0.9.4

"Hardcore" = Hardcore

"HeadGames_BigGameHunter3UninstallKey" = Cabela's Big Game Hunter III

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"HotspotShield" = Hotspot Shield 1.37

"IL Download Manager" = IL Download Manager

"Incomedia WebSite X5 v8 - Smart" = Incomedia WebSite X5 v8 - Smart

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam

"InstallShield_{12F3BB85-62FB-476D-AAB9-9AB94AF864D4}" = Network Printer Wizard

"InstallShield_{2ADB5A6B-F8CE-4459-B89E-5E2FF2F26F64}" = Multimedia Card Reader

"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV

"InstallShield_{7BEF3442-262D-4316-9367-8D6AED374A4D}" = Networking USB Server

"InstallShield_{BB1DFC2A-8B34-4632-B3B3-AD037E500A00}" = Multimedia Card Reader

"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD

"InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010

"JAP" = JAP

"KLiteCodecPack_is1" = K-Lite Codec Pack 5.8.3 (Full)

"KoolMoves Demo_is1" = KoolMoves Demo 7.4

"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)

"Money2007b" = Microsoft Money 2007

"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)

"Network Stumbler" = Network Stumbler 0.4.0 (remove only)

"NVIDIA Drivers" = NVIDIA Drivers

"OpenAL" = OpenAL

"PBP Unpacker_is1" = PBP Unpacker v0.94

"PC Wizard 2009_is1" = PC Wizard 2009.1.91

"PE Builder_is1" = PE Builder 3.1.10a

"PoiZone" = PoiZone

"Pro Pinball : Fantastic Journey" = Pro Pinball : Fantastic Journey

"Protect Disc License Helper" = Protect Disc License Helper 1.0.118

"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11

"Q3 Buchhaltung standard" = Q-Buchhaltung

"Redirection Port Monitor" = RedMon - Redirection Port Monitor

"Sakura" = Sakura

"Samsung ML-1710 Series" = Samsung ML-1710 Series

"Sawer" = Sawer

"SpeedFan" = SpeedFan (remove only)

"Streamripper" = Streamripper (Remove only)

"Sweet Home 3D_is1" = Sweet Home 3D version 2.2

"TeamViewer 5" = TeamViewer 5

"tento" = tento

"The Simpsons Movie" = The Simpsons Movie Screen Saver

"TmNationsForever_is1" = TmNationsForever Update 2010-03-15

"Toxic Biohazard" = Toxic Biohazard

"TrueCrypt" = TrueCrypt

"TUGZip_is1" = TUGZip 3.5

"TVUPlayer" = TVUPlayer 2.5.2.2

"UltraISO_is1" = UltraISO Premium V9.36

"Uninstall_is1" = Uninstall 1.0.0.1

"UnrealIRCd_is1" = UnrealIRCd3.2.8.1

"Visual Folder Tree Builder 2.1_is1" = Visual Folder Tree Builder 2.1

"VLC media player" = VLC media player 1.0.3

"Winamp" = Winamp

"Windows Media Encoder 9" = Codeur Windows Media Série 9

"WinGimp-2.0_is1" = GIMP 2.6.8

"WinLiveSuite_Wave3" = Windows Live Essentials

"winscp3_is1" = WinSCP 4.2.6

"Zattoo4" = Zattoo4 4.0.4

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Flash EXE Builder 1.0" = Flash EXE Builder 1.0(remove only)

"Kellogg's Hit Studio" = Kellogg's Hit Studio

"Pirate Galaxy" = Pirate Galaxy

"Winamp Detect" = Winamp Erkennungs-Plug-in

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 27.05.2010 07:24:17 | Computer Name =*** | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 9937

 

Error - 27.05.2010 07:24:18 | Computer Name =***| Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 27.05.2010 07:24:18 | Computer Name =*** | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 11217

 

Error - 27.05.2010 07:24:18 | Computer Name = ***| Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 11217

 

Error - 27.05.2010 07:24:19 | Computer Name = ***| Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 27.05.2010 07:24:19 | Computer Name = *** | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 12621

 

Error - 27.05.2010 07:24:19 | Computer Name = *** | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 12621

 

Error - 27.05.2010 07:24:21 | Computer Name = *** | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 27.05.2010 07:24:21 | Computer Name =*** | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 13915

 

Error - 27.05.2010 07:24:21 | Computer Name = *** | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 13915

 

[ DigitalPersona Pro Events ]

Error - 04.02.2010 16:48:15 | Computer Name = *** | Source = DigitalPersona Pro | ID = 17827589

Description = DPHost kann nicht gestartet werden.    Fehler: 0x80070013

 

Error - 14.04.2010 05:40:15 | Computer Name = *** | Source = DigitalPersona Pro | ID = 17827841

Description = Eins-zu-eins-Fingerabdruckvergleich fehlgeschlagen.

 

[ Media Center Events ]

Error - 14.03.2010 04:07:29 | Computer Name =*** | Source = MCUpdate | ID = 0

Description = 09:07:29 - Directory konnte nicht abgerufen werden (Fehler: Die Verbindung

 mit dem Remoteserver kann nicht hergestellt werden.)  

 

Error - 14.03.2010 04:08:35 | Computer Name = *** | Source = MCUpdate | ID = 0

Description = 09:08:35 - MCESpotlight konnte nicht abgerufen werden (Fehler: Die

 zugrunde liegende Verbindung wurde geschlossen: Die Verbindung wurde unerwartet

 getrennt..)  

 

Error - 14.03.2010 04:10:45 | Computer Name =*** | Source = MCUpdate | ID = 0

Description = 09:10:45 - Broadband konnte nicht abgerufen werden (Fehler: Die Verbindung

 mit dem Remoteserver kann nicht hergestellt werden.)  

 

Error - 14.03.2010 04:11:40 | Computer Name = *** | Source = MCUpdate | ID = 0

Description = 09:11:27 - EpgListings konnte nicht abgerufen werden (Fehler: Die 

Verbindung mit dem Remoteserver kann nicht hergestellt werden.)  

 

Error - 14.03.2010 05:12:28 | Computer Name = ***| Source = MCUpdate | ID = 0

Description = 10:12:28 - Fehler beim Herstellen der Internetverbindung.  10:12:28 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 07.04.2010 09:49:00 | Computer Name = *** | Source = ehRecvr | ID = 3

Description = Auf dem TV-Tuner ist ein Fehler aufgetreten. (0x80070001) PCTV 100e/150e

 WDM TVTuner

 

Error - 08.04.2010 11:51:39 | Computer Name = ***| Source = MCUpdate | ID = 0

Description = 17:51:38 - Fehler beim Herstellen der Internetverbindung.  17:51:38 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 08.04.2010 11:52:26 | Computer Name =***| Source = MCUpdate | ID = 0

Description = 17:51:47 - Fehler beim Herstellen der Internetverbindung.  17:51:47 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 08.04.2010 12:52:30 | Computer Name = ***| Source = MCUpdate | ID = 0

Description = 18:52:30 - Fehler beim Herstellen der Internetverbindung.  18:52:30 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 08.04.2010 12:52:39 | Computer Name = *** | Source = MCUpdate | ID = 0

Description = 18:52:35 - Fehler beim Herstellen der Internetverbindung.  18:52:35 

-     Serververbindung konnte nicht hergestellt werden..  

 

[ System Events ]

Error - 17.05.2010 14:35:25 | Computer Name = *** | Source = cdrom | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

 

Error - 17.05.2010 14:35:25 | Computer Name = *** | Source = cdrom | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

 

Error - 17.05.2010 14:35:25 | Computer Name = *** | Source = cdrom | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

 

Error - 17.05.2010 14:40:19 | Computer Name = *** | Source = cdrom | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

 

Error - 17.05.2010 14:40:19 | Computer Name = *** | Source = cdrom | ID = 262155

Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

 

Error - 17.05.2010 15:09:49 | Computer Name = *** | Source = BTHUSB | ID = 327696

Description = Die beiderseitige Authentifizierung zwischen dem lokalen Bluetooth-Adapter

 und einem Gerät mit Bluetooth-Adapteradresse (d4:9a:20:27:01:35) ist fehlgeschlagen.

 

Error - 17.05.2010 16:38:58 | Computer Name = *** | Source = Service Control Manager | ID = 7011

Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung

 von Dienst lmhosts erreicht.

 

Error - 19.05.2010 05:54:52 | Computer Name = *** | Source = EventLog | ID = 6008

Description = Das System wurde zuvor am ?19.?05.?2010 um 11:53:02 unerwartet heruntergefahren.

 

Error - 22.05.2010 12:20:57 | Computer Name = *** | Source = EventLog | ID = 6008

Description = Das System wurde zuvor am ?22.?05.?2010 um 18:19:38 unerwartet heruntergefahren.

 

Error - 25.05.2010 15:29:40 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7011

Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung

 von Dienst Wlansvc erreicht.

 

 

< End of report >
--- --- ---

**************************************************
es gab auch noch eine Datei namens OTL braucht es die Auch?

Vielen Dank für die Hilfe...!

Liebe Grüsse
Dachziegel5