Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows Update und Windows Gadgets durch Virus blockiert

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.09.2010, 11:16   #1
Spladdy
 
Windows Update und Windows Gadgets durch Virus blockiert - Icon27

Windows Update und Windows Gadgets durch Virus blockiert



Hallo zusammen,

es ist zwar Sonntag, aber ich muss euch leider mit meinen "wehwehchen" nerven.
Ich hatte gestern einen Fraud.sysguard infekt, den ich durch Malewarebythes, Spybot und Antivir gelöscht habe (hoffe ich zmd). Smitfraudfix und cc cleaner sind auch schon drüber gelaufen.

Seitdiesem Infekt funktioniert mein Radiogadget bei den Windwos-Minianwendungen nicht mehr, Windows Update zeigt mit eine tolle Fehlermeldung und Antivir sowie auch andere automatische Updatesachen haben keine Verbindung zum Internet.
Weiß jemand woran das liegt ? Habe das gefühl, dass sich da nochmehr eingenistet hat, allerdings finden meine Programme nichts mehr.

Bitte um Hilfe =)
in diesem Sinne : schönes wochenende


>windows 7 32-bit home premium

__________________________________
HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:54:48, on 12.09.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
 
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
D:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Windows\System32\Ctxfihlp.exe
D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
D:\Programme\RocketDock\RocketDock.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
F:\Logitech\G15\NM Monitor\nmmonitor.exe
D:\Programme\RivaTuner\RivaTuner.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Users\Marko\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUMonitor.gadget\GPUMonitor.exe
C:\Windows\SYSTEM32\CTXFISPI.EXE
D:\Programme\Mozilla Firefox\firefox.exe
D:\Programme\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
F:\Spybot\HiJackThis204.exe
 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6092
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Programme\Real\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O4 - HKLM\..\Run: [avgnt] "D:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [RivaTuner] "D:\Programme\RivaTuner\RivaTunerWrapper.exe" /T
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "D:\Programme\RivaTuner\RivaTunerWrapper.exe" /S
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll",DllRegisterServer
O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.dll",DllRegisterServer
O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.dll",DllRegisterServer
O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\MP3SurroundDecode.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\MP3SurroundDecode.dll",DllRegisterServer
O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll",DllRegisterServer
O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer
O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer
O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer
O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer
O4 - HKCU\..\Run: [RocketDock] "D:\Programme\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user')
O4 - Startup: nmmonitor.exe - Verknüpfung.lnk = F:\Logitech\G15\NM Monitor\nmmonitor.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Marko\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AC144823-F474-49DE-991A-FB2148ECCBA1}: NameServer = 192.168.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{AC144823-F474-49DE-991A-FB2148ECCBA1}: NameServer = 192.168.2.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{AC144823-F474-49DE-991A-FB2148ECCBA1}: NameServer = 192.168.2.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Programme\Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - D:\Programme\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
 
--
End of file - 14787 bytes
         
--- --- ---
Miniaturansicht angehängter Grafiken
Windows Update und Windows Gadgets durch Virus blockiert-wu_fail.jpg  

Alt 13.09.2010, 07:00   #2
kira
/// Helfer-Team
 
Windows Update und Windows Gadgets durch Virus blockiert - Standard

Windows Update und Windows Gadgets durch Virus blockiert



Hallo und Herzlich Willkommen!

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:
Zitat:
  • "Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
    - da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
    - also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
  • Charakteristische Merkmale/Profilinformationen:
    - aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
  • Die Systemprüfung und Bereinigung:
    - kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
  • Innerhalb der Betreuungszeit:
    - ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
  • Die Reihenfolge:
    - genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
  • Ansonsten unsere Forumsregeln:
    - Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?
Hast du den Rechner bereits auf Viren überprüft? Folgende Ergebnisse möchte ich noch sehen:
Code:
ATTFilter
Antivir
Malwarebytes
         
1.
- Lade dir RSIT - http://filepony.de/download-rsit/:
- an einen Ort deiner Wahl und führe die rsit.exe aus
- wird "Hijackthis" auch von RSIT installiert und ausgeführt
- RSIT erstellt 2 Logfiles (C:\rsit\log.txt und C:\rsit\info.txt) mit erweiterten Infos von deinem System - diese beide bitte komplett hier posten

2.
Bitte Versteckte - und Systemdateien sichtbar machen den Link hier anklicken:
System-Dateien und -Ordner unter XP und Vista sichtbar machen
Am Ende unserer Arbeit, kannst wieder rückgängig machen!

3.
→ Lade Dir HJTscanlist.zip herunter
→ entpacke die Datei auf deinem Desktop
→ Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren
→ per Doppelklick starten
→ Wähle dein Betriebsystem aus - Vista
→ Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen
→ Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren
→ Bitte kopiere den Inhalt hier in Deinen Thread.

4.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool "Ccleaner" herunter
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

5.
läuft unter XP, Vista mit (32Bit) und Windows 7 (32Bit)
Achtung!:
WENN GMER NICHT AUSGEFÜHRT WERDEN KANN ODER PROBMLEME VERURSACHT, fahre mit dem nächsten Punkt fort!- Es ist NICHT sinnvoll einen zweiten Versuch zu starten!
Um einen tieferen Einblick in dein System, um eine mögliche Infektion mit einem Rootkit/Info v.wikipedia.org) aufzuspüren, werden wir ein Tool - Gmer - einsetzen :
  • - also lade Dir Gmer herunter und entpacke es auf deinen Desktop
    - starte gmer.exe
    - [b]schließe alle Programme, ausserdem Antiviren und andere Schutzprogramme usw müssen deaktiviert sein, keine Verbindung zum Internet, WLAN auch trennen)
    - bitte nichts am Pc machen während der Scan läuft!
    - klicke auf "Scan", um das Tool zu starten
    - wenn der Scan fertig ist klicke auf "Copy" (das Log wird automatisch in die Zwischenablage kopiert) und mit STRG + V musst Du gleich da einfügen
    - mit "Ok" wird GMER beendet.
    - das Log aus der Zwischenablage hier in Deinem Thread vollständig hineinkopieren

** keine Verbindung zu einem Netzwerk und Internet - WLAN nicht vergessen
Wenn der Scan beendet ist, bitte alle Programme und Tools wieder aktivieren!

6.
läuft unter XP, Vista mit (32Bit) und Windows 7 (32Bit)
Lade und installiere das Tool RootRepeal herunter
  • setze einen Hacken bei: "Drivers"-> "Scan"-> Save Report"...
  • "Stealth Objects" -> "Scan"-> Save Report"...
  • "Hidden Services" -> "Scan"-> Save Report"...
  • speichere das Logfile als "RootRepeal.txt" auf dem Desktop und Kopiere den Inhalt hier in den Thread

Zitat:
Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B hjtsanlist o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw
gruß
Coverflow
__________________


Alt 14.09.2010, 16:12   #3
Spladdy
 
Windows Update und Windows Gadgets durch Virus blockiert - Standard

Windows Update und Windows Gadgets durch Virus blockiert



Hi,

danke für deine ausführliche Hilfe !!

hier die Logfiles etc...

Malewarebytes Logfile

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4613

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

14.09.2010 16:45:30
mbam-log-2010-09-14 (16-45-30).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 151104
Laufzeit: 5 Minute(n), 8 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         
__________________

Alt 14.09.2010, 16:13   #4
Spladdy
 
Windows Update und Windows Gadgets durch Virus blockiert - Standard

Windows Update und Windows Gadgets durch Virus blockiert



RSIT

info.txt


Code:
ATTFilter
logfile of random's system information tool 1.08 2010-09-14 16:41:16
 
======Uninstall list======
 
-->C:\ProgramData\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x7 
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x7 
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x7 
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x7  /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x7 
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x7 
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x7 
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9  /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x7 
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x7  /remove
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
3DMark06-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -l0x9  -removeonly
7-Zip 4.62-->"D:\Programme\7-Zip\Uninstall.exe"
Acrobat.com-->msiexec /qb /x {C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}
Acrobat.com-->MsiExec.exe /I{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}
Adobe Acrobat 9 Pro - English, Français, Deutsch-->msiexec /I {AC76BA86-1033-F400-7760-000000000004}
Adobe After Effects CS4 Presets-->MsiExec.exe /I{44E240EC-2224-4078-A88B-2CEE0D3016EF}
Adobe After Effects CS4 Third Party Content-->MsiExec.exe /I{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}
Adobe After Effects CS4-->MsiExec.exe /I{45EC816C-0771-4C14-AE6D-72D1B578F4C8}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Asset Services CS4-->MsiExec.exe /I{B9F4561A-924D-4510-A85A-BB0960C338CB}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}
Adobe Color Video Profiles AE CS4-->MsiExec.exe /I{B15381DD-FF97-4FCD-A881-ED4DB0975500}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe Contribute CS4-->MsiExec.exe /I{A6EC82A0-1414-475D-8AFD-469089F3080D}
Adobe Creative Suite 4 Master Collection-->C:\Program Files\Common Files\Adobe\Installers\b2d6abde968e6f277ddbfd501383e02\Setup.exe --uninstall=1
Adobe Creative Suite 4 Master Collection-->MsiExec.exe /I{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}
Adobe CS4 American English Speech Analysis Models-->MsiExec.exe /I{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Dreamweaver CS4-->MsiExec.exe /I{30C8AA56-4088-426F-91D1-0EDFD3A25678}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
Adobe Encore CS4 Codecs-->MsiExec.exe /I{FB2A5FCC-B81B-48C2-A009-7804694D83E9}
Adobe Encore CS4-->MsiExec.exe /I{5EAD5443-7194-46CC-A055-428E6ABB1BAF}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Fireworks CS4-->MsiExec.exe /I{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}
Adobe Flash CS4 Extension - Flash Lite STI en-->MsiExec.exe /I{793D1D88-6141-43DE-BE58-59BCE31B4090}
Adobe Flash CS4 STI-en-->MsiExec.exe /I{2168245A-B5AD-40D8-A641-48E3E070B5B6}
Adobe Flash CS4-->MsiExec.exe /I{F6E99614-F042-4459-82B7-8B38B2601356}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Illustrator CS4-->MsiExec.exe /I{87532CAB-7932-4F84-8937-823337622807}
Adobe InDesign CS4 Application Feature Set Files (Roman)-->MsiExec.exe /I{2BAF2B96-7560-48B4-87D4-10178DDBE217}
Adobe InDesign CS4 Common Base Files-->MsiExec.exe /I{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}
Adobe InDesign CS4 Icon Handler-->MsiExec.exe /I{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}
Adobe InDesign CS4-->MsiExec.exe /I{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Encoder CS4 Additional Exporter-->MsiExec.exe /I{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}
Adobe Media Encoder CS4 Dolby-->MsiExec.exe /I{EE353798-E875-42E0-B58D-7E6696182EA8}
Adobe Media Encoder CS4 Exporter-->MsiExec.exe /I{561968FD-56A1-49FD-9ED0-F55482C7C5BC}
Adobe Media Encoder CS4 Importer-->MsiExec.exe /I{8186FF34-D389-4B7E-9A2F-C197585BCFBD}
Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe MotionPicture Color Files CS4-->MsiExec.exe /I{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}
Adobe OnLocation CS4-->MsiExec.exe /I{7406DF60-016D-476B-A2C7-55D997592047}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Premiere Pro CS4 Functional Content-->MsiExec.exe /I{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}
Adobe Premiere Pro CS4 Third Party Content-->MsiExec.exe /I{C938BE91-3BB5-4B84-9EF6-88F0505D0038}
Adobe Premiere Pro CS4-->MsiExec.exe /I{D499F8DE-3F31-4900-9157-61061613704B}
Adobe Reader 9 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A90000000001}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}
Adobe SGM CS4-->MsiExec.exe /I{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}
Adobe SING CS4-->MsiExec.exe /I{4A52555C-032A-4083-BDD9-6A85ABFB39A8}
Adobe Soundbooth CS4 Codecs-->MsiExec.exe /I{52232EF4-CC12-4C21-ABCF-ADB79618302D}
Adobe Soundbooth CS4-->MsiExec.exe /I{14F70205-1940-4000-88C7-BE799A6B2CAD}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe Version Cue CS4 Server-->MsiExec.exe /I{1B7C06E1-4888-47A6-992A-0990B9683486}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D}
Age of Empires III-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45} 
Apple Application Support-->MsiExec.exe /I{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}
Apple Mobile Device Support-->MsiExec.exe /I{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}
Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}
Avira AntiVir Premium-->D:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE
Battlefield 2(TM)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x7  -removeonly
Bonjour-->MsiExec.exe /X{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}
CameraHelperMsi-->MsiExec.exe /I{15634701-BACE-4449-8B25-1567DA8C9FD3}
Canon IJ Network Scan Utility-->"C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSU.exe" /UninstallRemove C:\Program Files\Canon\Canon IJ Network Scan Utility\uninst.ini
Canon IJ Network Tool-->C:\Program Files\Canon\Canon IJ Network Tool\CNMNUU.exe
Canon Kurzwahlprogramm-->"C:\Program Files\Canon\Speed Dial Utility\uninst.exe" /UninstallRemove C:\Program Files\Canon\Speed Dial Utility\uninst.ini
Canon MP Navigator EX 3.1-->"C:\Program Files\Canon\MP Navigator EX 3.1\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 3.1\uninst.ini
Canon MX340 series Benutzerregistrierung-->C:\Program Files\Canon\IJEREG\MX340 series\UNINST.EXE
Canon MX340 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series /L0x0007
Canon Utilities Easy-PhotoPrint EX-->D:\Programme\Canon\Easy-PhotoPrint EX\uninst.exe Uninst.ini uinstrsc.dll
Canon Utilities My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini uinstrsc.dll
CCleaner-->"D:\Programme\CCleaner\uninst.exe"
CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
C-Media USB2.0 Card Reader-->C:\Windows\CmiUCRUninstall.exe C:\Program Files\C-Media USB2.0 Card Reader
Command & Conquer 3-->MsiExec.exe /I{B0C30E93-D3D9-4F04-A2AC-54749B573275}
Command & Conquer™ 3: Kanes Rache-->MsiExec.exe /I{CC2422C9-F7B5-4175-B295-5EC2283AA674}
Command & Conquer™ 4 Tiberian Twilight-->MsiExec.exe /X{82696435-8572-4D8B-A230-D1AA567D0F0F}
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
Counter-Strike 1.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13B792AA-C078-43A4-8A3A-8B12D629940D}\Setup.exe" -l0x19 
Creative ALchemy-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x7  /remove
Creative Audio-Systemsteuerung-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x7  /remove
Creative Konsole Starter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x7  /remove
Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x7  /remove
Crysis WARHEAD(R) Patch-->"C:\ProgramData\{7451F7D5-591C-4490-8D3B-C73A69A0E782}\setup.exe" REMOVE=TRUE MODIFY=FALSE
Crysis WARHEAD(R) Patch-->C:\ProgramData\{7451F7D5-591C-4490-8D3B-C73A69A0E782}\setup.exe
Crysis WARHEAD(R)-->"C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe" REMOVE=TRUE MODIFY=FALSE
Crysis WARHEAD(R)-->C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
Crysis(R)-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
CyberLink BD Advisor 2.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}\Setup.exe"  -uninstall
CyberLink Blu-ray Disc Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink Blu-ray Disc Suite-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe"  -uninstall
CyberLink MediaShow-->"C:\Program Files\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\Setup.exe" /z-uninstall
CyberLink MediaShow-->"C:\Program Files\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink PowerDVD-->"C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
CyberLink PowerProducer-->"C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" /z-uninstall
CyberLink PowerProducer-->"C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" /z-uninstall
CyberLink UDF Reader 5.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{22D90DD2-8654-4E8A-B2F1-B6B86A2BF390}\Setup.exe"  -uninstall
DivX Converter-->C:\ProgramData\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER
DivX Plus DirectShow Filters-->C:\ProgramData\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe /DSFILTERS
DivX-Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
DolbyFiles-->MsiExec.exe /X{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}
Easy Tune 6 B09.1120.1-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{457D7505-D665-4F95-91C3-ECB8C56E9ACA} 
Eigenschaften von Creative Sound Blaster-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x7  /remove
erLT-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x0007 -removeonly
Fraps (remove only)-->"D:\Programme\Fraps\uninstall.exe"
Free Audio CD Burner version 1.4-->"C:\Program Files\DVDVideoSoft\Free Audio CD Burner\unins000.exe"
Free YouTube to MP3 Converter version 3.7-->"D:\Programme\Free YouTube to MP3 Converter\unins000.exe"
Grand Theft Auto IV-->"C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0007 -removeonly
Großer ADAC ReisePlaner 2008/2009-->"C:\Program Files\InstallShield Installation Information\{9A1D26C2-DC3A-4207-82B3-2983693869D1}\setup.exe" -runfromtemp -l0x0007 -removeonly
ICQ 7.2 Build #3129 Banner Remover 1.0-->"D:\Programme\ICQ-Banner-Remover\unins000.exe"
ICQ7.2-->"C:\Program Files\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
iPhone Explorer-->"D:\Programme\iPhone Explorer\unins000.exe"
iTunes-->MsiExec.exe /I{350FB27C-CF62-4EF3-AF9D-70FF313FE221}
James Cameron's AVATAR(tm): DAS SPIEL-->"C:\Program Files\InstallShield Installation Information\{7E19B002-4CA3-4C9F-BA92-91D101B97219}\setup.exe" -runfromtemp -l0x0007 -removeonly
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
LexiROM 2.0-->"D:\Programme\Microsoft Nachschlagewerke\LexiROM 2.0\Setup\setup.exe"
LG Tool Kit-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\Setup.exe" 
LightScribe System Software-->MsiExec.exe /X{CC8E94A2-55C7-4460-953C-2A790180578C}
Logitech GamePanel Software 3.06.109-->MsiExec.exe /X{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}
Logitech SetPoint-->"C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l0x0007 -removeonly
Logitech Webcam Software-->"C:\Program Files\Common Files\LogiShrd\Installer\{D40EB009-0499-459c-A8AF-C9C110766215}\setup.exe" /lang=DEU /guid="{D40EB009-0499-459c-A8AF-C9C110766215}"
Logitech Webcam Software-Treiberpaket-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\12.10.1110\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=200 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_12.10" /clone_wait /hide_progress
LogMeIn Hamachi-->C:\Windows\system32\\msiexec.exe /i {8A74DEFD-A224-49CC-AB80-4E88BC730125} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{8A74DEFD-A224-49CC-AB80-4E88BC730125}
LWS Facebook-->MsiExec.exe /I{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}
LWS Gallery-->MsiExec.exe /I{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}
LWS Help_main-->MsiExec.exe /I{1651216E-E7AD-4250-92A1-FB8ED61391C9}
LWS Launcher-->MsiExec.exe /I{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}
LWS Motion Detection-->MsiExec.exe /I{71E66D3F-A009-44AB-8784-75E2819BA4BA}
LWS Pictures And Video-->MsiExec.exe /I{08610298-29AE-445B-B37D-EFBE05802967}
LWS Video Mask Maker-->MsiExec.exe /I{EED027B7-0DB6-404B-8F45-6DFEE34A0441}
LWS VideoEffects-->MsiExec.exe /I{138A4072-9E64-46BD-B5F9-DB2BB395391F}
LWS Webcam Software-->MsiExec.exe /I{8937D274-C281-42E4-8CDB-A0B2DF979189}
LWS WLM Plugin-->MsiExec.exe /I{9DAEA76B-E50F-4272-A595-0124E826553D}
LWS YouTube Plugin-->MsiExec.exe /I{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}
Malwarebytes' Anti-Malware-->"D:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
Menu Templates - Starter Kit-->MsiExec.exe /X{B78120A0-CF84-4366-A393-4D0A59BC546C}
Microsoft .NET Framework 4 Client Profile DEU Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1031 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile DEU Language Pack-->MsiExec.exe /X{F750C986-5310-3A5A-95F8-4EC71C8AC01C}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{8FB1B528-E260-451E-9B55-E9152F94B80B}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F97E3841-CA9D-4964-9D64-26066241D26F}
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Groove MUI (German) 2007-->MsiExec.exe /X{90120000-00BA-0407-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (German) 2007-->MsiExec.exe /X{90120000-0044-0407-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.5-->MsiExec.exe /I{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Rechner-Plus-->MsiExec.exe /I{437C19B3-7E20-4E39-B868-CA6BAA820E1C}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Movie Templates - Starter Kit-->MsiExec.exe /X{E498385E-1C51-459A-B45F-1721E37AA1A0}
Mozilla Firefox (3.6.8)-->D:\Programme\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Need For Speed SHIFT-->"E:\Spiele\Need For Speed SHIFT\Uninstall\unins000.exe"
Need for Speed™ SHIFT-->hex(2):4d,00,73,00,69,00,45,00,78,00,65,00,63,00,2e,00,65,00,78,00,65,00,20,00,2f,00,58,00,7b,00,42,00,42,00,46,00,30,00,41,00,36,00,37,00,42,00,2d,00,35,00,44,00,42,00,41,00,2d,00,34,00,35,00,32,00,46,00,2d,00,39,00,44,00,32,00,45,00,2d,00,36,00,46,00,31,00,36,00,38,00,42,00,43,00,32,00,32,00,36,00,45,00,34,00,7d,00,00,00
Nero 9 Trial-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe  REMOVESERIALNUMBER="8M01-209M-AH6P-5UW0-WHAW-C53X-473X-79MH"
Nero BurnRights-->MsiExec.exe /X{7829DB6F-A066-4E40-8912-CB07887C20BB}
Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
Nero CoverDesigner-->MsiExec.exe /X{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}
Nero Disc Copy Gadget-->MsiExec.exe /X{F1861F30-3419-44DB-B2A1-C274825698B3}
Nero DiscSpeed-->MsiExec.exe /X{869200DB-287A-4DC0-B02B-2B6787FBCD4C}
Nero DriveSpeed-->MsiExec.exe /X{33CF58F5-48D8-4575-83D6-96F574E4D83A}
Nero InfoTool-->MsiExec.exe /X{FBCDFD61-7DCF-4E71-9226-873BA0053139}
Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
Nero PhotoSnap-->MsiExec.exe /X{9E82B934-9A25-445B-B8DF-8012808074AC}
Nero Recode-->MsiExec.exe /X{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}
Nero Rescue Agent-->MsiExec.exe /X{368BA326-73AD-4351-84ED-3C0A7A52CC53}
Nero ShowTime-->MsiExec.exe /X{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}
Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2}
Nero Vision-->MsiExec.exe /X{43E39830-1826-415D-8BAE-86845787B54B}
Nero WaveEditor-->MsiExec.exe /X{A209525B-3377-43F4-B886-32F6B6E7356F}
NeroBurningROM-->MsiExec.exe /X{D025A639-B9C9-417D-8531-208859000AF8}
NeroExpress-->MsiExec.exe /X{595A3116-40BB-4E0F-A2E8-D7951DA56270}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel
NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->"C:\Program Files\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -runfromtemp -l0x0407 -removeonly
NVIDIA ForceWare Network Access Manager-->MsiExec.exe /I{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
NVIDIA Performance-->"C:\Program Files\InstallShield Installation Information\{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}\setup.exe" -runfromtemp -l0x0407 -removeonly
NVIDIA Performance-->MsiExec.exe /I{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA System Monitor-->"C:\Program Files\InstallShield Installation Information\{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}\setup.exe" -runfromtemp -l0x0407 -removeonly
NVIDIA System Monitor-->MsiExec.exe /I{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}
NVIDIA System Update-->"C:\Program Files\InstallShield Installation Information\{65A92AAA-3D05-4C94-9F70-731C05E60C16}\setup.exe" -runfromtemp -l0x0407 -removeonly
NVIDIA System Update-->MsiExec.exe /I{65A92AAA-3D05-4C94-9F70-731C05E60C16}
OpenAL-->"C:\Program Files\OpenAL\OALInst.exe" /U
oZone3D.Net FurMark v1.7.0-->"D:\Programme\FurMark_v1.7.0\unins000.exe"
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
pdf24-->"D:\Programme\pdf24\unins000.exe"
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9}
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
QuickTime-->MsiExec.exe /I{EB900AF8-CC61-4E15-871B-98D1EA3E8025}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe"  -removeonly
RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition-->"D:\Programme\RivaTuner\uninstall.exe"
Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0007 -removeonly
Security Update for 2007 Microsoft Office System (KB2277947)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5857EE21-03D0-482E-9620-5A30B314A2AE}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office Outlook 2007 (KB980376)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {48113C06-9BA2-4D54-A731-D1D2C5B3144A}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office Publisher 2007 (KB982124)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {289FA8BC-6A8E-4341-B194-EB26B49E9F5D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2251419)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7E9103DA-253F-41FF-9E83-7C83806C77DA}
SiSoftware Sandra Lite 2010-->"D:\Programme\SiSoftware\SiSoftware Sandra Lite 2010\unins000.exe"
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SoundTrax-->MsiExec.exe /X{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
SUPER © Version 2009.bld.36 (June 10, 2009)-->D:\PROGRA~1\SUPER\Setup.exe /remove /q0
Tom Clancy's Splinter Cell Conviction-->"C:\Program Files\InstallShield Installation Information\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}\setup.exe" -runfromtemp -l0x0007 -removeonly
TuneUp Utilities-->D:\Programme\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall
Ubisoft Game Launcher-->"C:\Program Files\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409  -removeonly
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Outlook 2007 Junk Email Filter (kb2279264)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {01D475AB-57B1-44CC-8A8F-3A6B0FA4989F}
Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
Update für Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {F6828576-6F79-470D-AB50-69D1BBADBD30}
Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Virtual DJ - Atomix Productions-->D:\PROGRA~1\VIRTUA~3\UNWISE.EXE D:\PROGRA~1\VIRTUA~3\INSTALL.LOG
VLC media player 1.0.3-->D:\Programme\VLC\uninstall.exe
WD Diagnostics-->MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
Winamp-->"D:\Programme\Winamp\UninstWA.exe"
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}
Windows Live ID-Anmelde-Assistent-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR-->D:\Programme\WinRAR\uninstall.exe
WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}
 
======System event log======
 
Computer Name: Marko-Core2Quad
Event Code: 7036
Message: Dienst "Benutzerprofildienst" befindet sich jetzt im Status "Beendet".
Record Number: 93760
Source Name: Service Control Manager
Time Written: 20100523094637.220000-000
Event Type: Informationen
User: 
 
Computer Name: Marko-Core2Quad
Event Code: 7036
Message: Dienst "IPsec-Richtlinien-Agent" befindet sich jetzt im Status "Beendet".
Record Number: 93759
Source Name: Service Control Manager
Time Written: 20100523094637.220000-000
Event Type: Informationen
User: 
 
Computer Name: Marko-Core2Quad
Event Code: 7036
Message: Dienst "Plug & Play" befindet sich jetzt im Status "Beendet".
Record Number: 93758
Source Name: Service Control Manager
Time Written: 20100523094637.220000-000
Event Type: Informationen
User: 
 
Computer Name: Marko-Core2Quad
Event Code: 20010
Message: Der Status von mindestens einem Subsystem des Plug & Play-Dienstes hat sich geändert. 
 
PlugPlay-Installationssubsystem aktiviert: "false" 
PlugPlay-Zwischenspeicherungssubsystem aktiviert: "false" 
 
Record Number: 93757
Source Name: Microsoft-Windows-UserPnp
Time Written: 20100523094637.220000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
 
Computer Name: Marko-Core2Quad
Event Code: 7036
Message: Dienst "Stromversorgung" befindet sich jetzt im Status "Beendet".
Record Number: 93756
Source Name: Service Control Manager
Time Written: 20100523094637.220000-000
Event Type: Informationen
User: 
 
=====Application event log=====
 
Computer Name: 37L4247D28-05
Event Code: 1001
Message: Fehlerbucket , Typ 0
Ereignisname: PnPDriverNotFound
Antwort: Nicht verfügbar
CAB-Datei-ID: 0
 
Problemsignatur:
P1: x86
P2: PCI\VEN_10DE&DEV_0AA3&SUBSYS_0AA31458&REV_B1
P3: 
P4: 
P5: 
P6: 
P7: 
P8: 
P9: 
P10: 
 
Angefügte Dateien:
C:\Windows\Temp\DMI7416.tmp.log.xml
 
Diese Dateien befinden sich möglicherweise hier:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x86_3f579b17b8205aa3c391feb43aad634ece0c413_cab_06857473
 
Analysesymbol: 
Es wird erneut nach einer Lösung gesucht: 0
Berichts-ID: 2b66d900-e033-11de-9c55-c098735b2bac
Berichtstatus: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20091203174205.000000-000
Event Type: Informationen
User: 
 
Computer Name: 37L4247D28-05
Event Code: 5617
Message: Die Subsysteme des Windows-Verwaltungsinstrumentationsdienstes wurden erfolgreich initialisiert.
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20091203174127.000000-000
Event Type: Informationen
User: 
 
Computer Name: 37L4247D28-05
Event Code: 5615
Message: Der Windows-Verwaltungsinstrumentationsdienst wurde erfolgreich gestartet.
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20091203174125.000000-000
Event Type: Informationen
User: 
 
Computer Name: 37L4247D28-05
Event Code: 1531
Message: Der Benutzerprofildienst wurde erfolgreich gestartet.  
 
 
Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20091203174123.276400-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
 
Computer Name: 37L4247D28-05
Event Code: 4625
Message: Das EventSystem-Subsystem unterdrückt duplizierte Ereignisprotokolleinträge für eine Dauer von 86400 Sekunden. Dieses Zeitlimit kann durch den REG_DWORD-Wert SuppressDuplicateDuration unter folgendem Registrierungsschlüssel gesteuert werden: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20091203174123.000000-000
Event Type: Informationen
User: 
 
=====Security event log=====
 
Computer Name: Marko-Core2Quad
Event Code: 4647
Message: Benutzerinitiierte Abmeldung:
 
Antragsteller:
    Sicherheits-ID:        S-1-5-21-1148797400-2758010390-2342801227-1000
    Kontoname:        Marko
    Kontodomäne:        Marko-Core2Quad
    Anmelde-ID:        0x1dbdc
 
Dieses Ereignis wird generiert, wenn eine Abmeldung initiiert wird. Es kann keine weitere benutzerinitiierte Aktivität erfolgen. Dieses Ereignis kann als Abmeldeereignis interpretiert werden.
Record Number: 832
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091206125822.167200-000
Event Type: Überwachung erfolgreich
User: 
 
Computer Name: Marko-Core2Quad
Event Code: 4672
Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen.
 
Antragsteller:
    Sicherheits-ID:        S-1-5-18
    Kontoname:        SYSTEM
    Kontodomäne:        NT-AUTORITÄT
    Anmelde-ID:        0x3e7
 
Berechtigungen:        SeAssignPrimaryTokenPrivilege
            SeTcbPrivilege
            SeSecurityPrivilege
            SeTakeOwnershipPrivilege
            SeLoadDriverPrivilege
            SeBackupPrivilege
            SeRestorePrivilege
            SeDebugPrivilege
            SeAuditPrivilege
            SeSystemEnvironmentPrivilege
            SeImpersonatePrivilege
Record Number: 831
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091206123145.178400-000
Event Type: Überwachung erfolgreich
User: 
 
Computer Name: Marko-Core2Quad
Event Code: 4624
Message: Ein Konto wurde erfolgreich angemeldet.
 
Antragsteller:
    Sicherheits-ID:        S-1-5-18
    Kontoname:        MARKO-CORE2QUAD$
    Kontodomäne:        WORKGROUP
    Anmelde-ID:        0x3e7
 
Anmeldetyp:            5
 
Neue Anmeldung:
    Sicherheits-ID:        S-1-5-18
    Kontoname:        SYSTEM
    Kontodomäne:        NT-AUTORITÄT
    Anmelde-ID:        0x3e7
    Anmelde-GUID:        {00000000-0000-0000-0000-000000000000}
 
Prozessinformationen:
    Prozess-ID:        0x22c
    Prozessname:        C:\Windows\System32\services.exe
 
Netzwerkinformationen:
    Arbeitsstationsname:    
    Quellnetzwerkadresse:    -
    Quellport:        -
 
Detaillierte Authentifizierungsinformationen:
    Anmeldeprozess:        Advapi  
    Authentifizierungspaket:    Negotiate
    Übertragene Dienste:    -
    Paketname (nur NTLM):    -
    Schlüssellänge:        0
 
Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.
 
Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".
 
Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).
 
Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.
 
Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.
 
Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
     - Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
    - Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
    - Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
    - Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
Record Number: 830
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091206123145.178400-000
Event Type: Überwachung erfolgreich
User: 
 
Computer Name: Marko-Core2Quad
Event Code: 4672
Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen.
 
Antragsteller:
    Sicherheits-ID:        S-1-5-18
    Kontoname:        SYSTEM
    Kontodomäne:        NT-AUTORITÄT
    Anmelde-ID:        0x3e7
 
Berechtigungen:        SeAssignPrimaryTokenPrivilege
            SeTcbPrivilege
            SeSecurityPrivilege
            SeTakeOwnershipPrivilege
            SeLoadDriverPrivilege
            SeBackupPrivilege
            SeRestorePrivilege
            SeDebugPrivilege
            SeAuditPrivilege
            SeSystemEnvironmentPrivilege
            SeImpersonatePrivilege
Record Number: 829
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091206123144.333400-000
Event Type: Überwachung erfolgreich
User: 
 
Computer Name: Marko-Core2Quad
Event Code: 4624
Message: Ein Konto wurde erfolgreich angemeldet.
 
Antragsteller:
    Sicherheits-ID:        S-1-5-18
    Kontoname:        MARKO-CORE2QUAD$
    Kontodomäne:        WORKGROUP
    Anmelde-ID:        0x3e7
 
Anmeldetyp:            5
 
Neue Anmeldung:
    Sicherheits-ID:        S-1-5-18
    Kontoname:        SYSTEM
    Kontodomäne:        NT-AUTORITÄT
    Anmelde-ID:        0x3e7
    Anmelde-GUID:        {00000000-0000-0000-0000-000000000000}
 
Prozessinformationen:
    Prozess-ID:        0x22c
    Prozessname:        C:\Windows\System32\services.exe
 
Netzwerkinformationen:
    Arbeitsstationsname:    
    Quellnetzwerkadresse:    -
    Quellport:        -
 
Detaillierte Authentifizierungsinformationen:
    Anmeldeprozess:        Advapi  
    Authentifizierungspaket:    Negotiate
    Übertragene Dienste:    -
    Paketname (nur NTLM):    -
    Schlüssellänge:        0
 
Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.
 
Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".
 
Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).
 
Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.
 
Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.
 
Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
     - Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
    - Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
    - Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
    - Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
Record Number: 828
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091206123144.333400-000
Event Type: Überwachung erfolgreich
User: 
 
======Environment variables======
 
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Common Files\DivX Shared\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files\Common Files\Nero\Lib\;C:\Program Files\Common Files\Apple\Mobile Device Support\bin\;C:\Program Files\Common Files\Apple\Apple Application Support\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=1707
"SAN_DIR"=D:\Programme\SiSoftware\SiSoftware Sandra Lite 2010
"RGSCLauncher"=H:\Spiele\Rockstar Games\Rockstar Games Social Club
"RGSC"=H:\Spiele\Rockstar Games\Rockstar Games Social Club\1_0_0_0
"asl.log"=Destination=file;OnFirstLog=command,environment
"CLASSPATH"=.;D:\Programme\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=D:\Programme\Java\jre6\lib\ext\QTJava.zip
 
-----------------EOF-----------------
         
--- --- ---


log.txt

RSIT Logfile:
Code:
ATTFilter
Logfile of random's system information tool 1.08 (written by random/random)
Run by xxx at 2010-09-14 16:41:05
Microsoft Windows 7 Home Premium  
System drive C: has 100 GB (67%) free of 150 GB
Total RAM: 3327 MB (60% free)
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:41:14, on 14.09.2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
 
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
D:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\Ctxfihlp.exe
D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
D:\Programme\RocketDock\RocketDock.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
F:\Logitech\G15\NM Monitor\nmmonitor.exe
D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
D:\Programme\RivaTuner\RivaTuner.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Windows\SYSTEM32\CTXFISPI.EXE
C:\Users\Marko\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUMonitor.gadget\GPUMonitor.exe
D:\Programme\Mozilla Firefox\firefox.exe
D:\Programme\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
D:\Programme\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Marko\Desktop\RSIT.exe
C:\Program Files\trend micro\Marko.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Programme\Real\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O4 - HKLM\..\Run: [avgnt] "D:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [RivaTuner] "D:\Programme\RivaTuner\RivaTunerWrapper.exe" /T
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "D:\Programme\RivaTuner\RivaTunerWrapper.exe" /S
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKCU\..\Run: [RocketDock] "D:\Programme\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user')
O4 - Startup: nmmonitor.exe - Verknüpfung.lnk = F:\Logitech\G15\NM Monitor\nmmonitor.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Marko\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AC144823-F474-49DE-991A-FB2148ECCBA1}: NameServer = 192.168.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{AC144823-F474-49DE-991A-FB2148ECCBA1}: NameServer = 192.168.2.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{AC144823-F474-49DE-991A-FB2148ECCBA1}: NameServer = 192.168.2.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Programme\Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - D:\Programme\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
 
--
End of file - 13827 bytes
 
======Scheduled tasks folder======
 
C:\Windows\tasks\Automatische Wartung.job
C:\Windows\tasks\brs.exe_20100218_183231_0539.job
C:\Windows\tasks\brs.exe_20100218_205404_0673.job
C:\Windows\tasks\PDVDServ.EXE_20100218_183235_0816.job
C:\Windows\tasks\PDVDServ.EXE_20100218_205409_0682.job
C:\Windows\tasks\SidebarExecute.job
C:\Windows\tasks\{0573519D-DF95-4934-9530-B23267EACD99}.job
C:\Windows\tasks\{12739128-407D-4DB8-80B3-577F199F1572}.job
C:\Windows\tasks\{5438C122-0EC3-4ECF-B357-4D3F4CA1A8BB}.job
C:\Windows\tasks\{6FC708E8-D1A8-4975-864D-F5194212C43A}.job
C:\Windows\tasks\{D8514EF7-1317-480C-A975-389FDA41E8A8}.job
 
======Registry dump======
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - D:\Programme\Real\rpbrowserrecordplugin.dll [2009-12-03 329312]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID-Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Programme\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=D:\Programme\Avira\AntiVir Desktop\avgnt.exe [2010-03-26 282792]
"RivaTuner"=D:\Programme\RivaTuner\RivaTunerWrapper.exe [2009-08-22 24576]
"RivaTunerStartupDaemon"=D:\Programme\RivaTuner\RivaTunerWrapper.exe [2009-08-22 24576]
""= []
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2009-06-17 55824]
"CTxfiHlp"=C:\Windows\system32\CTXFIHLP.EXE [2010-05-05 25600]
"Malwarebytes' Anti-Malware"=D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584]
"IJNetworkScanUtility"=C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2009-09-28 140640]
"Launch LgDeviceAgent"=C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [2010-08-03 358472]
"Launch LCDMon"=C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2010-08-03 1809992]
"Launch LGDCore"=C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [2010-08-03 3649096]
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=D:\Programme\RocketDock\RocketDock.exe [2007-09-02 495616]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
D:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2010-06-19 640440]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
D:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2010-06-19 38840]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2009-12-14 611712]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO]
C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE [2008-08-15 378224]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe []
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files\Cyberlink\Shared Files\brs.exe [2009-09-04 75048]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
D:\Programme\CyberLink\Power2Go\CLMLSvc.exe [2008-07-18 104936]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Programme\D-Tools\DTLite.exe [2009-10-30 369200]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
E:\Spiele\Electronic Arts\EADM\Core.exe -silent []
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
D:\Programme\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
D:\Programme\ICQ7.2\ICQ.exe [2010-06-28 133368]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
D:\Programme\ICQLite\ICQLite.exe -minimize []
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020 []
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
D:\Programme\iTunes\iTunesHelper.exe [2010-09-01 421160]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
D:\Programme\CyberLink\PowerDVD\Language\Language.exe [2009-04-16 62760]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU]
C:\Program Files\lg_fwupdate\fwupdate.exe [2010-02-18 557056]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\Webcam\Logitech WebCam Software\LWS.exe /hide []
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
D:\Programme\Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2010-05-07 165208]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NM Monitor]
F:\Logitech\G15\NM Monitor\nmmonitor.exe [2010-04-26 1810432]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
D:\Programme\CyberLink\PowerDVD\PDVDServ.exe [2009-04-16 87336]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-12-03 198160]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
D:\Programme\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-02-21 222504]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
D:\Programme\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-09-24 210216]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut]
D:\Programme\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
D:\Programme\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [2008-10-20 210216]
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marko^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk]
C:\PROGRA~1\Logitech\Webcam\LOGITE~1\eReg.exe /remind /language=DEU /_WFM=. []
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marko^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk]
D:\PROGRA~1\MICROS~1\Office12\ONENOTEM.EXE [2009-02-26 97680]
 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Programme\Logitech\SetPoint\SetPoint.exe
 
C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
nmmonitor.exe - Verknüpfung.lnk - F:\Logitech\G15\NM Monitor\nmmonitor.exe
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll [2009-07-20 72208]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRecentDocsNetHood"=1
"NoDrives"=0x00000000
"NoDriveTypeAutoRun"=145
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
 
======File associations======
 
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
 
======List of files/folders created in the last 1 months======
 
2010-09-14 16:41:07 ----D---- C:\Program Files\trend micro
2010-09-14 16:41:05 ----D---- C:\rsit
2010-09-12 13:44:52 ----D---- C:\Program Files\iPod
2010-09-12 13:43:29 ----D---- C:\Program Files\QuickTime
2010-09-12 13:42:39 ----D---- C:\Program Files\Apple Software Update
2010-09-12 13:41:54 ----D---- C:\Program Files\Bonjour
2010-09-12 13:13:01 ----A---- C:\Windows\system32\CNMXLMA5.DLL
2010-09-12 10:31:34 ----A---- C:\Windows\system32\o4Patch.exe
2010-09-11 18:56:47 ----D---- C:\Users\Marko\AppData\Roaming\citidcgjg
2010-09-10 16:30:38 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-09-10 16:30:38 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-09-10 00:04:54 ----D---- C:\Program Files\Avira
2010-09-09 22:01:07 ----D---- C:\Users\Marko\AppData\Roaming\vnckrnaux
2010-09-09 22:00:37 ----D---- C:\Users\Marko\AppData\Roaming\E7270447A11B5D97670355A83EA350FD
2010-09-05 18:01:02 ----D---- C:\Users\Marko\AppData\Roaming\Canon
2010-09-05 17:42:10 ----A---- C:\Windows\system32\SETC52D.tmp
2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNHMCA.dll
2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNC340U.dll
2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNC340L.dll
2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNC340I.dll
2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNC340C.dll
2010-09-05 17:38:49 ----D---- C:\Program Files\Common Files\CANON
2010-09-05 17:37:25 ----HD---- C:\ProgramData\CanonBJ
2010-09-05 17:37:18 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2010-09-05 17:37:05 ----A---- C:\Windows\system32\CNMLMA5.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkUS.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkTW.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkTR.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkTH.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkSE.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkRU.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkPT.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkPL.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkNO.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkNL.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkKR.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkJP.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkIT.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkID.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkHU.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkGR.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkFR.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkFI.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkES.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkDK.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkDE.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkCZ.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkCN.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkAR.DLL
2010-09-05 17:36:59 ----A---- C:\Windows\system32\CNCFMSk.EXE
2010-09-05 17:36:59 ----A---- C:\Windows\system32\CNCF2Lk.DLL
2010-09-05 17:36:51 ----A---- C:\Windows\system32\CNMIUA5.DLL
2010-09-05 17:36:40 ----HD---- C:\Program Files\CanonBJ
2010-09-05 17:36:31 ----D---- C:\Windows\system32\STRING
2010-09-05 17:36:31 ----A---- C:\Windows\system32\CNMNPUI.DLL
2010-09-05 17:36:31 ----A---- C:\Windows\system32\CNMNPPM.DLL
2010-09-05 17:36:30 ----D---- C:\Windows\system32\CHM
2010-09-05 17:34:41 ----D---- C:\Program Files\Canon
2010-08-30 23:12:10 ----N---- C:\Windows\system32\oleaut32.dll
2010-08-30 23:12:10 ----A---- C:\Windows\system32\oleaut32(815).dll
2010-08-30 19:08:13 ----D---- C:\Users\Marko\AppData\Roaming\NVIDIA
2010-08-30 19:07:46 ----A---- C:\Windows\system32\XAudio2_7.dll
2010-08-30 19:07:46 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2010-08-30 19:07:46 ----A---- C:\Windows\system32\xactengine3_7.dll
2010-08-30 19:07:46 ----A---- C:\Windows\system32\D3DX9_43.dll
2010-08-30 19:07:46 ----A---- C:\Windows\system32\d3dx11_43.dll
2010-08-30 19:07:46 ----A---- C:\Windows\system32\d3dx10_43.dll
2010-08-30 19:07:46 ----A---- C:\Windows\system32\d3dcsx_43.dll
2010-08-30 19:07:46 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2010-08-30 19:07:45 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-08-30 19:07:45 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-08-30 19:07:45 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-08-30 19:07:45 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-08-29 19:58:01 ----RA---- C:\Windows\system32\AdobePDFUI.dll
2010-08-19 09:40:35 ----D---- C:\Users\Marko\AppData\Roaming\Vodafone
2010-08-19 09:40:35 ----D---- C:\Users\Marko\AppData\Roaming\Bytemobile
2010-08-19 09:40:06 ----D---- C:\ProgramData\Vodafone
2010-08-19 09:39:59 ----D---- C:\Program Files\Vodafone
2010-08-19 09:39:28 ----A---- C:\Windows\system32\SpOrder.dll
 
======List of files/folders modified in the last 1 months======
 
2010-09-14 16:41:14 ----D---- C:\Windows\Temp
2010-09-14 16:41:07 ----D---- C:\Program Files
2010-09-14 16:35:54 ----D---- C:\ProgramData\NVIDIA
2010-09-14 16:35:53 ----D---- C:\Windows\system32\logishrd
2010-09-13 23:52:15 ----D---- C:\Windows\System32
2010-09-13 23:49:48 ----D---- C:\Windows
2010-09-13 23:49:15 ----D---- C:\Windows\AppPatch
2010-09-13 23:46:58 ----D---- C:\Windows\system32\LogFiles
2010-09-13 22:20:14 ----D---- C:\Users\Marko\AppData\Roaming\ICQ
2010-09-13 19:15:51 ----SHD---- C:\System Volume Information
2010-09-12 23:01:39 ----D---- C:\Windows\system32\config
2010-09-12 22:56:45 ----D---- C:\Users\Marko\AppData\Roaming\Skype
2010-09-12 22:56:02 ----D---- C:\Windows\system32\drivers
2010-09-12 20:56:46 ----D---- C:\Users\Marko\AppData\Roaming\skypePM
2010-09-12 13:58:59 ----D---- C:\Boot
2010-09-12 13:58:03 ----D---- C:\Windows\system32\catroot
2010-09-12 13:45:28 ----SHD---- C:\Windows\Installer
2010-09-12 13:45:23 ----SHD---- C:\Config.Msi
2010-09-12 13:44:52 ----D---- C:\Program Files\Common Files\Apple
2010-09-12 13:42:33 ----D---- C:\Windows\inf
2010-09-12 13:42:17 ----D---- C:\Windows\system32\DriverStore
2010-09-12 13:29:53 ----D---- C:\Windows\Minidump
2010-09-12 13:15:45 ----D---- C:\ProgramData\Logitech
2010-09-12 13:13:14 ----D---- C:\Windows\system32\catroot2
2010-09-12 13:12:36 ----D---- C:\ProgramData
2010-09-12 13:12:32 ----D---- C:\Windows\twain_32
2010-09-12 13:07:26 ----D---- C:\Users\Marko\AppData\Roaming\Taypy
2010-09-12 13:04:15 ----D---- C:\Windows\system32\wbem
2010-09-12 13:03:11 ----D---- C:\Windows\winsxs
2010-09-12 13:03:11 ----D---- C:\Windows\Tasks
2010-09-12 13:03:11 ----D---- C:\Windows\system32\wfp
2010-09-12 13:03:11 ----D---- C:\Users
2010-09-12 13:03:10 ----D---- C:\Windows\system32\Tasks
2010-09-12 13:03:06 ----D---- C:\Windows\system32\CodeIntegrity
2010-09-12 13:03:05 ----D---- C:\Windows\Media
2010-09-12 13:03:05 ----D---- C:\Windows\Downloaded Program Files
2010-09-12 13:03:05 ----D---- C:\Users\Marko\AppData\Roaming\Winamp
2010-09-12 13:03:05 ----D---- C:\Users\Marko\AppData\Roaming\Kaam
2010-09-12 13:03:00 ----D---- C:\ProgramData\DivX
2010-09-12 13:03:00 ----D---- C:\ProgramData\Apple Computer
2010-09-12 13:02:58 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-12 13:02:57 ----D---- C:\Program Files\DVDVideoSoft
2010-09-12 13:02:57 ----D---- C:\Program Files\DivX
2010-09-12 13:02:57 ----D---- C:\Program Files\Common Files\PX Storage Engine
2010-09-12 13:02:57 ----D---- C:\Program Files\Common Files\Logishrd
2010-09-12 13:02:57 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-09-12 13:02:56 ----D---- C:\Program Files\Common Files
2010-09-12 13:02:55 ----D---- C:\NVIDIA
2010-09-12 13:02:47 ----D---- C:\Windows\registration
2010-09-12 13:01:41 ----D---- C:\Users\Marko\AppData\Roaming\Adobe
2010-09-12 13:01:34 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-09-10 18:39:46 ----D---- C:\Windows\Sun
2010-09-10 17:46:07 ----D---- C:\Windows\debug
2010-09-09 22:33:02 ----D---- C:\Windows\SoftwareDistribution
2010-09-04 13:07:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-02 17:10:49 ----D---- C:\ProgramData\Adobe
2010-08-31 16:12:49 ----A---- C:\Windows\ULead32.ini
2010-08-30 19:07:59 ----D---- C:\Program Files\NVIDIA Corporation
2010-08-30 19:07:37 ----D---- C:\Windows\assembly
2010-08-26 14:40:34 ----A---- C:\Windows\system32\authuitu(812).dll
2010-08-26 14:40:24 ----A---- C:\Windows\system32\uxtuneup(813).dll
2010-08-25 18:16:51 ----A---- C:\Windows\system32\ssprs.dll
2010-08-25 18:16:50 ----A---- C:\Windows\system32\lsprst7.dll
2010-08-25 18:16:50 ----A---- C:\Windows\SurCode.INI
2010-08-15 13:44:35 ----D---- C:\Users\Marko\AppData\Roaming\vlc
 
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R0 CLBStor;CyberLink InstantBurn UDF Reader Help Driver; C:\Windows\system32\drivers\CLBStor.sys [2008-10-20 10368]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-02-06 44608]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-03 691696]
R1 avgio;avgio; \??\D:\Programme\Avira\AntiVir Desktop\avgio.sys [2009-12-03 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-26 124784]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 hwinterface;hwinterface; C:\Windows\System32\Drivers\hwinterface.sys [2009-12-03 2996]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-12-03 28520]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2009-12-14 73312]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-03-26 60936]
R2 CLBUDFR;CyberLink UDF Filesystem; C:\Windows\system32\drivers\CLBUDFR.sys [2008-10-20 154368]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 vcs;vcs; \??\D:\Programme\AV VCS 3.0 Gold\vcs.sys [2003-04-30 6852]
R3 CMISTOR;CMIUCR.SYS CM320/CM220 Card Reader Driver; C:\Windows\system32\DRIVERS\cmiucr.SYS [2007-09-10 95616]
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [2010-05-05 171096]
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2010-05-05 511064]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2010-05-05 526296]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS [2010-05-05 1324120]
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS [2010-05-05 72792]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2010-05-05 14424]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2010-05-05 158808]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2006-12-26 34760]
R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2010-05-05 95832]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2010-05-05 1178200]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-23 14856]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392]
R3 LVPr2Mon;LVPr2Mon Driver; C:\Windows\system32\Drivers\LVPr2Mon.sys [2010-05-07 25824]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2010-05-15 276448]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\lvusbsta.sys [2005-01-31 22016]
R3 LVUVC;Logitech Webcam Pro 9000(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2010-05-15 6842592]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2010-04-29 20952]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2010-04-29 38224]
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6232.sys [2009-07-30 287392]
R3 nvoclock;NVIDIA Enthusiasts Platform KDM; C:\Windows\system32\DRIVERS\nvoclock.sys [2009-09-15 38248]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-08-24 15872]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2010-05-05 130136]
R3 RivaTuner32;RivaTuner32; \??\D:\Programme\RivaTuner\RivaTuner32.sys [2009-08-22 9088]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 AODDriver;AODDriver; \??\C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys [2009-02-23 7168]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS [2010-05-05 171096]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\Windows\system32\drivers\ctdvda2k.sys [2010-05-05 347144]
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS [2010-05-05 1324120]
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS [2010-05-05 72792]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2004-10-25 21664]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2010-01-09 17488]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-03-06 17488]
S3 GVTDrv;GVTDrv; \??\C:\Windows\system32\Drivers\GVTDrv.sys [2010-03-06 24944]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-11-03 2790048]
S3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-09-08 1063712]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2005-01-31 211712]
S3 SANDRA;SANDRA; \??\D:\Programme\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x86\Sandra.sys [2009-08-08 23112]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-04-19 41984]
S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
 
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R2 AntiVirMailService;Avira AntiVir MailGuard; D:\Programme\Avira\AntiVir Desktop\avmailc.exe [2010-04-19 337064]
R2 AntiVirSchedulerService;Avira AntiVir Planer; D:\Programme\Avira\AntiVir Desktop\sched.exe [2010-03-26 135336]
R2 AntiVirService;Avira AntiVir Guard; D:\Programme\Avira\AntiVir Desktop\avguard.exe [2010-04-19 267432]
R2 AntiVirWebService;Avira AntiVir WebGuard; D:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE [2010-04-19 405672]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 Bonjour Service;Dienst "Bonjour"; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-08-10 387616]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; D:\Programme\Hamachi\hamachi-2.exe [2010-03-30 1107336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 162648]
R2 MBAMService;MBAMService; D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-08-10 178720]
R2 nTuneService;Performance Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2010-03-22 191080]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-08-11 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2010-08-11 107832]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-08-26 1051968]
R2 UpdateCenterService;Update Center Service; C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe [2009-11-06 195176]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2009-12-14 288112]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-02-18 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-12-03 79360]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-12-06 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2010-09-01 820008]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [2009-07-20 121360]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Programme\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; D:\Programme\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe [2009-08-24 93336]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-11-15 320760]
S3 TuneUp.Defrag;@D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-09-11 435008]
 
-----------------EOF-----------------
         
--- --- ---

Alt 14.09.2010, 16:15   #5
Spladdy
 
Windows Update und Windows Gadgets durch Virus blockiert - Standard

Windows Update und Windows Gadgets durch Virus blockiert



CC Cleaner (Programme)

Code:
ATTFilter
3DMark06    Futuremark    03.12.2009        1.0.2
7-Zip 4.62        03.12.2009        
Acrobat.com    Adobe Systems Incorporated    05.12.2009        1.2.443
Adobe AIR    Adobe Systems Inc.    08.04.2010        1.5.3.9130
Adobe Creative Suite 4 Master Collection    Adobe Systems Incorporated    05.12.2009    933,4MB    4.0
Adobe Flash Player 10 ActiveX    Adobe Systems Incorporated    02.07.2010    6,00MB    10.1.53.64
Adobe Flash Player 10 Plugin    Adobe Systems Incorporated    27.08.2010    6,00MB    10.1.82.76
Adobe Media Player    Adobe Systems Incorporated    05.12.2009        1.1
Adobe Reader 9 - Deutsch    Adobe Systems Incorporated    02.12.2009    194,7MB    9.0.0
Age of Empires III    Microsoft Game Studios    19.12.2009    2.113,9MB    1.00.0000
Apple Application Support    Apple Inc.    11.09.2010    42,8MB    1.3.2
Apple Mobile Device Support    Apple Inc.    11.09.2010    20,1MB    3.2.0.47
Apple Software Update    Apple Inc.    11.09.2010    2,26MB    2.1.2.120
Avira AntiVir Premium    Avira GmbH    21.04.2010        10.0.0.603
Battlefield 2(TM)        10.12.2009        
Bonjour    Apple Inc.    11.09.2010    0,76MB    2.0.3.0
C-Media USB2.0 Card Reader        03.12.2009        
Canon IJ Network Scan Utility        11.09.2010        
Canon IJ Network Tool        11.09.2010        
Canon Kurzwahlprogramm        04.09.2010        
Canon MP Navigator EX 3.1        04.09.2010        
Canon MX340 series Benutzerregistrierung        04.09.2010        
Canon MX340 series MP Drivers        04.09.2010        
Canon Utilities Easy-PhotoPrint EX        04.09.2010        
Canon Utilities My Printer        04.09.2010        
CCleaner    Piriform    02.08.2010        2.34
Command & Conquer 3    Ihr Firmenname    26.12.2009    1.210,3MB    1.00.0000
Command & Conquer™ 3: Kanes Rache    Ihr Firmenname    26.12.2009    3.365,8MB    1.00.0000
Command & Conquer™ 4 Tiberian Twilight    Electronic Arts    02.08.2010    422,2MB    1.0.0.0
Counter-Strike 1.6        01.01.2010        1.00.0000
Creative ALchemy    Creative Technology Limited    17.02.2010        1.41
Creative Audio-Systemsteuerung    Creative Technology Limited    02.08.2010        2.00
Creative Konsole Starter    Creative Technology Limited    02.12.2009        
Creative Software AutoUpdate    Creative Technology Limited    02.08.2010        1.40
Crysis WARHEAD(R)    Electronic Arts    11.02.2010        
Crysis WARHEAD(R) Patch    Electronic Arts    11.02.2010        
Crysis(R)    Electronic Arts    01.01.2010    2.959,3MB    1.21.0000
CyberLink BD Advisor 2.0        17.02.2010        
CyberLink Blu-ray Disc Suite    CyberLink Corp.    17.02.2010    12,4MB    6.0.2201
CyberLink LabelPrint    CyberLink Corp.    17.02.2010        2.0.3301
CyberLink MediaShow    CyberLink Corp.    17.02.2010    186,9MB    4.1.2124
CyberLink Power2Go    CyberLink Corp.    17.02.2010    99,7MB    6.0.2221
CyberLink PowerDVD    CyberLink Corp.    17.02.2010        7.3.5711.1
CyberLink PowerProducer    CyberLink Corp.    17.02.2010    150,3MB    5.0819
CyberLink UDF Reader 5.0        17.02.2010        
DivX Converter    DivX, Inc.    30.06.2010        7.1.0
DivX Plus DirectShow Filters    DivX, Inc.    30.06.2010        
DivX-Setup    DivX, Inc.     03.09.2010        2.0.4.2
Easy Tune 6 B09.1120.1    GIGABYTE    08.01.2010    21,0MB    1.00.0000
Eigenschaften von Creative Sound Blaster    Creative Technology Limited    02.08.2010        1.02
Facebook Plug-In    Facebook, Inc.    19.06.2010        
Far Cry 2    Ubisoft    10.08.2010        1.03.00
Fraps (remove only)        12.12.2009        
Free Audio CD Burner version 1.4    DVDVideoSoft Limited.    02.08.2010    8,08MB    
Free YouTube to MP3 Converter version 3.7    DVDVideoSoft Limited.    02.08.2010    32,0MB    
Grand Theft Auto IV    Rockstar Games    10.12.2009        1.00.0000
Großer ADAC ReisePlaner 2008/2009        03.12.2009        
ICQ 7.2 Build #3129 Banner Remover 1.0    murb.com    27.06.2010    1,02MB    
ICQ7.2    ICQ    27.06.2010        7.2
iPhone Explorer    Marx Softwareentwicklung (Germany)    30.01.2010    4,79MB    0.9.0
iTunes    Apple Inc.    11.09.2010    135,9MB    10.0.0.68
James Cameron's AVATAR(tm): DAS SPIEL    Ubisoft    26.01.2010        1.02.00
Java(TM) 6 Update 17    Sun Microsystems, Inc.    02.12.2009    94,9MB    6.0.170
LexiROM 2.0        02.12.2009        
LG Tool Kit        17.02.2010        9.01.1124.01
LightScribe System Software    LightScribe    17.02.2010    24,0MB    1.18.8.1
Logitech GamePanel Software 3.06.109    Logitech Inc.    11.09.2010    17,6MB    3.06.109
Logitech SetPoint    Logitech    03.01.2010    17,00KB    4.80
Logitech Webcam Software    Logitech Inc.    23.07.2010        2.0
Logitech Webcam Software-Treiberpaket    Logitech Inc.    04.05.2010        12.10.1110
LogMeIn Hamachi    LogMeIn, Inc.    29.03.2010        2.0.2.85
Malwarebytes' Anti-Malware    Malwarebytes Corporation    11.09.2010    8,51MB    
Microsoft .NET Compact Framework 2.0 SP1    Microsoft Corporation    08.04.2010    91,0MB    2.0.6129
Microsoft .NET Framework 4 Client Profile    Microsoft Corporation    25.06.2010    38,8MB    4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack    Microsoft Corporation    25.06.2010    2,94MB    4.0.30319
Microsoft Games for Windows - LIVE    Microsoft Corporation    16.06.2010    7,86MB    3.3.24.0
Microsoft Games for Windows - LIVE Redistributable    Microsoft Corporation    16.06.2010    32,3MB    3.2.3.0
Microsoft Office Enterprise 2007    Microsoft Corporation    03.12.2009        12.0.6425.1000
Microsoft Office Live Add-in 1.5    Microsoft Corporation    16.06.2010    0,50MB    2.0.4024.1
Microsoft Rechner-Plus    Microsoft    02.12.2009    0,92MB    1.0.0
Microsoft Silverlight    Microsoft Corporation    16.06.2010    60,8MB    4.0.50524.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053    Microsoft Corporation    02.12.2009    0,25MB    8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable    Microsoft Corporation    17.02.2010    2,69MB    8.0.59193
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148    Microsoft Corporation    02.12.2009    0,20MB    9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17    Microsoft Corporation    02.12.2009    0,58MB    9.0.30729
Mozilla Firefox (3.6.8)    Mozilla    24.07.2010        3.6.8 (de)
MSXML 4.0 SP2 (KB954430)    Microsoft Corporation    04.12.2009    35,00KB    4.20.9870.0
MSXML 4.0 SP2 (KB973688)    Microsoft Corporation    04.12.2009    1,33MB    4.20.9876.0
Need For Speed SHIFT    Electronic Arts    26.12.2009        
Nero 9 Trial    Nero AG    17.02.2010        
NVIDIA Display Control Panel    NVIDIA Corporation    02.08.2010    129,0MB    6.14.12.5896
NVIDIA Drivers    NVIDIA Corporation    02.08.2010    67,5MB    1.10.62.40
NVIDIA ForceWare Network Access Manager    NVIDIA Corporation    02.12.2009    32,9MB    1.00.7316
NVIDIA Performance    NVIDIA Corporation    02.08.2010    23,4MB    6.5
NVIDIA PhysX    NVIDIA Corporation    29.08.2010    73,2MB    9.10.0513
NVIDIA Stereoscopic 3D Driver    NVIDIA Corporation    02.08.2010        7.17.12.5896
NVIDIA System Monitor    NVIDIA Corporation    02.08.2010    18,0MB    6.5
NVIDIA System Update    NVIDIA Corporation    02.08.2010    3,60MB    3.00
OpenAL        02.12.2009        
oZone3D.Net FurMark v1.7.0    oZone3D.Net    05.12.2009        
pdf24    PDF24.org    03.12.2009        
PunkBuster Services    Even Balance, Inc.    01.01.2010        0.986
QuickTime    Apple Inc.    11.09.2010    73,7MB    7.67.75.0
RealPlayer    RealNetworks    02.12.2009        
Realtek High Definition Audio Driver    Realtek Semiconductor Corp.    07.12.2009        6.0.1.5973
RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition    Alexey Nicolaychuk    05.12.2009        v2.24 MSI Master Overclocking Arena 2009 edition
Rockstar Games Social Club    Rockstar Games    10.12.2009        1.00.0000
SiSoftware Sandra Lite 2010    SiSoftware    08.12.2009    67,7MB    16.11.2010.1
Skype™ 4.2    Skype Technologies S.A.    23.07.2010    31,7MB    4.2.169
SUPER © Version 2009.bld.36 (June 10, 2009)    eRightSoft    13.12.2009        Version 2009.bld.36 (June 10, 2009)
Tom Clancy's Splinter Cell Conviction    Ubisoft    31.05.2010        1.04.000
TuneUp Utilities    TuneUp Software    02.12.2009        9.0.2010.9
Ubisoft Game Launcher    UBISOFT    31.05.2010        1.0.0.0
Uninstall 1.0.0.1        02.08.2010    10,5MB    
Virtual DJ - Atomix Productions        14.12.2009        
VLC media player 1.0.3    VideoLAN Team    02.12.2009        1.0.3
WD Diagnostics    Western Digital Technologies    03.08.2010    0,81MB    1.09.0002
Winamp    Nullsoft, Inc    19.07.2010        5.581 
Winamp Erkennungs-Plug-in    Nullsoft, Inc    19.07.2010    75,00KB    1.0.0.1
Windows Live Essentials    Microsoft Corporation    02.12.2009        14.0.8089.0726
Windows Live ID-Anmelde-Assistent    Microsoft Corporation    16.06.2010    5,52MB    6.500.3165.0
Windows Live-Uploadtool    Microsoft Corporation    02.12.2009    0,22MB    14.0.8014.1029
Windows Media Player Firefox Plugin    Microsoft Corp    02.12.2009    0,29MB    1.0.0.8
WinRAR        02.12.2009        
WinZip 11.1    WinZip Computing, S.L.     02.12.2009    11,1MB    11.1.7466
         
gmer log

Code:
ATTFilter
GMER 1.0.15.15281 - hxxp://www.gmer.net
Rootkit scan 2010-09-14 17:02:22
Windows 6.1.7600 
Running: gmer.exe; Driver: C:\Users\Marko\AppData\Local\Temp\awryyaog.sys


---- System - GMER 1.0.15 ----

INT 0x1F        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                            83243AF8
INT 0x37        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                            83243104
INT 0xC1        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                            832433F4
INT 0xD1        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                            8322C2D8
INT 0xD2        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                            8322B898
INT 0xDF        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                            832431DC
INT 0xE1        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                            83243958
INT 0xE3        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                            832436F8
INT 0xFD        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                            83243F2C
INT 0xFE        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                            832441A8

---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!ZwSaveKeyEx + 13AD                                                                                     82E5C599 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                              82E80F52 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
?               System32\Drivers\spoz.sys                                                                                           Das System kann den angegebenen Pfad nicht finden. !
.text           USBPORT.SYS!DllUnload                                                                                               913AECA0 5 Bytes  JMP 86C7B1D8 
.text           aui70y7t.SYS                                                                                                        93F9B000 12 Bytes  CALL 7AE83327 
.text           aui70y7t.SYS                                                                                                        93F9B00D 9 Bytes  [C7, 22, 83, 48, EB, 22, 83, ...]
.text           aui70y7t.SYS                                                                                                        93F9B017 20 Bytes  [00, DE, B7, F8, 8B, E6, B5, ...]
.text           aui70y7t.SYS                                                                                                        93F9B02C 149 Bytes  [00, 00, 00, 00, D0, 71, E5, ...]
.text           aui70y7t.SYS                                                                                                        93F9B0C3 8 Bytes  [00, 00, 00, 00, 00, 00, 00, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL}
.text           ...                                                                                                                 
.text           peauth.sys                                                                                                          A882BC9D 28 Bytes  [5E, 00, AE, 55, A1, 57, 40, ...]
.text           peauth.sys                                                                                                          A882BCC1 28 Bytes  [5E, 00, AE, 55, A1, 57, 40, ...]
PAGE            peauth.sys                                                                                                          A8831E20 101 Bytes  [66, A1, 19, 11, 82, 36, E8, ...]
PAGE            peauth.sys                                                                                                          A883202C 102 Bytes  [01, F9, 99, 6C, 4E, C1, 7E, ...]
.text           D:\Programme\CyberLink\PowerDVD\000.fcl                                                                             section is writeable [0xA88F8000, 0x2892, 0xE8000020]
.vmp2           D:\Programme\CyberLink\PowerDVD\000.fcl                                                                             entry point in ".vmp2" section [0xA891B050]
?               \Programme\D-Tools\Engine.dll                                                                                       Das System kann den angegebenen Pfad nicht finden. !

---- User code sections - GMER 1.0.15 ----

.text           D:\Programme\Mozilla Firefox\plugin-container.exe[1092] USER32.dll!TrackPopupMenu                                   77234B3B 5 Bytes  JMP 6432098F D:\Programme\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text           D:\Programme\Mozilla Firefox\firefox.exe[2776] ntdll.dll!NtProtectVirtualMemory                                     77715380 5 Bytes  JMP 0019000A 
.text           D:\Programme\Mozilla Firefox\firefox.exe[2776] ntdll.dll!NtWriteVirtualMemory                                       77715F00 5 Bytes  JMP 001A000A 
.text           D:\Programme\Mozilla Firefox\firefox.exe[2776] ntdll.dll!KiUserExceptionDispatcher                                  77716448 5 Bytes  JMP 0016000A 
.text           D:\Programme\Mozilla Firefox\firefox.exe[2776] ntdll.dll!LdrLoadDll                                                 7772F625 5 Bytes  JMP 012013F0 D:\Programme\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
.text           C:\Windows\explorer.exe[4616] ntdll.dll!NtProtectVirtualMemory                                                      77715380 5 Bytes  JMP 001F000A 
.text           C:\Windows\explorer.exe[4616] ntdll.dll!NtWriteVirtualMemory                                                        77715F00 5 Bytes  JMP 0020000A 
.text           C:\Windows\explorer.exe[4616] ntdll.dll!KiUserExceptionDispatcher                                                   77716448 5 Bytes  JMP 001A000A 
.text           C:\Windows\system32\svchost.exe[5752] ntdll.dll!NtProtectVirtualMemory                                              77715380 5 Bytes  JMP 0038000A 
.text           C:\Windows\system32\svchost.exe[5752] ntdll.dll!NtWriteVirtualMemory                                                77715F00 5 Bytes  JMP 0039000A 
.text           C:\Windows\system32\svchost.exe[5752] ntdll.dll!KiUserExceptionDispatcher                                           77716448 5 Bytes  JMP 0037000A 
.text           C:\Windows\system32\svchost.exe[5752] ole32.dll!CoCreateInstance                                                    773257FC 5 Bytes  JMP 008F000A 
.text           C:\Windows\system32\svchost.exe[5752] USER32.dll!GetCursorPos                                                       7720C198 5 Bytes  JMP 00A5000A 

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT             \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortUchar]                                            [8BE8F042] \SystemRoot\System32\Drivers\spoz.sys
IAT             \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortUchar]                                           [8BE8F6D6] \SystemRoot\System32\Drivers\spoz.sys
IAT             \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort]                                    [8BE8F800] \SystemRoot\System32\Drivers\spoz.sys
IAT             \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort]                                     [8BE8F13E] \SystemRoot\System32\Drivers\spoz.sys
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortNotification]                                          00147880
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortQuerySystemTime]                                       78800C75
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortReadPortUchar]                                         06750015
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortStallExecution]                                        C25DC033
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortWritePortUchar]                                        458B0008
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortWritePortUlong]                                        6A006A08
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortGetPhysicalAddress]                                    50056A24
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong]                         005AB7E8
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortGetScatterGatherList]                                  0001B800
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortGetParentBusType]                                      C25D0000
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortRequestCallback]                                       CCCC0008
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortWritePortBufferUshort]                                 CCCCCCCC
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortGetUnCachedExtension]                                  CCCCCCCC
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortCompleteRequest]                                       CCCCCCCC
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortCopyMemory]                                            53EC8B55
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortEtwTraceLog]                                           800C5D8B
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests]                             7500117B
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb]                                127B806A
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb]                                  80647500
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortReadPortBufferUshort]                                  7500137B
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortInitialize]                                            157B805E
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortGetDeviceBase]                                         56587500
IAT             \SystemRoot\System32\Drivers\aui70y7t.SYS[ataport.SYS!AtaPortDeviceStateChange]                                     8008758B

---- Devices - GMER 1.0.15 ----

Device          \FileSystem\Ntfs \Ntfs                                                                                              859491F8
Device          \Driver\usbohci \Device\USBPDO-0                                                                                    86C7C1F8
Device          \Driver\usbehci \Device\USBPDO-1                                                                                    86A871F8
Device          \Driver\usbohci \Device\USBPDO-2                                                                                    86C7C1F8
Device          \Driver\usbehci \Device\USBPDO-3                                                                                    86A871F8
Device          \Driver\sptd \Device\257802016                                                                                      spoz.sys
Device          \Driver\volmgr \Device\HarddiskVolume1                                                                              859451F8

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\volmgr \Device\HarddiskVolume2                                                                              859451F8

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\cdrom \Device\CdRom0                                                                                        86AAA500
Device          \Driver\volmgr \Device\HarddiskVolume3                                                                              859451F8

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\atapi \Device\Ide\IdePort0                                                                                  859471F8
Device          \Driver\atapi \Device\Ide\IdePort1                                                                                  859471F8
Device          \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-2                                                                         859471F8
Device          \Driver\NetBT \Device\NetBT_Tcpip_{AC144823-F474-49DE-991A-FB2148ECCBA1}                                            86BC41F8
Device          \Driver\volmgr \Device\HarddiskVolume4                                                                              859451F8

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\volmgr \Device\HarddiskVolume5                                                                              859451F8

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume5                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\volmgr \Device\HarddiskVolume6                                                                              859451F8

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume6                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\PCI_PNP8016 \Device\00000069                                                                                spoz.sys
Device          \Driver\volmgr \Device\HarddiskVolume7                                                                              859451F8

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume7                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\NetBT \Device\NetBt_Wins_Export                                                                             86BC41F8
Device          \Driver\volmgr \Device\HarddiskVolume8                                                                              859451F8

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume8                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\volmgr \Device\HarddiskVolume9                                                                              859451F8

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume9                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\NetBT \Device\NetBT_Tcpip_{E7E4CB07-0008-45AC-A96C-15E6D252AFE5}                                            86BC41F8
Device          \Driver\ACPI_HAL \Device\0000005f                                                                                   halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device          \Driver\usbohci \Device\USBFDO-0                                                                                    86C7C1F8
Device          \Driver\usbehci \Device\USBFDO-1                                                                                    86A871F8
Device          \Driver\usbohci \Device\USBFDO-2                                                                                    86C7C1F8
Device          \Driver\usbehci \Device\USBFDO-3                                                                                    86A871F8
Device          \Driver\volmgr \Device\HarddiskVolume10                                                                             859451F8

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume10                                                                             fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\aui70y7t \Device\Scsi\aui70y7t1                                                                             86E443A8
Device           -> \Driver\atapi \Device\Harddisk0\DR0                                                                             86B54EC5

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1                                                                  771343423
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2                                                                  285507792
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0                                                                  1
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                    
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                 D:\Programme\D-Tools\
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                 0xD4 0xC3 0x97 0x02 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                 0
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x2F 0xC8 0xB4 0x22 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                           
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                     0x1A 0xE8 0x5E 0x96 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                      
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0x71 0x50 0x01 0xB1 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                     D:\Programme\D-Tools\
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                     0xD4 0xC3 0x97 0x02 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                     0
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x2F 0xC8 0xB4 0x22 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)       
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                         0x1A 0xE8 0x5E 0x96 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0x71 0x50 0x01 0xB1 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version                                          
Reg             HKLM\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version@Version                                  0xC4 0x50 0x5E 0x1D ...

---- Files - GMER 1.0.15 ----

File            C:\Windows\system32\drivers\atapi.sys                                                                               suspicious modification

---- EOF - GMER 1.0.15 ----
         

Miniaturansicht angehängter Grafiken
Windows Update und Windows Gadgets durch Virus blockiert-unbenannt.jpg  

Alt 14.09.2010, 19:23   #6
kira
/// Helfer-Team
 
Windows Update und Windows Gadgets durch Virus blockiert - Standard

Windows Update und Windows Gadgets durch Virus blockiert



- Punkt 3. fehlt noch:-> http://www.trojaner-board.de/90678-w...tml#post567361

ausserdem:

** Update Malwarebytes Anti-Malware, lass es nochmal anhand der folgenden Anleitung laufen:
  • per Doppelklick starten.
  • gleich mal die Datenbanken zu aktualisieren - online updaten
  • Vollständiger Suchlauf wählen (überall Haken setzen)
  • wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
  • alle Funde bis auf - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
  • Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"
eine bebilderte Anleitung findest Du hier: Malwarebytes Anti-Malware

Alt 14.09.2010, 21:38   #7
Spladdy
 
Windows Update und Windows Gadgets durch Virus blockiert - Standard

Windows Update und Windows Gadgets durch Virus blockiert



hey,

ich habe den suchslauf von mbam nun auf C und D komplett laufen lassen, F bis H ist bei mir nur ablagefläche, wo nur spiele, mp3 und tools drauf sind. Hoffe das reicht dir soweit DANKE NOCHMAL dass du soviel mühe machst !!

hier noch Punkt 3 im anhang (lässt sich leider nicht in code schreiben und auch nicht als txt anhängen..bringt mir dann immer "seite kann nicht angezeigt werden" =/ musste es zippen)

Alt 14.09.2010, 22:45   #8
Spladdy
 
Windows Update und Windows Gadgets durch Virus blockiert - Standard

Windows Update und Windows Gadgets durch Virus blockiert



Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4613

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

14.09.2010 23:43:28
mbam-log-2010-09-14 (23-43-28).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 415445
Laufzeit: 1 Stunde(n), 9 Minute(n), 13 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
         
sorry für doppelpost, war zu langsam füredit -.-

Alt 15.09.2010, 20:34   #9
kira
/// Helfer-Team
 
Windows Update und Windows Gadgets durch Virus blockiert - Standard

Windows Update und Windows Gadgets durch Virus blockiert



1.
starte HijackThis--> wähle Open the Misc Tools section --> dann Delete a file on reboot... --> wähle die zu löschende Datei (sehe der Inhalt dieser Code-Box), die Frage zum Neustart mit NEIN beantworten, wieder Delete a file on reboot wählen, nächste Datei auswählen usw., bis Du die letzte Datei ausgewählt hast, nun antwortest du auf die Frage zum Neustart mit JA
>> Text kopieren und einfügen (oder "Durchsuchen")::
Code:
ATTFilter
C:\Windows\system32\ssprs.tgz 
C:\Windows\system32\ssprs.dll 
C:\Windows\system32\lsprst7.tgz 
C:\Windows\system32\lsprst7.dll
         
2.
einige unnötig, andere schädlich deswegen...
- unter Start->Programme-> Zubehör-> Systemprogramme-> geplante Tasks (Anleitung-> Ändern geplanter Tasks in Windows XP und dort auch einfach löschen:
Code:
ATTFilter
C:\Windows\Tasks\{0573519D-DF95-4934-9530-B23267EACD99}.job 
C:\Windows\Tasks\PDVDServ.EXE_20100218_205409_0682.job 
C:\Windows\Tasks\brs.exe_20100218_205404_0673.job 
C:\Windows\Tasks\PDVDServ.EXE_20100218_183235_0816.job 
C:\Windows\Tasks\brs.exe_20100218_183231_0539.job 
C:\Windows\Tasks\{12739128-407D-4DB8-80B3-577F199F1572}.job 
C:\Windows\Tasks\{D8514EF7-1317-480C-A975-389FDA41E8A8}.job 
C:\Windows\Tasks\{6FC708E8-D1A8-4975-864D-F5194212C43A}.job 
C:\Windows\Tasks\{5438C122-0EC3-4ECF-B357-4D3F4CA1A8BB}.job
         
3.
→ besuche die Seite von virustotal und die Datei/en aus Codebox bitte prüfen lassen - inklusive Dateigröße und Name, MD5 und SHA1 auch mitkopieren:
Tipps für die Suche nach Dateien
Code:
ATTFilter
C:\Windows\system32\drivers\atapi.sys   
         
→ Klicke auf "Durchsuchen"
→ Suche die Datei auf deinem Rechner→ Doppelklick auf die zu prüfende Datei (oder kopiere den Inhalt ab aus der Codebox)
→ "Senden der Datei" und Warte, bis der Scandurchlauf aller Virenscanner beendet ist
das Ergebnis wie Du es bekommst (NICHT AUSLASSEN!) da reinkoperen (inklusive <geprüfter Dateiname> + Dateigröße und Name, MD5 und SHA1)

** Beispiel - das zu postende Logfile von Virustotal soll so wie hier aussehen Also nicht auslassen, sondern wie Du es bekommst da reinkopieren!:
Code:
ATTFilter
Datei <hier kommt die Dateiname> empfangen 2009.xx.xx xx:xx:xx (CET)
Antivirus	Version	letzte aktualisierung	Ergebnis
a-squared	4.0.0.73	2009.01.28	-
AhnLab-V3	5.0.0.2	2009.01.28	-
AntiVir	7.9.0.60	2009.01.28	-
Authentium	5.1.0.4	2009.01.27	-

...über 40 Virenscannern...also Geduld!!
         

Alt 16.09.2010, 13:51   #10
Spladdy
 
Windows Update und Windows Gadgets durch Virus blockiert - Standard

Windows Update und Windows Gadgets durch Virus blockiert



alle dateien, die du beschrieben hast entfernt

hier das virustotal log :

Code:
ATTFilter
File name:
atapi.sys
Submission date:
2010-09-16 12:38:31 (UTC)
Current status:
queued (#1) queued (#1) analysing finished
Result:
1/ 41 (2.4%)
	
VT Community

not reviewed
 Safety score: - 
Compact
Print results
Antivirus 	Version 	Last Update 	Result
AhnLab-V3	2010.09.16.01	2010.09.16	-
AntiVir	8.2.4.52	2010.09.16	-
Antiy-AVL	2.0.3.7	2010.09.16	-
Authentium	5.2.0.5	2010.09.16	-
Avast	4.8.1351.0	2010.09.16	-
Avast5	5.0.594.0	2010.09.16	-
AVG	9.0.0.851	2010.09.16	-
BitDefender	7.2	2010.09.16	-
CAT-QuickHeal	11.00	2010.09.16	-
ClamAV	0.96.2.0-git	2010.09.16	-
Comodo	6097	2010.09.16	-
DrWeb	5.0.2.03300	2010.09.16	-
Emsisoft	5.0.0.37	2010.09.16	-
eSafe	7.0.17.0	2010.09.15	Win32.TrojanHorse
eTrust-Vet	36.1.7859	2010.09.16	-
F-Prot	4.6.1.107	2010.09.16	-
F-Secure	9.0.15370.0	2010.09.16	-
Fortinet	4.1.143.0	2010.09.16	-
GData	21	2010.09.16	-
Ikarus	T3.1.1.88.0	2010.09.16	-
Jiangmin	13.0.900	2010.09.16	-
K7AntiVirus	9.63.2522	2010.09.15	-
Kaspersky	7.0.0.125	2010.09.16	-
McAfee	5.400.0.1158	2010.09.16	-
McAfee-GW-Edition	2010.1C	2010.09.16	-
NOD32	5454	2010.09.16	-
nProtect	2010-09-16.02	2010.09.16	-
Panda	10.0.2.7	2010.09.16	-
PCTools	7.0.3.5	2010.09.16	-
Prevx	3.0	2010.09.16	-
Rising	22.65.03.04	2010.09.16	-
Sophos	4.57.0	2010.09.16	-
Sunbelt	6882	2010.09.16	-
SUPERAntiSpyware	4.40.0.1006	2010.09.16	-
Symantec	20101.1.1.7	2010.09.16	-
TheHacker	6.7.0.0.020	2010.09.16	-
TrendMicro	9.120.0.1004	2010.09.16	-
TrendMicro-HouseCall	9.120.0.1004	2010.09.16	-
VBA32	3.12.14.0	2010.09.16	-
ViRobot	2010.8.25.4006	2010.09.16	-
VirusBuster	12.65.8.0	2010.09.15	-
Additional information
Show all
MD5   : 338c86357871c167a96ab976519bf59e
SHA1  : e99e20970139fb1e67bbc54fa8a61c18a4fce36e
SHA256: f28cc534523d1701b0552f5d7e18e88369c4218bdb1f69110c3e31d395884ad6
         

Alt 17.09.2010, 07:45   #11
kira
/// Helfer-Team
 
Windows Update und Windows Gadgets durch Virus blockiert - Standard

Windows Update und Windows Gadgets durch Virus blockiert



Falls das Problem weiterhin besteht:
- Wenn du einen sauberen Systempunkt hast, wähle ihn aus, das erspart Dir die langwierigen Reinigungsmethoden, ist zumindest einen Versuch wert!:

Zitat:
Windows ME,XP, Vista und Win7 enthält ein Programm zur Systemwiederherstellung (Damit lässt sich das System auf einen früheren Zeitpunkt zurücksetzen ,wo noch alles einwandfrei funktioniert. Die Systemwiederherstellung betrifft nur Systemeinstellungen.(programme die in der zwischenzeit installiert wurden gehen dabei verloren. man kann diesen vorgang auch wieder rückgängig machen, sollte man keinen erfolg damit erzielt haben.)
Du findest das Programm zur Systemwiederherstellung : Start/Programme/Zubehör/Systemprogramme/Systemwiederherstellung
Setz doch dein Windows über die Systemwiederherstellung ganz zurück (falls nötig kannst Du es im abgesicherten Modus auch tun :
(drücke beim Hochfahren des Rechners [F8] solange, bis du eine Auswahlmöglichkeit hast, da "abgesicherten Modus " wählen)
- berichte ob du damit Erfolg hast
- auch, ob die SWH funktioniert hat, bzw ob Du das System auf einen früheren Wiederherstellungspunkt zurückstellen können?
(Kannst noch immer bis zum heutigen Zeitpunkt rückgängig machen, falls liefert nicht das gewünschte Ergebnis)
► Da die SWH nur ein Notlösung ist und/oder die Systemwiederherstellung ist nicht durchführbar, Rückmeldung erwünscht

Alt 17.09.2010, 12:49   #12
Spladdy
 
Windows Update und Windows Gadgets durch Virus blockiert - Standard

Windows Update und Windows Gadgets durch Virus blockiert



systemwiederhestellung durchgeführt..
windwos gadgets funktionieren wieder... allerdings macht das windows update immernoch den fehlercode 80072EFD =(

Alt 19.09.2010, 07:50   #13
kira
/// Helfer-Team
 
Windows Update und Windows Gadgets durch Virus blockiert - Standard

Windows Update und Windows Gadgets durch Virus blockiert



zunächst die Schritte 1-4 erneut bitte abarbeiten:-> http://www.trojaner-board.de/90678-w...tml#post567361

Alt 19.09.2010, 17:21   #14
Spladdy
 
Windows Update und Windows Gadgets durch Virus blockiert - Standard

Windows Update und Windows Gadgets durch Virus blockiert



[CODE]
RSIT Logfile:
Code:
ATTFilter
Logfile of random's system information tool 1.08 (written by random/random)
Run by xxx at 2010-09-19 18:16:18
Microsoft Windows 7 Home Premium  
System drive C: has 100 GB (66%) free of 150 GB
Total RAM: 3327 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:16:29, on 19.09.2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
D:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\Ctxfihlp.exe
D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
D:\Programme\RocketDock\RocketDock.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
F:\Logitech\G15\NM Monitor\nmmonitor.exe
D:\Programme\RivaTuner\RivaTuner.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
C:\Users\Marko\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUMonitor.gadget\GPUMonitor.exe
D:\Programme\Microsoft Office\Office12\OUTLOOK.EXE
D:\Programme\Mozilla Firefox\firefox.exe
C:\Users\Marko\Desktop\Help\RSIT.exe
C:\Program Files\trend micro\Marko.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Programme\Real\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O4 - HKLM\..\Run: [avgnt] "D:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [RivaTuner] "D:\Programme\RivaTuner\RivaTunerWrapper.exe" /T
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "D:\Programme\RivaTuner\RivaTunerWrapper.exe" /S
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKCU\..\Run: [RocketDock] "D:\Programme\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user')
O4 - Startup: nmmonitor.exe - Verknüpfung.lnk = F:\Logitech\G15\NM Monitor\nmmonitor.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Marko\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AC144823-F474-49DE-991A-FB2148ECCBA1}: NameServer = 192.168.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{AC144823-F474-49DE-991A-FB2148ECCBA1}: NameServer = 192.168.2.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{AC144823-F474-49DE-991A-FB2148ECCBA1}: NameServer = 192.168.2.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Programme\Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - D:\Programme\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe

--
End of file - 13741 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Automatische Wartung.job
C:\Windows\tasks\SidebarExecute.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - D:\Programme\Real\rpbrowserrecordplugin.dll [2009-12-03 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID-Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Programme\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - D:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=D:\Programme\Avira\AntiVir Desktop\avgnt.exe [2010-03-26 282792]
"RivaTuner"=D:\Programme\RivaTuner\RivaTunerWrapper.exe [2009-08-22 24576]
"RivaTunerStartupDaemon"=D:\Programme\RivaTuner\RivaTunerWrapper.exe [2009-08-22 24576]
""= []
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2009-06-17 55824]
"CTxfiHlp"=C:\Windows\system32\CTXFIHLP.EXE [2010-05-05 25600]
"Malwarebytes' Anti-Malware"=D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584]
"IJNetworkScanUtility"=C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2009-09-28 140640]
"Launch LgDeviceAgent"=C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [2010-08-03 358472]
"Launch LCDMon"=C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2010-08-03 1809992]
"Launch LGDCore"=C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [2010-08-03 3649096]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=D:\Programme\RocketDock\RocketDock.exe [2007-09-02 495616]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
D:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2010-06-19 640440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
D:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2010-06-19 38840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2009-12-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO]
C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE [2008-08-15 378224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files\Cyberlink\Shared Files\brs.exe [2009-09-04 75048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
D:\Programme\CyberLink\Power2Go\CLMLSvc.exe [2008-07-18 104936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Programme\D-Tools\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
E:\Spiele\Electronic Arts\EADM\Core.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
D:\Programme\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
D:\Programme\ICQ7.2\ICQ.exe [2010-06-28 133368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
D:\Programme\ICQLite\ICQLite.exe -minimize []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
D:\Programme\iTunes\iTunesHelper.exe [2010-09-01 421160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
D:\Programme\CyberLink\PowerDVD\Language\Language.exe [2009-04-16 62760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU]
C:\Program Files\lg_fwupdate\fwupdate.exe [2010-02-18 557056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\Webcam\Logitech WebCam Software\LWS.exe /hide []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
D:\Programme\Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2010-05-07 165208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NM Monitor]
F:\Logitech\G15\NM Monitor\nmmonitor.exe [2010-04-26 1810432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
D:\Programme\CyberLink\PowerDVD\PDVDServ.exe [2009-04-16 87336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-12-03 198160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
D:\Programme\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-02-21 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
D:\Programme\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-09-24 210216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut]
D:\Programme\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
D:\Programme\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [2008-10-20 210216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marko^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk]
C:\PROGRA~1\Logitech\Webcam\LOGITE~1\eReg.exe /remind /language=DEU /_WFM=. []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marko^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk]
D:\PROGRA~1\MICROS~1\Office12\ONENOTEM.EXE [2009-02-26 97680]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Programme\Logitech\SetPoint\SetPoint.exe

C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
nmmonitor.exe - Verknüpfung.lnk - F:\Logitech\G15\NM Monitor\nmmonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll [2009-07-20 72208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRecentDocsNetHood"=1
"NoDrives"=0x00000000
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-09-17 14:18:30 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-16 16:17:32 ----D---- C:\ProgramData\Sun
2010-09-16 16:17:31 ----D---- C:\Program Files\Common Files\Java
2010-09-16 16:17:26 ----A---- C:\Windows\system32\javaws.exe
2010-09-16 16:17:26 ----A---- C:\Windows\system32\javaw.exe
2010-09-16 16:17:26 ----A---- C:\Windows\system32\java.exe
2010-09-16 16:17:26 ----A---- C:\Windows\system32\deployJava1.dll
2010-09-16 16:16:07 ----D---- C:\Program Files\QuickTime
2010-09-14 16:41:07 ----D---- C:\Program Files\trend micro
2010-09-14 16:41:05 ----D---- C:\rsit
2010-09-12 13:44:52 ----D---- C:\Program Files\iPod
2010-09-12 13:42:39 ----D---- C:\Program Files\Apple Software Update
2010-09-12 13:41:54 ----D---- C:\Program Files\Bonjour
2010-09-12 13:13:01 ----A---- C:\Windows\system32\CNMXLMA5.DLL
2010-09-12 10:31:34 ----A---- C:\Windows\system32\o4Patch.exe
2010-09-11 18:56:47 ----D---- C:\Users\Marko\AppData\Roaming\citidcgjg
2010-09-10 16:30:38 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-09-10 16:30:38 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-09-10 00:04:54 ----D---- C:\Program Files\Avira
2010-09-09 22:01:07 ----D---- C:\Users\Marko\AppData\Roaming\vnckrnaux
2010-09-09 22:00:37 ----D---- C:\Users\Marko\AppData\Roaming\E7270447A11B5D97670355A83EA350FD
2010-09-05 18:01:02 ----D---- C:\Users\Marko\AppData\Roaming\Canon
2010-09-05 17:42:10 ----A---- C:\Windows\system32\SETC52D.tmp
2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNHMCA.dll
2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNC340U.dll
2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNC340L.dll
2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNC340I.dll
2010-09-05 17:42:08 ----A---- C:\Windows\system32\CNC340C.dll
2010-09-05 17:38:49 ----D---- C:\Program Files\Common Files\CANON
2010-09-05 17:37:25 ----HD---- C:\ProgramData\CanonBJ
2010-09-05 17:37:18 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2010-09-05 17:37:05 ----A---- C:\Windows\system32\CNMLMA5.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkUS.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkTW.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkTR.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkTH.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkSE.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkRU.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkPT.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkPL.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkNO.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkNL.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkKR.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkJP.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkIT.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkID.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkHU.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkGR.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkFR.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkFI.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkES.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkDK.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkDE.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkCZ.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkCN.DLL
2010-09-05 17:37:00 ----A---- C:\Windows\system32\CNCFLkAR.DLL
2010-09-05 17:36:59 ----A---- C:\Windows\system32\CNCFMSk.EXE
2010-09-05 17:36:59 ----A---- C:\Windows\system32\CNCF2Lk.DLL
2010-09-05 17:36:51 ----A---- C:\Windows\system32\CNMIUA5.DLL
2010-09-05 17:36:40 ----HD---- C:\Program Files\CanonBJ
2010-09-05 17:36:31 ----D---- C:\Windows\system32\STRING
2010-09-05 17:36:31 ----A---- C:\Windows\system32\CNMNPUI.DLL
2010-09-05 17:36:31 ----A---- C:\Windows\system32\CNMNPPM.DLL
2010-09-05 17:36:30 ----D---- C:\Windows\system32\CHM
2010-09-05 17:34:41 ----D---- C:\Program Files\Canon
2010-08-30 23:12:10 ----N---- C:\Windows\system32\oleaut32.dll
2010-08-30 23:12:10 ----A---- C:\Windows\system32\oleaut32(815).dll
2010-08-30 19:08:13 ----D---- C:\Users\Marko\AppData\Roaming\NVIDIA
2010-08-30 19:07:46 ----A---- C:\Windows\system32\XAudio2_7.dll
2010-08-30 19:07:46 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2010-08-30 19:07:46 ----A---- C:\Windows\system32\xactengine3_7.dll
2010-08-30 19:07:46 ----A---- C:\Windows\system32\D3DX9_43.dll
2010-08-30 19:07:46 ----A---- C:\Windows\system32\d3dx11_43.dll
2010-08-30 19:07:46 ----A---- C:\Windows\system32\d3dx10_43.dll
2010-08-30 19:07:46 ----A---- C:\Windows\system32\d3dcsx_43.dll
2010-08-30 19:07:46 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2010-08-30 19:07:45 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-08-30 19:07:45 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-08-30 19:07:45 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-08-30 19:07:45 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-08-29 19:58:01 ----RA---- C:\Windows\system32\AdobePDFUI.dll

======List of files/folders modified in the last 1 months======

2010-09-19 18:16:28 ----D---- C:\Windows\Temp
2010-09-19 18:09:19 ----D---- C:\ProgramData\NVIDIA
2010-09-19 18:09:14 ----D---- C:\Windows\system32\logishrd
2010-09-17 14:31:47 ----D---- C:\Windows\winsxs
2010-09-17 14:31:33 ----D---- C:\Windows\system32\config
2010-09-17 14:30:23 ----D---- C:\Windows\System32
2010-09-17 14:18:43 ----D---- C:\Windows
2010-09-17 14:18:33 ----D---- C:\Windows\system32\catroot
2010-09-17 14:18:26 ----SHD---- C:\System Volume Information
2010-09-17 14:17:32 ----D---- C:\Windows\SoftwareDistribution
2010-09-17 14:05:31 ----SHD---- C:\Windows\Installer
2010-09-17 14:05:11 ----SHD---- C:\Config.Msi
2010-09-17 14:00:29 ----D---- C:\Windows\system32\drivers
2010-09-17 13:46:34 ----D---- C:\Users
2010-09-17 12:15:01 ----D---- C:\Users\Marko\AppData\Roaming\ICQ
2010-09-16 21:18:45 ----A---- C:\Windows\ULead32.ini
2010-09-16 17:12:29 ----D---- C:\Users\Marko\AppData\Roaming\Skype
2010-09-16 16:22:31 ----D---- C:\Users\Marko\AppData\Roaming\skypePM
2010-09-16 16:17:32 ----D---- C:\ProgramData
2010-09-16 16:17:31 ----D---- C:\Program Files\Common Files
2010-09-16 16:16:07 ----D---- C:\Program Files
2010-09-16 14:37:16 ----D---- C:\Windows\Tasks
2010-09-16 14:24:25 ----D---- C:\Windows\system32\catroot2
2010-09-15 08:38:28 ----D---- C:\Windows\registration
2010-09-13 23:49:15 ----D---- C:\Windows\AppPatch
2010-09-13 23:46:58 ----D---- C:\Windows\system32\LogFiles
2010-09-12 13:58:59 ----D---- C:\Boot
2010-09-12 13:44:52 ----D---- C:\Program Files\Common Files\Apple
2010-09-12 13:42:33 ----D---- C:\Windows\inf
2010-09-12 13:42:17 ----D---- C:\Windows\system32\DriverStore
2010-09-12 13:29:53 ----D---- C:\Windows\Minidump
2010-09-12 13:15:45 ----D---- C:\ProgramData\Logitech
2010-09-12 13:12:32 ----D---- C:\Windows\twain_32
2010-09-12 13:07:26 ----D---- C:\Users\Marko\AppData\Roaming\Taypy
2010-09-12 13:04:15 ----D---- C:\Windows\system32\wbem
2010-09-12 13:03:11 ----D---- C:\Windows\system32\wfp
2010-09-12 13:03:10 ----D---- C:\Windows\system32\Tasks
2010-09-12 13:03:06 ----D---- C:\Windows\system32\CodeIntegrity
2010-09-12 13:03:05 ----D---- C:\Windows\Media
2010-09-12 13:03:05 ----D---- C:\Windows\Downloaded Program Files
2010-09-12 13:03:05 ----D---- C:\Users\Marko\AppData\Roaming\Winamp
2010-09-12 13:03:05 ----D---- C:\Users\Marko\AppData\Roaming\Kaam
2010-09-12 13:03:00 ----D---- C:\ProgramData\DivX
2010-09-12 13:03:00 ----D---- C:\ProgramData\Apple Computer
2010-09-12 13:02:58 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-12 13:02:57 ----D---- C:\Program Files\DVDVideoSoft
2010-09-12 13:02:57 ----D---- C:\Program Files\DivX
2010-09-12 13:02:57 ----D---- C:\Program Files\Common Files\PX Storage Engine
2010-09-12 13:02:57 ----D---- C:\Program Files\Common Files\Logishrd
2010-09-12 13:02:57 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-09-12 13:02:55 ----D---- C:\NVIDIA
2010-09-12 13:01:41 ----D---- C:\Users\Marko\AppData\Roaming\Adobe
2010-09-12 13:01:34 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-09-10 18:39:46 ----D---- C:\Windows\Sun
2010-09-10 17:46:07 ----D---- C:\Windows\debug
2010-09-04 13:07:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-02 17:10:49 ----D---- C:\ProgramData\Adobe
2010-08-30 19:07:59 ----D---- C:\Program Files\NVIDIA Corporation
2010-08-30 19:07:37 ----D---- C:\Windows\assembly
2010-08-26 14:40:34 ----A---- C:\Windows\system32\authuitu(812).dll
2010-08-26 14:40:24 ----A---- C:\Windows\system32\uxtuneup(813).dll
2010-08-25 18:16:50 ----A---- C:\Windows\SurCode.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 CLBStor;CyberLink InstantBurn UDF Reader Help Driver; C:\Windows\system32\drivers\CLBStor.sys [2008-10-20 10368]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-02-06 44608]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-03 691696]
R1 avgio;avgio; \??\D:\Programme\Avira\AntiVir Desktop\avgio.sys [2009-12-03 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-26 124784]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 hwinterface;hwinterface; C:\Windows\System32\Drivers\hwinterface.sys [2009-12-03 2996]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-12-03 28520]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2009-12-14 73312]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-03-26 60936]
R2 CLBUDFR;CyberLink UDF Filesystem; C:\Windows\system32\drivers\CLBUDFR.sys [2008-10-20 154368]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 vcs;vcs; \??\D:\Programme\AV VCS 3.0 Gold\vcs.sys [2003-04-30 6852]
R3 CMISTOR;CMIUCR.SYS CM320/CM220 Card Reader Driver; C:\Windows\system32\DRIVERS\cmiucr.SYS [2007-09-10 95616]
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [2010-05-05 171096]
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2010-05-05 511064]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2010-05-05 526296]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS [2010-05-05 1324120]
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS [2010-05-05 72792]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2010-05-05 14424]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2010-05-05 158808]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2006-12-26 34760]
R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2010-05-05 95832]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2010-05-05 1178200]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-23 14856]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392]
R3 LVPr2Mon;LVPr2Mon Driver; C:\Windows\system32\Drivers\LVPr2Mon.sys [2010-05-07 25824]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2010-05-15 276448]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\lvusbsta.sys [2005-01-31 22016]
R3 LVUVC;Logitech Webcam Pro 9000(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2010-05-15 6842592]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2010-04-29 20952]
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6232.sys [2009-07-30 287392]
R3 nvoclock;NVIDIA Enthusiasts Platform KDM; C:\Windows\system32\DRIVERS\nvoclock.sys [2009-09-15 38248]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-08-24 15872]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2010-05-05 130136]
R3 RivaTuner32;RivaTuner32; \??\D:\Programme\RivaTuner\RivaTuner32.sys [2009-08-22 9088]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 AODDriver;AODDriver; \??\C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys [2009-02-23 7168]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS [2010-05-05 171096]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\Windows\system32\drivers\ctdvda2k.sys [2010-05-05 347144]
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS [2010-05-05 1324120]
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS [2010-05-05 72792]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2004-10-25 21664]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2010-01-09 17488]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-03-06 17488]
S3 GVTDrv;GVTDrv; \??\C:\Windows\system32\Drivers\GVTDrv.sys [2010-03-06 24944]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-11-03 2790048]
S3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-09-08 1063712]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2005-01-31 211712]
S3 SANDRA;SANDRA; \??\D:\Programme\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x86\Sandra.sys [2009-08-08 23112]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-04-19 41984]
S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirMailService;Avira AntiVir MailGuard; D:\Programme\Avira\AntiVir Desktop\avmailc.exe [2010-04-19 337064]
R2 AntiVirSchedulerService;Avira AntiVir Planer; D:\Programme\Avira\AntiVir Desktop\sched.exe [2010-03-26 135336]
R2 AntiVirService;Avira AntiVir Guard; D:\Programme\Avira\AntiVir Desktop\avguard.exe [2010-04-19 267432]
R2 AntiVirWebService;Avira AntiVir WebGuard; D:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE [2010-04-19 405672]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 Bonjour Service;Dienst "Bonjour"; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-08-10 387616]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; D:\Programme\Hamachi\hamachi-2.exe [2010-03-30 1107336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 162648]
R2 MBAMService;MBAMService; D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-08-10 178720]
R2 nTuneService;Performance Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2010-03-22 191080]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-08-11 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2010-08-11 107832]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-08-26 1051968]
R2 UpdateCenterService;Update Center Service; C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe [2009-11-06 195176]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2009-12-14 288112]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-02-18 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-12-03 79360]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-12-06 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2010-09-01 820008]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [2009-07-20 121360]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Programme\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; D:\Programme\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe [2009-08-24 93336]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-11-15 320760]
S3 TuneUp.Defrag;@D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-09-11 435008]

-----------------EOF-----------------
         
--- --- ---


Code:
ATTFilter
3DMark06	Futuremark	04.12.2009		1.0.2
7-Zip 4.62				
Acrobat.com	Adobe Systems Incorporated			1.2.443
Adobe AIR	Adobe Systems Inc.			1.5.3.9130
Adobe Creative Suite 4 Master Collection	Adobe Systems Incorporated			4.0
Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated			10.1.53.64
Adobe Flash Player 10 Plugin	Adobe Systems Incorporated			10.1.82.76
Adobe Media Player	Adobe Systems Incorporated			1.1
Adobe Reader 9 - Deutsch	Adobe Systems Incorporated	03.12.2009		9.0.0
Age of Empires III	Microsoft Game Studios	20.12.2009		1.00.0000
Apple Application Support	Apple Inc.	12.09.2010		1.3.2
Apple Mobile Device Support	Apple Inc.	12.09.2010		3.2.0.47
Apple Software Update	Apple Inc.	12.09.2010		2.1.2.120
Avira AntiVir Premium	Avira GmbH			10.0.0.603
Battlefield 2(TM)		11.12.2009		
Bonjour	Apple Inc.	12.09.2010		2.0.3.0
C-Media USB2.0 Card Reader				
Canon IJ Network Scan Utility				
Canon IJ Network Tool				
Canon Kurzwahlprogramm				
Canon MP Navigator EX 3.1				
Canon MX340 series Benutzerregistrierung				
Canon MX340 series MP Drivers				
Canon Utilities Easy-PhotoPrint EX				
Canon Utilities My Printer				
CCleaner	Piriform			2.34
Command & Conquer 3	Ihr Firmenname	27.12.2009		1.00.0000
Command & Conquer™ 3: Kanes Rache	Ihr Firmenname	27.12.2009		1.00.0000
Command & Conquer™ 4 Tiberian Twilight	Electronic Arts	03.08.2010		1.0.0.0
Counter-Strike 1.6				1.00.0000
Creative ALchemy	Creative Technology Limited			1.41
Creative Audio-Systemsteuerung	Creative Technology Limited			2.00
Creative Konsole Starter	Creative Technology Limited			
Creative Software AutoUpdate	Creative Technology Limited			1.40
Crysis WARHEAD(R)	Electronic Arts			
Crysis WARHEAD(R) Patch	Electronic Arts			
Crysis(R)	Electronic Arts	02.01.2010		1.21.0000
CyberLink BD Advisor 2.0				
CyberLink Blu-ray Disc Suite	CyberLink Corp.	18.02.2010		6.0.2201
CyberLink LabelPrint	CyberLink Corp.			2.0.3301
CyberLink MediaShow	CyberLink Corp.	18.02.2010		4.1.2124
CyberLink Power2Go	CyberLink Corp.	18.02.2010		6.0.2221
CyberLink PowerDVD	CyberLink Corp.			7.3.5711.1
CyberLink PowerProducer	CyberLink Corp.	18.02.2010		5.0819
CyberLink UDF Reader 5.0				
DivX Converter	DivX, Inc.			7.1.0
DivX Plus DirectShow Filters	DivX, Inc.			
DivX-Setup	DivX, Inc. 			2.0.4.2
Easy Tune 6 B09.1120.1	GIGABYTE	09.01.2010		1.00.0000
Eigenschaften von Creative Sound Blaster	Creative Technology Limited			1.02
Facebook Plug-In	Facebook, Inc.			
Far Cry 2	Ubisoft	11.08.2010		1.03.00
Fraps (remove only)				
Free Audio CD Burner version 1.4	DVDVideoSoft Limited.	03.08.2010		
Free YouTube to MP3 Converter version 3.7	DVDVideoSoft Limited.	03.08.2010		
Grand Theft Auto IV	Rockstar Games	11.12.2009		1.00.0000
Großer ADAC ReisePlaner 2008/2009		04.12.2009		
ICQ 7.2 Build #3129 Banner Remover 1.0	murb.com	28.06.2010		
ICQ7.2	ICQ	28.06.2010		7.2
iPhone Explorer	Marx Softwareentwicklung (Germany)	31.01.2010		0.9.0
iTunes	Apple Inc.	12.09.2010		10.0.0.68
James Cameron's AVATAR(tm): DAS SPIEL	Ubisoft	27.01.2010		1.02.00
Java(TM) 6 Update 21	Sun Microsystems, Inc.	03.12.2009		6.0.210
LexiROM 2.0				
LG Tool Kit				9.01.1124.01
LightScribe System Software	LightScribe	18.02.2010		1.18.8.1
Logitech GamePanel Software 3.06.109	Logitech Inc.	12.09.2010		3.06.109
Logitech SetPoint	Logitech	04.01.2010		4.80
Logitech Webcam Software	Logitech Inc.			2.0
Logitech Webcam Software-Treiberpaket	Logitech Inc.			12.10.1110
LogMeIn Hamachi	LogMeIn, Inc.			2.0.2.85
Malwarebytes' Anti-Malware	Malwarebytes Corporation	12.09.2010		
Microsoft .NET Compact Framework 2.0 SP1	Microsoft Corporation	09.04.2010		2.0.6129
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation			4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation			4.0.30319
Microsoft Games for Windows - LIVE	Microsoft Corporation	17.06.2010		3.3.24.0
Microsoft Games for Windows - LIVE Redistributable	Microsoft Corporation	17.06.2010		3.2.3.0
Microsoft Office Enterprise 2007	Microsoft Corporation			12.0.6425.1000
Microsoft Office Live Add-in 1.5	Microsoft Corporation	17.06.2010		2.0.4024.1
Microsoft Rechner-Plus	Microsoft	03.12.2009		1.0.0
Microsoft Silverlight	Microsoft Corporation	17.06.2010		4.0.50524.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053	Microsoft Corporation	03.12.2009		8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	18.02.2010		8.0.59193
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148	Microsoft Corporation	03.12.2009		9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	03.12.2009		9.0.30729
Mozilla Firefox (3.6.10)	Mozilla			3.6.10 (de)
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	05.12.2009		4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	05.12.2009		4.20.9876.0
Need For Speed SHIFT	Electronic Arts	27.12.2009		
Nero 9 Trial	Nero AG	18.02.2010		
NVIDIA Display Control Panel	NVIDIA Corporation			6.14.12.5896
NVIDIA Drivers	NVIDIA Corporation			1.10.62.40
NVIDIA ForceWare Network Access Manager	NVIDIA Corporation	03.12.2009		1.00.7316
NVIDIA Performance	NVIDIA Corporation	03.08.2010		6.5
NVIDIA PhysX	NVIDIA Corporation	30.08.2010		9.10.0513
NVIDIA Stereoscopic 3D Driver	NVIDIA Corporation			7.17.12.5896
NVIDIA System Monitor	NVIDIA Corporation	03.08.2010		6.5
NVIDIA System Update	NVIDIA Corporation	03.08.2010		3.00
OpenAL				
oZone3D.Net FurMark v1.7.0	oZone3D.Net	06.12.2009		
pdf24	PDF24.org	04.12.2009		
PunkBuster Services	Even Balance, Inc.			0.986
QuickTime	Apple Inc.	16.09.2010		7.68.75.0
RealPlayer	RealNetworks			
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	08.12.2009		6.0.1.5973
RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition	Alexey Nicolaychuk			v2.24 MSI Master Overclocking Arena 2009 edition
Rockstar Games Social Club	Rockstar Games	11.12.2009		1.00.0000
SiSoftware Sandra Lite 2010	SiSoftware	09.12.2009		16.11.2010.1
Skype™ 4.2	Skype Technologies S.A.	24.07.2010		4.2.169
SUPER © Version 2009.bld.36 (June 10, 2009)	eRightSoft			Version 2009.bld.36 (June 10, 2009)
Tom Clancy's Splinter Cell Conviction	Ubisoft	01.06.2010		1.04.000
TuneUp Utilities	TuneUp Software			9.0.2010.9
Ubisoft Game Launcher	UBISOFT	01.06.2010		1.0.0.0
Uninstall 1.0.0.1		03.08.2010		
Virtual DJ - Atomix Productions				
VLC media player 1.0.3	VideoLAN Team			1.0.3
WD Diagnostics	Western Digital Technologies	04.08.2010		1.09.0002
Winamp	Nullsoft, Inc			5.581 
Winamp Erkennungs-Plug-in	Nullsoft, Inc	20.07.2010		1.0.0.1
Windows Live Essentials	Microsoft Corporation			14.0.8089.0726
Windows Live ID-Anmelde-Assistent	Microsoft Corporation	17.06.2010		6.500.3165.0
Windows Live-Uploadtool	Microsoft Corporation	03.12.2009		14.0.8014.1029
Windows Media Player Firefox Plugin	Microsoft Corp	03.12.2009		1.0.0.8
WinRAR				
WinZip 11.1	WinZip Computing, S.L. 	03.12.2009		11.1.7466
         

Alt 20.09.2010, 06:38   #15
kira
/// Helfer-Team
 
Windows Update und Windows Gadgets durch Virus blockiert - Standard

Windows Update und Windows Gadgets durch Virus blockiert



hi

1.
** Update Malwarebytes Anti-Malware, lass es nochmal anhand der folgenden Anleitung laufen:
  • per Doppelklick starten.
  • gleich mal die Datenbanken zu aktualisieren - online updaten
  • Vollständiger Suchlauf wählen (überall Haken setzen)
  • wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
  • alle Funde bis auf - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
  • Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"
eine bebilderte Anleitung findest Du hier: Malwarebytes Anti-Malware


Achtung!:
>>Du sollst die Programme nicht installieren, sondern dein System nur online scannen<<

2.
→ Den kompletten Rechner (also das ganze System) zu überprüfen (Systemprüfung ohne Säuberung) mit Kaspersky Online Scanner/klicke hier
→ um mit dem Vorgang fortzufahren klicke auf "Accept"
→ dann wähle "My computer" aus - Es dauert einige Zeit, bis ein Komplett-Scan durch gelaufen ist, also bitte um Geduld!
Es kann einige Zeit dauern, bis der Scan abgeschlossen ist - je nach Größe der Festplatte eine oder mehrere Stunden - also Geduld...
→ Report angezeigt, klicke auf "Save as" - den bitte kopieren und in deinem Thread hier einfügen
Vor dem Scan Einstellungen im Internet Explorer:
→ "Extras→ InternetoptionenSicherheit":
→ alles auf Standardstufe stellen
Active X erlauben - damit die neue Virendefinitionen installiert werden können

3.
Führe dann einen Komplett-Systemcheck mit Nod32 - die Scanergebnis als *.txt Dateien speichern)
- (ESET Online Scanner (Sicherheitseinstellungen wie unter Punkt 1.)
Speichere und Poste bitte das Logfile
Du musst einen Haken bei "Remove found threads" und "Scan archives" setzen

Antwort

Themen zu Windows Update und Windows Gadgets durch Virus blockiert
32-bit, antivir, antivir guard, avira, bho, blockiert, bonjour, c:\windows\system32\rundll32.exe, cc cleaner, converter, desktop, fehlermeldung, firefox, hijack, hijackthis, hkus\s-1-5-18, home, hängen, internet explorer, launch, monitor, mozilla, performance, plug-in, rundll, senden, software, system, virus, windows




Ähnliche Themen: Windows Update und Windows Gadgets durch Virus blockiert


  1. 2x | Windows Update Agent blockiert den Speicher!
    Mülltonne - 29.10.2015 (2)
  2. Probleme durch aktuelles Windows Update?
    Alles rund um Windows - 18.10.2015 (6)
  3. Windows 8.1 Start durch Update Installation scheinbar eingefroren
    Log-Analyse und Auswertung - 29.06.2015 (3)
  4. Windows 7 SP1: MSE durch Gruppenrichtlinie blockiert / Windows Defender nicht aktivierbar
    Log-Analyse und Auswertung - 20.11.2014 (8)
  5. Windows zerschossen durch Virenscanner-Update
    Antiviren-, Firewall- und andere Schutzprogramme - 20.11.2014 (3)
  6. ständiger Virenbefall mit Windows XP dank Update Einstellung durch Microsoft
    Antiviren-, Firewall- und andere Schutzprogramme - 11.10.2014 (5)
  7. Windows 7: Rootkit durch Avast Internet Security blockiert und in Virus Container verschoben
    Log-Analyse und Auswertung - 30.05.2014 (26)
  8. Windows 7 Meldung Win32/Small-CA Virus entfernen, AntiVir findet nichts, Windows Update und Defender funktionieren nicht mehr
    Log-Analyse und Auswertung - 20.11.2013 (15)
  9. Windows XP Update: 100% CPU durch svhost
    Log-Analyse und Auswertung - 14.09.2013 (5)
  10. Windows Update läuft nicht durch
    Alles rund um Windows - 09.05.2012 (0)
  11. Windows blockiert,schwarzer Bildschirm,50€ update
    Log-Analyse und Auswertung - 16.02.2012 (3)
  12. Windows blockiert, 50 Euro Update
    Log-Analyse und Auswertung - 15.02.2012 (15)
  13. Windows blockiert mit Verweis auf kostentenpflichtiges Update
    Plagegeister aller Art und deren Bekämpfung - 12.02.2012 (14)
  14. Windows Update und Windows Gadgets durch Virus blockiert
    Mülltonne - 16.09.2010 (2)
  15. Sicherheitslücke durch Windows-Update?
    Plagegeister aller Art und deren Bekämpfung - 13.10.2004 (10)
  16. backdoor durch windows update!!!!!!
    Plagegeister aller Art und deren Bekämpfung - 16.03.2003 (46)

Zum Thema Windows Update und Windows Gadgets durch Virus blockiert - Hallo zusammen, es ist zwar Sonntag, aber ich muss euch leider mit meinen "wehwehchen" nerven. Ich hatte gestern einen Fraud.sysguard infekt, den ich durch Malewarebythes, Spybot und Antivir gelöscht habe - Windows Update und Windows Gadgets durch Virus blockiert...
Archiv
Du betrachtest: Windows Update und Windows Gadgets durch Virus blockiert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.