| |
| |||||||
Log-Analyse und Auswertung: Internet Explorer läuft im Hintergrung und zeigt pop-ups (IQ-Test, Online Poker, ...)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
14.07.2010, 15:27
| #1 |
| |  Internet Explorer läuft im Hintergrung und zeigt pop-ups (IQ-Test, Online Poker, ...) Hallo. Ich benutze auschliesslich Firefox. Trotzdem läuft seit einigen Tagen eine Instanz von IE im Hintergrund. Ab und an kommt ein Popup im IE mit Werbung für IQ-Test, Online Poker, etc. Hife ist sehr willkommen. Hier die Logs: info.txt logfile of random's system information tool 1.08 2010-07-14 15:47:20 ======Uninstall list====== -->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->C:\Programme\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\SETUP.exe -l0x0007 -removeonly -->C:\Programme\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\SETUP.exe -l0x0007 -removeonly -->C:\WINDOWS\IsUn0407.exe -fC:\WINDOWS\orun32.isu -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205} -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382} -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 32 Bit HP CIO Components Installer-->MsiExec.exe /I{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D} 3DMiracle & 3DMonster toolkit (remove only)-->"C:\Programme\USL\3DMiracle\uninstall.exe" Access Help-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{C6FA39A7-26B1-480A-BC74-6D17531AC222}\Setup.exe" -l0x7 UNINSTALL ActivePerl 5.10.1 Build 1007-->MsiExec.exe /I{F7B9B60F-DBB3-4116-967B-BA93E278331E} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin Adobe Reader 7.1.0 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A71000000002} Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe" Anzeige am Bildschirm-->rundll32.exe "C:\Programme\Lenovo\HOTKEY\cleanup.dll",InfUninstall DefaultUninstall.XP 132 C:\Programme\Lenovo\HOTKEY\tphk_tp.inf Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} ATI - Dienstprogramm zur Deinstallation der Software-->C:\Programme\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x5c00 ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class  ISPLAY -cleanATI HYDRAVISION-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe" AVI2ISO 2.10.00 - RC1-->MsiExec.exe /I{C927D25E-4508-43EA-8024-58D6172C413B} AviSynth 2.5-->"C:\Programme\AviSynth 2.5\Uninstall.exe" Batch Picture Protector 2.0-->"C:\Programme\Batch Picture Protector\unins000.exe" BitPim 1.0.6-->"C:\Programme\BitPim\unins000.exe" Canon CanoScan Toolbox 4.9-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}\Setup.exe" -l0x7 anything Canon ScanGear Starter-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}\SETUP.EXE" -l0x7 anything Catalyst Control Center - Branding-->MsiExec.exe /I{57FA0525-01F9-4051-8DE9-CBF43CAC68D9} CCleaner-->"C:\Programme\CCleaner\uninst.exe" Cisco Systems VPN Client 5.0.04.0300-->MsiExec.exe /X{51FB15F4-AD27-43BC-AD4B-DD0354FB6BBD} Client Security Solution-->MsiExec.exe /I{48227AEB-DC8E-4A90-A274-0B4A39D699B1} CLUE Classic-->C:\PROGRA~1\GAMEHO~1\CLUECL~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\CLUECL~1\INSTALL.LOG Compatibility Pack für 2007 Office System-->MsiExec.exe /X{90120000-0020-0407-0000-0000000FF1CE} Cross+A-->C:\Programme\CrossA\uninstall.exe DATA BECKER Stream Catcher 2 FREE-->"C:\Programme\DATA BECKER\Stream Catcher 2 FREE\unins000.exe" Dienstprogramm 'ThinkPad-Tastaturanpassung'-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2111B23F-7FDA-4A41-8309-E5A1663CA296}\Setup.exe" -l0x7 anything Diskeeper Lite-->MsiExec.exe /X{796E076A-82F7-4D49-98C8-DEC0C3BC733A} DVD Shrink 3.2-->"C:\Programme\DVD Shrink\unins000.exe" Ergänzung zu Productivity Center für ThinkPad-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D728E945-256D-4477-B377-6BBA693714AC}\setup.exe" -l0x7 -AddRemove FLV to AVI MPEG WMV 3GP MP4 iPod Converter 3.9.1108-->"C:\Programme\FLV to AVI MPEG WMV 3GP MP4 iPod Converter\unins000.exe" Free FLV Converter V 6.6.4-->"C:\Programme\Free FLV Converter\unins000.exe" Funktion "TrackPoint-Eingabehilfen"-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{EA664480-3844-11D5-8C25-444553540000}\Setup.exe" GIMP 2.6.7-->"C:\Programme\GIMP-2.0\setup\unins000.exe" GnuWin32: Grep-2.5.4-->"C:\Programme\GnuWin32\uninstall\unins000.exe" Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Help Center-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{986F64DC-FF15-449D-998F-EE3BCEC6666A}\SETUP.EXE" -l0x7 -AddRemove HijackThis 2.0.2-->"I:\down\hijackthis\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix für Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Hotfix für Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Hotfix für Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Hotfix für Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Hotfix für Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Hotfix für Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" Hotfix für Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe" HP Deskjet D1600 Printer Driver Software 13.0 Rel .6-->C:\Programme\HP\Digital Imaging\{2CD0168D-FBBC-4667-8810-105CB6EC6348}\setup\hpzscr01.exe -datfile hphscr33.dat -onestop -forcereboot hp LaserJet 1150 / 1300-->MsiExec.exe /x {1485B7CD-4CBD-4039-8EAE-5A22993D7F54} HP Update-->MsiExec.exe /X{818ABC3C-635C-4651-8183-D0E9640B7DD1} IBM Tivoli Storage Manager Client-->MsiExec.exe /I{DC8B8F84-FC23-47C6-B5F4-F0AEC59D5481} Intel PROSet Wireless-->Intel PROSet Wireless Intel(R) Network Connections Drivers-->Prounstl.exe InterVideo WinDVD Creator 3-->"C:\Programme\InstallShield Installation Information\{7FC3BBEC-5A91-41B0-9CB8-960EC4421411}\setup.exe" REMOVEALL InterVideo WinDVD-->"C:\Programme\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL IvanView-->"C:\Programme\IvanView\uninstall.exe" Java 2 Runtime Environment, SE v1.4.2_19-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142190} Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF} Kerio MailServer 6.7 Administration-->MsiExec.exe /X{2E515E87-521B-43A6-AFDD-5FC7B30B2627} LANconfig-->C:\Programme\LANCOM\setup.exe /remove:LANconfig LANmonitor/WLANmonitor-->C:\Programme\LANCOM\setup.exe /remove:LANmonitor Lenovo System Interface Driver-->RunDll32.exe setupapi.dll,InstallHinfSection DefaultUninstall.NTx86 130 C:\Programme\Lenovo\SMIIF\lnvsmi.inf Lenovo ThinkVantage Toolbox-->C:\Programme\PC-Doctor\uninst.exe Logitech Harmony Remote Software 7-->C:\Programme\InstallShield Installation Information\{5C6F884D-680C-448B-B4C9-22296EE1B206}\Setup.exe -runfromtemp -l0x0007 -removeonly Maintenance Manager-->Rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\AWAYTASK.INF Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe" MD5 Checksum Verifier 3.1-->"C:\Programme\MD5 Checksum Verifier\unins000.exe" Message Center Plus-->MsiExec.exe /X{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A} Microsoft .NET Framework 1.1 German Language Pack-->MsiExec.exe /X{E78BFA60-5393-4C38-82AB-E8019E464EB4} Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU-->MsiExec.exe /I{9309DD7E-EBFE-3C95-8B47-30D3A012F606} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 German Language Pack-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 German Language Pack\setup.exe Microsoft .NET Framework 3.0 German Language Pack-->MsiExec.exe /X{F2A7F421-1679-48D5-B918-96999014ED53} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWdf01009$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110407-6000-11D3-8CFE-0150048383C9} Microsoft Office Visio Professional 2003-->MsiExec.exe /I{90510409-6000-11D3-8CFE-0150048383C9} Microsoft Office Visio Viewer 2007-->MsiExec.exe /I{95120000-0052-0407-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} MINICLIP The Scruffs-->"C:\Programme\The_Scruffs\uninstall.exe" Mobile Modem Assistant-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{A6B7B910-69BE-4873-8CA8-B5C37BAFE9F4}\Setup.exe" -l0x7 Mobile Phone Manager-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{938D9C57-3CF0-4DA8-B04E-EF99501859B5} /l1031 Mozilla Firefox (3.5.10)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E} mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4} Norton Internet Security-->C:\Programme\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\562C4DD5\17.7.0.12\InstStub.exe /X OpenVPN 2.0.9-gui-1.0.3-->C:\Programme\OpenVPN\Uninstall.exe OziExplorer 3.95-->"c:\Programms\OziExplorer\unins000.exe" Picasa 2-->"C:\Programme\Picasa2\Uninstall.exe" PixiePack Codec Pack-->MsiExec.exe /I{582610B8-E496-4813-993C-4B027173FE38} Pocket Stars-->MsiExec.exe /I{416777F0-72FE-4AB9-BBA0-B8B1C3CED9E7} Präsentationsdirektor-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{65706020-7B6F-41F2-8047-FC69579E386A}\SETUP.EXE" -l0x7 -AddRemove Protect Disc License Helper 1.0.118-->C:\Programme\ProtectDisc\License Helper\uninst.exe ProtectDisc Driver, Version 11-->C:\Programme\ProtectDisc Driver Installer\uninstall_v11.exe PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u QPST-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{31228E31-2BFF-11D2-8866-00805F0D9D40}\Setup.exe" -uninst Quake Live Mozilla Plugin-->MsiExec.exe /I{0B533F34-22BA-4301-BAF8-EA1CEDB06F9E} QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68} RealPlayer-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382} RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629} RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205} Remote Control USB Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{8471021C-F529-43DE-84DF-3612E10F58C4}\setup.exe" -l0x9 -removeonly Remove Multimedia Center-->C:\swtools\apps\MMCfTO\customiz\sequencer.exe -fc:\swtools\apps\MMCfTO\customiz\uninst.seq Rescue and Recovery Critical Patch for Windows Update (KB917422)-->MsiExec.exe /X{83E5061B-A69A-46AD-A780-1DA6569FF283} Rescue and Recovery-->MsiExec.exe /I{7726CF62-7B45-4E6D-9266-615346816BCA} Security Task Manager 1.7h-->C:\Programme\Security Task Manager\Uninstal.exe "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Security Task Manager" Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Sicherheitsupdate für Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB978207)-->"C:\WINDOWS\ie7updates\KB978207-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB982381)-->"C:\WINDOWS\ie7updates\KB982381-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe" SmartSync-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{5B12573C-9C90-4790-BFEE-2BC43C2EB997}\Setup.exe" UNINSTALL Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} Sonic Icons for Lenovo-->MsiExec.exe /I{B334D9AE-1393-423E-97C0-3BDC3360E692} Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E} SoundMAX-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x7 -removeonly SpywareBlaster 4.3-->"C:\Programme\SpywareBlaster\unins000.exe" Stellaris 1.40-->MsiExec.exe /I{72124829-4B9D-4476-BB5A-A958BC0FEC53} Stellarium 0.10.4-->"C:\Programme\Stellarium\unins000.exe" System Migration Assistant-->MsiExec.exe /X{9EA84FDD-CCC0-47FD-A993-923165BEA47A} System Update-->MsiExec.exe /X{8675339C-128C-44DD-83BF-0A5D6ABD8297} Tales of Monkey Island - Lair of the Leviathan-->C:\Programme\Telltale Games\Tales of Monkey Island\UNINSTALL_MonkeyIsland103.exe Tales of Monkey Island - Launch of the Screaming Narwhal-->C:\Programme\Telltale Games\Tales of Monkey Island\UNINSTALL_MonkeyIsland101.exe Tales of Monkey Island - Rise of the Pirate God-->C:\Programme\Telltale Games\Tales of Monkey Island\UNINSTALL_MonkeyIsland105.exe Tales of Monkey Island - The Trial and Execution of Guybrush Threepwood-->C:\Programme\Telltale Games\Tales of Monkey Island\UNINSTALL_MonkeyIsland104.exe The BankRobber-->MsiExec.exe /I{96F0A92D-7029-4452-A100-C78322F943B7} ThinkPad Bluetooth with Enhanced Data Rate Software-->MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679} ThinkPad Energie-Manager-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}\SETUP.EXE" -l0x7 -AddRemove ThinkPad FullScreen Magnifier-->rundll32.exe "C:\Programme\Lenovo\ZOOM\cleanup.dll",InfUninstall DefaultUninstall 132 C:\Programme\Lenovo\Zoom\TpScrex.inf ThinkPad Modem-->C:\Programme\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588\UIU32m.exe -U -ITkp0588k.INF ThinkPad PC Card Power Policy-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUnInstall 132 C:\SWTOOLS\OSFIXES\PCMCIAPW\pcmciapw.inf ThinkPad Power Management Driver-->RunDll32.exe tpinspm.dll,Uninstall ThinkPad UltraNav Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall ThinkPad UltraNav Utility-->"C:\Programme\InstallShield Installation Information\{17CBC505-D1AE-459D-B445-3D2000A85842}\setup.exe" -runfromtemp -l0x0007 /zUNINSTALL -removeonly ThinkPad-Dienstprogramm 'EasyEject'-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{1297C681-92D7-40EF-93BF-03F66EC5105C}\SETUP.EXE" -l0x7 -AddRemove ThinkPad-Konfiguration-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{FC081D4D-DF1B-4CF1-B530-027E4118D846}\setup.exe" -l0x7 -AddRemove ThinkPad-UltraNav-Assistent-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}\SETUP.EXE" -l0x7 UNINSTALL ThinkVantage Access Connections-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{7EB114D8-207F-45AE-BABD-1669715F2630}\setup.exe" -l0x7 anything ThinkVantage Fingerprint Software-->MsiExec.exe /I{6CE851D7-DD98-489A-9227-5BBE08E7064B} ThinkVantage Productivity Center-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}\setup.exe" -l0x7 -AddRemove ThinkVantage System für aktiven Festplattenschutz-->MsiExec.exe /X{46A84694-59EC-48F0-964C-7E76E9F8A2ED} ThinkVantage Technologies Welcome Message-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{1007F41F-7D69-468E-8017-3849A5A973C2}\SETUP.EXE" -l0x7 anything Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update für Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe" Update für Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe" Update für Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Update für Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Update für Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Update für Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Update für Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Update für Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Update für Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Update für Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Update für Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" VideoLAN VLC media player 0.8.6f-->C:\Programme\VideoLAN\VLC\uninstall.exe Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" VMware Remote Console Plug-in-->MsiExec.exe /X{D2F28E39-9813-41D3-8EC9-BAADA38C426D} VMware Workstation-->MsiExec.exe /I{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA} Wallpapers-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}\Setup.exe" -l0x7 UNINSTALL Watermark-->MsiExec.exe /I{36132C2B-4043-46F6-982A-E1D2A8B3F18D} Wichtiges Update für Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401} Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52} Windows Live Toolbar-->"C:\Programme\Windows Live Toolbar\UnInstall.exe" {10DDCDDD-9A59-4496-9371-C17F1668D433} Windows Live Toolbar-->MsiExec.exe /X{10DDCDDD-9A59-4496-9371-C17F1668D433} Windows Media Connect-->"C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe" Windows Media Format 11 runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\Programme\Windows Media Player\Setup_wm.exe" /Uninstall Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} Windows Presentation Foundation Language Pack (DEU)-->MsiExec.exe /X{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790} Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840} Windows Vista Upgrade Advisor-->MsiExec.exe /I{C6AA3FB7-804F-4808-AD91-B62D6ED9B788} Windows Workflow Foundation DE Language Pack-->MsiExec.exe /I{7228FD8C-3B9E-4204-AE36-8A466107685B} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" Wings 3D 1.2-->C:\Programme\wings3d_1.2\Uninstall.exe WinRAR archiver-->C:\Programme\WinRAR\uninstall.exe WinStars 2.0-->"C:\Programme\WinStars2\unins000.exe" XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" XP Themes-->MsiExec.exe /I{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4} XviD MPEG-4 Video Codec rev.1.2.0.-->"C:\Programme\XviD MPEG-4 Video Codec 1.2.0\unins000.exe" Youda Farmer-->"C:\WINDOWS\Youda Farmer\uninstall.exe" "/U:C:\Programme\Youda Farmer\Uninstall\uninstall.xml" Youda Legend - The Curse of the Amsterdam Diamond 1.00-->C:\Programme\Games\Youda Legend - The Curse of the Amsterdam Diamond\Uninstall.exe ======Hosts File====== 127.0.0.1 localhost ======Security center information====== AV: Norton Internet Security (disabled) FW: Norton Internet Security (disabled) ======System event log====== Computer Name: PC Event Code: 8 Message: Der Drucker "Auto Microsoft XPS Document Writer on PC (von PC1)" wurde geräumt. Record Number: 29184 Source Name: Print Time Written: 20100516131843.000000+120 Event Type: Warnung User: NT-AUTORITÄT\SYSTEM Computer Name: PC Event Code: 3 Message: Der Drucker "Microsoft XPS Document Writer (von PC1)" wurde gelöscht. Record Number: 29183 Source Name: Print Time Written: 20100516131843.000000+120 Event Type: Warnung User: NT-AUTORITÄT\SYSTEM Computer Name: PC Event Code: 4 Message: Das Löschen des Druckers "Microsoft XPS Document Writer (von PC1)" steht noch aus. Record Number: 29182 Source Name: Print Time Written: 20100516131843.000000+120 Event Type: Warnung User: NT-AUTORITÄT\SYSTEM Computer Name: PC Event Code: 8 Message: Der Drucker "Microsoft XPS Document Writer (von PC1)" wurde geräumt. Record Number: 29181 Source Name: Print Time Written: 20100516131843.000000+120 Event Type: Warnung User: NT-AUTORITÄT\SYSTEM Computer Name: PC Event Code: 3 Message: Der Drucker "Auto Microsoft XPS Document Writer on PC (von PC1)" wurde gelöscht. Record Number: 29180 Source Name: Print Time Written: 20100516122301.000000+120 Event Type: Warnung User: NT-AUTORITÄT\SYSTEM =====Application event log===== Computer Name: PC Event Code: 1517 Message: Die Registrierung des Benutzers "PC\xy" wurde gespeichert, obwohl eine Anwendung oder ein Dienst auf die Registrierung während der Abmeldung zugegriffen hat. Der von der Registrierung des Benutzers verwendete Speicher wurde nicht freigegeben. Der Upload der Registrierung wird durchgeführt, wenn diese nicht mehr verwendet wird. Dies wird oft durch Dienste verursacht, die unter einem Benutzerkonto ausgeführt werden. Versuchen Sie diese so zu Konfigurieren, dass sie unter den Konten "Lokaler Dienst" oder "Netzwerkdienst" ausgeführt werden. Record Number: 9563 Source Name: Userenv Time Written: 20091128124230.000000+060 Event Type: Warnung User: NT-AUTORITÄT\SYSTEM Computer Name: PC Event Code: 35 Message: Record Number: 9562 Source Name: Norton AntiVirus Time Written: 20091128122523.000000+060 Event Type: Informationen User: NT-AUTORITÄT\SYSTEM Computer Name: PC Event Code: 34 Message: Record Number: 9561 Source Name: Norton AntiVirus Time Written: 20091128122523.000000+060 Event Type: Informationen User: NT-AUTORITÄT\SYSTEM Computer Name: PC Event Code: 0 Message: Record Number: 9560 Source Name: gupdate Time Written: 20091128122330.000000+060 Event Type: Informationen User: Computer Name: PC Event Code: 1800 Message: Der Windows-Sicherheitscenterdienst wurde gestartet. Record Number: 9559 Source Name: SecurityCenter Time Written: 20091128122309.000000+060 Event Type: Informationen User: ======Environment variables====== "CLASSPATH"=.;C:\Programme\Java\j2re1.4.2_19\lib\ext\QTJava.zip "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "NUMBER_OF_PROCESSORS"=2 "OS"=Windows_NT "Path"=C:\Perl\site\bin;C:\Perl\bin;C:\Programme\ThinkPad\Utilities;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\Diskeep er Corporation\Diskeeper\;C:\Programme\Gemeinsame Dateien\Lenovo;C:\Programme\Lenovo\Client Security Solution;C:\Programme\ATI Technologies\ATI.ACE\Core-Static;C:\Programme\ThinkPad\ConnectUtilities;C:\Programme\QuickTime\QTSystem\;C:\Programme\Intel\WiFi\bin\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 12, GenuineIntel "PROCESSOR_LEVEL"=6 "PROCESSOR_REVISION"=0e0c "QTJAVA"=C:\Programme\Java\j2re1.4.2_19\lib\ext\QTJava.zip "RR"=C:\Programme\Lenovo\Rescue and Recovery "SMA"=C:\Programme\ThinkVantage\SMA\ "SonicCentral"=C:\Programme\Gemeinsame Dateien\Sonic Shared\Sonic Central\ "SWSHARE"=C:\SWSHARE "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "TPCCommon"=C:\PROGRA~1\THINKV~2\PrdCtr "TVT"=C:\Programme\Lenovo "TVTCOMMON"=C:\Programme\Gemeinsame Dateien\Lenovo "TVTPYDIR"=C:\Programme\Gemeinsame Dateien\Lenovo\Python24 "windir"=%SystemRoot% "TSMPATH"=C:\Program Files\ThinkPad\UltraNav Utility -----------------EOF----------------- Logfile of random's system information tool 1.08 (written by random/random) Run by xy at 2010-07-14 15:47:07 Microsoft Windows XP Professional Service Pack 3 System drive C: has 2 GB (4%) free of 45 GB Total RAM: 2046 MB (45% free) HijackThis download failed ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\Auf Updates für Windows Live Toolbar prüfen.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\MP Scheduled Scan.job C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job C:\WINDOWS\tasks\PMTask.job C:\WINDOWS\tasks\SystemToolsDailyTest.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-10-11 308832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2006-02-02 110652] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Symantec NCO BHO - C:\Programme\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll [2010-05-13 394608] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Symantec Intrusion Prevention - C:\Programme\Norton Internet Security\Engine\17.7.0.12\IPSBHO.DLL [2010-05-14 79224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}] Windows Live Toolbar Helper - C:\Programme\Windows Live Toolbar\msntb.dll [2007-02-12 546672] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F040E541-A427-4CF7-85D8-75E3E0F476C5}] CPwmIEBrowserHelper Object - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2006-07-14 719616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Programme\Windows Live Toolbar\msntb.dll [2007-02-12 546672] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Programme\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll [2010-05-13 394608] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "PWRMGRTR"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor [] "BLOG"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog [] "EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2009-12-01 256576] "TpShocks"=C:\WINDOWS\system32\TpShocks.exe [2009-12-11 337256] "SoundMAX"=C:\Programme\Analog Devices\SoundMAX\Smax4.exe [2005-05-06 716800] "DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2006-02-02 122940] "SoundMAXPnP"=C:\Programme\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696] "LPManager"=C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe [2009-07-23 185688] "LPMailChecker"=C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe [2009-07-23 124248] "ACWLIcon"=C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe [2010-03-01 181608] "TPHOTKEY"=C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe [2009-12-21 69568] "TPFNF7"=C:\Programme\Lenovo\NPDIRECT\TPFNF7SP.exe [2010-03-26 62312] "SynTPEnh"=C:\Programme\Synaptics\SynTP\SynTPEnh.exe [2009-12-03 1594664] "Windows Defender"=C:\Programme\Windows Defender\MSASCui.exe [2006-11-03 866584] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACWLIcon] C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe [2010-03-01 181608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMSG] C:\Programme\ThinkVantage\AMSG\Amsg.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AwaySch] C:\Programme\Lenovo\AwayTask\AwaySch.EXE [2006-11-07 91688] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cssauth] C:\Programme\Lenovo\Client Security Solution\cssauth.exe [2006-07-14 2341632] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Digimarc Watermark Initializer] C:\Programme\Digimarc\Reader For Images\WMInit.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray] C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe [2006-05-18 196696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe /CHECKNOW [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe [2004-07-27 81920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LPMailChecker] C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe [2009-07-23 124248] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe [2009-07-23 185688] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Message Center Plus] C:\Programme\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27 49976] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\openvpn-gui] C:\Programme\OpenVPN\bin\openvpn-gui.exe [2005-08-18 99328] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDService.exe] C:\Programme\Lenovo\SafeGuard PrivateDisk\pdservice.exe [2006-03-13 41472] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe [2006-03-16 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Programme\QuickTime\QTTask.exe [2009-05-26 413696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartSync - ScheduleSync] C:\PROGRA~1\MOBILE~1\SMARTS~1\SCHEDU~1.EXE [2006-02-02 45056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-29 61440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusClient] C:\Programme\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Programme\Java\jre6\bin\jusched.exe [2009-10-11 149280] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe [2009-12-03 1594664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe [2009-12-03 128296] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup] C:\Programme\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TP4EX] C:\WINDOWS\system32\tp4ex.exe [2005-10-17 65536] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPHOTKEY] C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe [2009-12-21 69568] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPKMAPHELPER] C:\Programme\ThinkPad\Utilities\TpKmapAp.exe [2006-06-02 856064] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPKMAPMN] C:\Programme\ThinkPad\Utilities\TpKmapMn.exe [2006-06-02 36864] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tunebite] C:\Programme\RapidSolution\Tunebite\Tunebite.exe -tray [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe [2008-03-04 487424] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] C:\Programme\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ACNotify] C:\Programme\ThinkPad\ConnectUtilities\ACNotify.dll [2010-03-01 32768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2009-09-29 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AwayNotify] C:\Programme\Lenovo\AwayTask\AwayNotify.dll [2006-08-16 49152] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus] C:\Programme\ThinkVantage Fingerprint Software\psqlpwd.dll [2009-12-01 100104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli psqlpwd ACGina C:\Programme\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "EditLevel"=0 "NoRun"=0 "NoClose"=0 "NoCommonGroups"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=255 "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Programme\LANCOM\LANconfig\lanconf.exe"="C:\Programme\LANCOM\LANconfig\lanconf.exe:*:Enabled:LANconfig" "C:\Programme\LANCOM\LANmonitor\lanmon.exe"="C:\Programme\LANCOM\LANmonitor\lanmon.exe:*:Enabled:LANmonitor/WLANmonitor" "C:\WINDOWS\system32\ftp.exe"="C:\WINDOWS\system32\ftp.exe:*:Enabled:Programm zur Dateiübertragung" "C:\Programme\uTorrent\uTorrent.exe"="C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:* isabled:@xpsp2res.dll,-22019""%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Programme\Vuze\Azureus.exe"="C:\Programme\Vuze\Azureus.exe:* isabled:Azureus""C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7" "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB" "C:\xampplite\apache\bin\apache.exe"="C:\xampplite\apache\bin\apache.exe:*:Enabled:Apache HTTP Server" "C:\xampplite\mysql\bin\mysqld.exe"="C:\xampplite\mysql\bin\mysqld.exe:*:Enabled:mysqld" "I:\xampplite\apache\bin\apache.exe"="I:\xampplite\apache\bin\apache.exe:*:Enabled:Apache HTTP Server" "I:\xampplite\mysql\bin\mysqld.exe"="I:\xampplite\mysql\bin\mysqld.exe:*:Enabled:mysqld" "C:\Programme\VMware\VMware Workstation\vmware-authd.exe"="C:\Programme\VMware\VMware Workstation\vmware-authd.exe:*:Enabled:VMware Authd" "C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS15.tmp\SymNRT.exe"="C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS15.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool" "C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS16.tmp\SymNRT.exe"="C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS16.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool" "C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS25.tmp\SymNRT.exe"="C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS25.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool" "C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS12.tmp\SymNRT.exe"="C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS12.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool" "C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS14.tmp\SymNRT.exe"="C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS14.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool" "C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS17.tmp\SymNRT.exe"="C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS17.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool" "C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS19.tmp\SymNRT.exe"="C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS19.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool" "C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS1B.tmp\SymNRT.exe"="C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS1B.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool" "C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS10.tmp\SymNRT.exe"="C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS10.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool" "C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS13.tmp\SymNRT.exe"="C:\Dokumente und Einstellungen\xy\Lokale Einstellungen\Temp\7zS13.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool" "C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Programme\HP\Digital Imaging\bin\hpqste08.exe"="C:\Programme\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Programme\HP\Digital Imaging\bin\hposid01.exe"="C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Programme\HP\Digital Imaging\bin\hpoews01.exe"="C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe" "C:\Programme\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Programme\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe" "C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe" "C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe" "C:\Programme\HP\HP Software Update\HPWUCli.exe"="C:\Programme\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe" "C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7" "C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Programme\HP\Digital Imaging\bin\hpqste08.exe"="C:\Programme\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Programme\HP\Digital Imaging\bin\hposid01.exe"="C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Programme\HP\Digital Imaging\bin\hpoews01.exe"="C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Programme\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe" "C:\Programme\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Programme\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe" "C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Programme\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe" "C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Programme\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe" "C:\Programme\HP\HP Software Update\HPWUCli.exe"="C:\Programme\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe" "C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Programme\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe" ======List of files/folders created in the last 1 months====== 2010-07-14 15:47:07 ----D---- C:\rsit 2010-07-14 15:47:07 ----D---- C:\Programme\trend micro 2010-07-14 12:35:28 ----D---- C:\Dokumente und Einstellungen\xy\Anwendungsdaten\Malwarebytes 2010-07-14 12:35:13 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2010-07-14 12:35:12 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes 2010-07-14 12:35:11 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2010-07-14 12:35:09 ----D---- C:\Programme\Malwarebytes' Anti-Malware 2010-07-14 11:31:46 ----D---- C:\Programme\CCleaner 2010-07-14 04:25:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$ 2010-07-13 14:52:43 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan 2010-07-13 14:52:38 ----D---- C:\Programme\Security Task Manager 2010-07-12 23:20:20 ----N---- C:\WINDOWS\system32\MpSigStub.exe 2010-07-12 23:19:44 ----D---- C:\Programme\Windows Defender 2010-07-12 18:59:07 ----ASH---- C:\hiberfil.sys 2010-07-12 18:22:31 ----D---- C:\Programme\SpywareBlaster 2010-07-12 13:00:29 ----D---- C:\WINDOWS\Minidump 2010-07-12 12:56:00 ----A---- C:\WINDOWS\system32\drivers\SBREDrv.sys 2010-07-12 10:41:21 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lavasoft 2010-07-10 00:03:55 ----D---- C:\Programme\Spybot - Search & Destroy 2010-07-10 00:03:55 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy 2010-07-07 12:48:40 ----D---- C:\Dokumente und Einstellungen\xy\Anwendungsdaten\DivX 2010-07-07 12:45:59 ----D---- C:\Programme\DivX 2010-07-07 12:45:50 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DivX 2010-06-25 02:30:06 ----D---- C:\spoolerlogs 2010-06-18 19:39:51 ----D---- C:\Dokumente und Einstellungen\xy\Anwendungsdaten\Update 2010-06-18 19:33:00 ----D---- C:\Programme\PC-Doctor 2010-06-18 14:12:37 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL 2010-06-18 14:12:37 ----A---- C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2010-06-18 14:12:36 ----D---- C:\Programme\Gemeinsame Dateien\Symantec Shared 2010-06-18 14:11:22 ----D---- C:\Programme\Norton Internet Security 2010-06-18 14:10:10 ----D---- C:\Programme\NortonInstaller 2010-06-18 13:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$ 2010-06-18 13:50:17 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$ 2010-06-18 13:47:11 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$ 2010-06-18 13:43:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$ 2010-06-18 13:43:45 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$ 2010-06-18 13:43:35 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$ ======List of files/folders modified in the last 1 months====== 2010-07-14 15:47:07 ----RD---- C:\Programme 2010-07-14 15:44:54 ----D---- C:\WINDOWS\Temp 2010-07-14 13:34:11 ----D---- C:\Programme\Mozilla Firefox 2010-07-14 13:03:35 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-07-14 12:56:23 ----SD---- C:\WINDOWS\Tasks 2010-07-14 12:55:41 ----D---- C:\WINDOWS\system32\CatRoot2 2010-07-14 12:54:45 ----A---- C:\WINDOWS\system32\PROCDB.INI 2010-07-14 12:54:36 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VMware 2010-07-14 12:53:38 ----AD---- C:\WINDOWS\system32 2010-07-14 12:53:38 ----A---- C:\WINDOWS\system32\IPSCtrl.INI 2010-07-14 12:53:03 ----SHD---- C:\System Volume Information 2010-07-14 12:51:51 ----SHD---- C:\Config.Msi 2010-07-14 12:51:48 ----SHD---- C:\WINDOWS\Installer 2010-07-14 12:51:41 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-07-14 12:51:41 ----D---- C:\WINDOWS\system32\drivers 2010-07-14 11:52:36 ----D---- C:\SWSHARE 2010-07-14 11:51:33 ----AD---- C:\WINDOWS 2010-07-14 11:44:45 ----D---- C:\WINDOWS\Debug 2010-07-14 10:38:26 ----HD---- C:\WINDOWS\system32\GroupPolicy 2010-07-14 10:05:31 ----HD---- C:\WINDOWS\inf 2010-07-14 04:25:57 ----ASHD---- C:\WINDOWS\system32\dllcache 2010-07-14 04:25:45 ----HD---- C:\WINDOWS\$hf_mig$ 2010-07-14 04:25:21 ----D---- C:\Programme\Gemeinsame Dateien\Microsoft Shared 2010-07-14 03:07:25 ----D---- C:\WINDOWS\Prefetch 2010-07-12 23:19:44 ----SD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft 2010-07-12 18:18:03 ----D---- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard 2010-07-12 17:37:34 ----D---- C:\WINDOWS\system32\drivers\etc 2010-07-12 17:18:03 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-07-12 12:46:09 ----D---- C:\WINDOWS\WinSxS 2010-07-10 03:48:37 ----D---- C:\WINDOWS\SxsCaPendDel 2010-07-10 03:40:50 ----D---- C:\Dokumente und Einstellungen\xy\Anwendungsdaten\uTorrent 2010-07-09 23:53:44 ----ASH---- C:\boot.ini 2010-07-09 23:53:44 ----A---- C:\WINDOWS\win.ini 2010-07-09 23:53:44 ----A---- C:\WINDOWS\system.ini 2010-07-07 12:46:42 ----D---- C:\Programme\Gemeinsame Dateien 2010-07-02 21:39:05 ----A---- C:\WINDOWS\system32\MRT.exe 2010-07-02 09:32:28 ----D---- C:\daten 2010-06-25 14:09:53 ----D---- C:\WINDOWS\Microsoft.NET 2010-06-25 14:09:45 ----RSD---- C:\WINDOWS\assembly 2010-06-19 15:32:46 ----D---- C:\WINDOWS\system32\wbem 2010-06-18 19:38:47 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PCDr 2010-06-18 19:16:31 ----D---- C:\WINDOWS\Media 2010-06-18 19:03:04 ----D---- C:\WINDOWS\system32\drivers\NIS 2010-06-18 14:12:37 ----D---- C:\Programme\Symantec 2010-06-18 14:11:19 ----D---- C:\down 2010-06-18 13:48:22 ----A---- C:\WINDOWS\vbaddin.ini 2010-06-18 13:37:27 ----D---- C:\WINDOWS\system32\de-de 2010-06-18 13:37:27 ----D---- C:\Programme\Internet Explorer 2010-06-18 13:30:30 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Symantec ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 DozeHDD;DozeHDD; C:\WINDOWS\System32\DRIVERS\DozeHDD.sys [2010-05-12 24304] R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2006-03-01 89472] R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2009-08-07 330264] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-04-27 45648] R0 Shockprf;Shockprf; C:\WINDOWS\System32\DRIVERS\Apsx86.sys [2009-10-09 120360] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-03-27 717296] R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\NIS\1107000.00C\SYMDS.SYS [2009-08-30 328752] R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\NIS\1107000.00C\SYMEFA.SYS [2010-04-22 173104] R0 TPDIGIMN;TPDIGIMN; C:\WINDOWS\System32\DRIVERS\ApsHM86.sys [2009-10-09 20520] R1 ANC;ANC; C:\WINDOWS\System32\drivers\ANC.SYS [2005-09-28 11520] R1 BHDrvx86;BHDrvx86; \??\C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100709.001\BHDrvx86.sys [] R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\NIS\1107000.00C\ccHPx86.sys [2010-02-26 501888] R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-11-18 5660] R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-11-18 22684] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys [] R1 IBMTPCHK;IBMTPCHK; \??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys [] R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 lenovo.smi;Lenovo System Interface Driver; C:\WINDOWS\system32\DRIVERS\smiif32.sys [2008-05-12 13480] R1 Smapint;Smapint; C:\WINDOWS\System32\drivers\Smapint.sys [2006-10-02 14848] R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NIS\1107000.00C\SRTSPX.SYS [2010-04-22 43696] R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NIS\1107000.00C\Ironx86.SYS [2010-04-29 116784] R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SYMTDI.SYS [2010-05-06 361904] R1 TDSMAPI;TDSMAPI; C:\WINDOWS\System32\drivers\TDSMAPI.SYS [2006-10-02 9343] R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys [2008-05-12 17844] R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwrif.sys [2010-05-12 4442] R1 TSMAPIP;TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [2010-03-26 4608] R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032] R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys [] R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [] R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-02-02 25628] R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2006-02-02 2496] R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-02-02 86652] R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-02-02 14684] R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-02-02 6364] R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-02-02 87036] R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-02-02 94332] R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-11-18 40544] R2 EGATHDRV;IBM eGatherer; \??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS [] R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\drivers\hcmon.sys [] R2 irda;IrDA-Protokoll; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672] R2 pmem;pmem; \??\C:\WINDOWS\System32\drivers\pmemnt.sys [] R2 PrivateDisk;PrivateDisk; \??\C:\Programme\Lenovo\SafeGuard PrivateDisk\PrivateDiskM.sys [] R2 PROCDD;IPS-Helper-Treiber; C:\WINDOWS\system32\DRIVERS\PROCDD.SYS [2006-11-06 12080] R2 s24trans;WLAN-Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2009-08-10 13952] R2 smi2;smi2; \??\C:\Programme\SMI2\smi2.sys [] R2 smihlp2;SMI Helper Driver (smihlp2); \??\C:\Programme\ThinkVantage Fingerprint Software\smihlp.sys [] R2 tvtfilter;tvtfilter; \??\C:\WINDOWS\system32\drivers\tvtfilter.sys [] R2 vmci;VMware vmci; \??\C:\WINDOWS\system32\Drivers\vmci.sys [] R2 VMnetBridge;VMware Bridge Protocol; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2009-03-26 31280] R2 VMnetuserif;VMware Network Application Interface; \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys [] R2 vmx86;VMware vmx86; \??\C:\WINDOWS\system32\Drivers\vmx86.sys [] R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Programme\VMware\VMware Workstation\vstor2-ws60.sys [] R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-06-20 178688] R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-09-29 3565056] R3 atmeltpm;atmeltpm; C:\WINDOWS\system32\DRIVERS\atmeltpm.sys [2005-05-17 15872] R3 btaudio;Bluetooth-Audiogerät; C:\WINDOWS\system32\drivers\btaudio.sys [2006-05-31 328285] R3 BTKRNL;Bluetooth-Bus-Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-05-31 851434] R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2008-03-29 125328] R3 Dot4;MS IEEE-1284.4-Treiber; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976] R3 Dot4Print;Druckerklassentreiber für IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928] R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-18 23936] R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2009-06-18 234496] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [] R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2009-11-18 26608] R3 IDSxpx86;IDSxpx86; \??\C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100713.001\IDSxpx86.sys [] R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060] R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288] R3 NAVENG;NAVENG; \??\C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100713.040\NAVENG.SYS [] R3 NAVEX15;NAVEX15; \??\C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100713.040\NAVEX15.SYS [] R3 NETw5x32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows XP 32-Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2010-01-13 6598656] R3 psadd;Lenovo Parties Service Access Device Driver; C:\WINDOWS\system32\DRIVERS\psadd.sys [2009-06-11 30144] R3 Rasirda;WAN-Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SRTSP.SYS [2010-04-22 325680] R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-12-03 230832] R3 tap0801;TAP-Win32 Adapter V8; C:\WINDOWS\system32\DRIVERS\tap0801.sys [2006-10-01 26624] R3 TcUsb;TC USB Kernel Driver; C:\WINDOWS\System32\Drivers\tcusb.sys [2008-12-09 50832] R3 TVTPktFilter;TVT Packet Filter Service; C:\WINDOWS\system32\DRIVERS\tvtpktfilter.sys [2006-07-14 17664] R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 vmkbd2;VMware kbd2; \??\C:\WINDOWS\system32\drivers\VMkbd.sys [] R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2009-03-26 16560] R3 vsbus;Virtual Serial Bus Enumerator; C:\WINDOWS\system32\DRIVERS\vsb.sys [2005-09-12 15264] R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136] S3 actser;actser; C:\WINDOWS\system32\drivers\actser.sys [2005-09-12 29440] S3 an85arju;an85arju; C:\WINDOWS\system32\drivers\an85arju.sys [] S3 BTDriver;Virtueller Bluetooth-Kommunikationstreiber; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-05-31 30427] S3 BTWDNDIS;Bluetooth-LAN-Zugangsserver; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-05-31 148996] S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-31 67384] S3 CSVirtA;Cisco Systems SSL VPN Adapter; C:\WINDOWS\system32\DRIVERS\CSVirtA.sys [] S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275] S3 DrmRDriverV32;DrmRDriverV32; C:\WINDOWS\system32\drivers\DrmRDriverV32.sys [2007-12-24 515200] S3 DrmRVideo32;DrmRVideo32; C:\WINDOWS\system32\DRIVERS\DrmRVideo32.sys [2007-12-24 3768] S3 E100B;Intel(R) PRO-Adaptertreiber; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-18 117760] S3 G400;G400; C:\WINDOWS\system32\DRIVERS\G400m.sys [2001-08-18 322432] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2009-08-26 49920] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2009-08-26 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2009-08-26 21568] S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-11-01 989696] S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-11-01 211456] S3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\hsxhwazl.sys [2005-12-06 192512] S3 NETw3x32;Intel(R) PRO/Wireless 3945ABG Adaptertreiber für Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw3x32.sys [2006-09-27 1709696] S3 NETw4x32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-11-27 2236544] S3 NSCIRDA;NSC-Infrarotgerätetreiber; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672] S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408] S3 PcdrNdisuio;PCDRNDISUIO Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\pcdrndisuio.sys [] S3 PCDSRVC{5DFA639C-CA071B29-06000000}_0;PCDSRVC{5DFA639C-CA071B29-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\programme\pc-doctor\pcdsrvc.pkms [] S3 susbser;BenQ Siemens USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\susbser.sys [2006-08-17 91136] S3 tbhsd;Tunebite High-Speed Dubbing; C:\WINDOWS\system32\drivers\tbhsd.sys [2008-02-20 27936] S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys [] S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\WINDOWS\System32\DRIVERS\vserial.sys [2005-09-12 47744] S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-11-01 731520] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S4 agp440;Intel AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368] S4 agpCPQ;Compaq AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928] S4 alim1541;ALI AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752] S4 amdagp;AMD AGP-Bus-Filtertreiber; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008] S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952] S4 sisagp;SIS AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960] S4 viaagp;VIA AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AcPrfMgrSvc;Ac Profile Manager Service; C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [2010-03-01 103784] R2 AcSvc;Access Connections Main Service; C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe [2010-03-01 243048] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-09-29 602112] R2 btwdins;Bluetooth Service; C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe [2006-05-31 266295] R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Programme\Cisco Systems\VPN Client\cvpnd.exe [2008-08-29 1528608] R2 DBService;DATA BECKER Update Service; C:\Programme\Gemeinsame Dateien\DATA BECKER Shared\DBService.exe [2009-01-18 187456] R2 Diskeeper;Diskeeper; C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe [2006-05-23 622700] R2 DozeSvc;Lenovo Doze Mode Service; C:\Programme\ThinkPad\Utilities\DOZESVC.EXE [2010-05-12 132456] R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Programme\Intel\WiFi\bin\EvtEng.exe [2010-01-19 858384] R2 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2009-11-18 38248] R2 IPSSVC;IPS-Basisservice; C:\WINDOWS\system32\IPSSVC.EXE [2007-01-30 108080] R2 Irmon;Infrarotüberwachung; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-10-11 153376] R2 MDM;Machine Debug Manager; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120] R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 NIS;Norton Internet Security; C:\Programme\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe [2010-02-26 126392] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-03-01 70968] R2 Power Manager DBC Service;Power Manager DBC Service; C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe [2010-05-12 53248] R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe [2010-01-19 473360] R2 S24EventMonitor;Intel(R) PROSet/Wireless WiFi Service; C:\Programme\Intel\WiFi\bin\S24EvMon.exe [2010-01-19 954368] R2 SUService;System Update; c:\programme\lenovo\system update\suservice.exe [2009-02-06 28672] R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe [2007-09-26 644408] R2 TPHKSVC;Anzeige am Bildschirm; C:\Programme\LENOVO\HOTKEY\TPHKSVC.exe [2010-01-18 63928] R2 TpKmpSVC;IBM KCU Service; C:\WINDOWS\system32\TpKmpSVC.exe [2005-06-06 32768] R2 TSSCoreService;TSS Core Service; C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe [2006-07-14 723712] R2 TVT Backup Service;TVT Backup Service; C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe [2006-07-14 1974272] R2 TVT Scheduler;TVT Scheduler; C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe [2008-03-04 1122304] R2 tvtnetwk;tvtnetwk; C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe [2006-07-14 45056] R2 VMAuthdService;VMware Authorization Service; C:\Programme\VMware\VMware Workstation\vmware-authd.exe [2009-03-26 113200] R2 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\system32\vmnetdhcp.exe [2009-03-26 326192] R2 VMware NAT Service;VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [2009-03-26 399920] R2 WinDefend;Windows Defender; C:\Programme\Windows Defender\MsMpEng.exe [2006-11-03 13592] R2 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576] R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S2 gupdate;Google Update Service (gupdate); C:\Programme\Google\Update\GoogleUpdate.exe [2009-10-12 133104] S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Programme\LENOVO\HOTKEY\MICMUTE.exe [2009-11-17 44984] S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 OpenVPNService;OpenVPN Service; C:\Programme\OpenVPN\bin\openvpnserv.exe [2006-10-01 16384] S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 PsaSrv;IBM PSA Access Driver Control; C:\WINDOWS\system32\PsaSrv.exe [] S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\WINDOWS\System32\TPHDEXLG.exe [2009-10-09 39976] S3 ufad-ws60;VMware Agent Service; C:\Programme\VMware\VMware Workstation\vmware-ufad.exe [2008-12-01 191024] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 NetTcpPortSharing;Net.Tcp-Portfreigabedienst; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- |
| Themen zu Internet Explorer läuft im Hintergrung und zeigt pop-ups (IQ-Test, Online Poker, ...) |
| .com, 32-bit, acroiehelper.dll, ad-aware, becker, bho, browser, components, converter, curse, device driver, document, down, eraser, exe.exe, festplatte, flash player, fontcache, gerätetreiber, hotfix.exe, iastor.sys, install.exe, installation, internet, internet explorer, intrusion prevention, jusched.exe, lenovo, logfile, m.exe, monkey island, msiexec.exe, notification, popup, proxy, registry, remote software, security, security update, service pack 1, software, sptd.sys, svchost.exe, system, thinkvantage registry monitor service, updates, usb, vista, vlc media player, werbung, windows, windows internet, windows internet explorer, windows xp, windows-sicherheitscenterdienst |
Baum-Darstellung