| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Viele Bluescreens, dann SchlachtmusikWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
03.08.2010, 13:31
| #1 |
| |  Viele Bluescreens, dann Schlachtmusik Hallo! Ich hab dieses Problem jetzt schon öfter hier gelesen, und auch schon vieles ausprobiert, was in den anderen Threads vorgeschlagen wurde, allerdings hat bis jetzt nichts geholfen. Vor einigen Tagen ist mein Laptop immer wieder direkt nach dem Hochfahren abgestürzt. Bluescreen mit der Meldung IRQL NOT LESS OR EQUAL. Im Endeffekt konnte ich das umgehen, indem ich jetzt das WLAN statt dem Netzwerkkabel benutze. Als das dann funktioniert hat, kam aber das Schlachtmusik-Problem, das in diesem Forum mehrere haben. Hier mal mein HiJackLog Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:48:51, on 03.08.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe C:\Windows\System32\rundll32.exe C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe C:\Program Files\Apoint\Apoint.exe C:\Windows\System32\rundll32.exe C:\Program Files\Media\iTunes\iTunesHelper.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\AutoHotkey\AutoHotkey.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\DllHost.exe c:\Users\***\Downloads\HiJackThis204.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Asz.Citavi.IEPicker.IEPickerButton - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\system32\mscoree.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Media\Quicktime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\Media\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - Startup: ac'tivAid.lnk = C:\Program Files\ac'tivAid\ac'tivAid.ahk O4 - Global Startup: VPN Client.lnk = ? O8 - Extra context menu item: &Citavi Picker... - file://C:\Program Files\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Citavi Picker - {619D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\system32\mscoree.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file:///F:/components/hidinputmonitorx.ocx O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} (A9Helper.A9) - file:///F:/components/A9.ocx O16 - DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} (WMVHDRatingCtrl Class) - file:///F:/components/wmvhdrating.ocx O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = aa.swh.mhn.de O17 - HKLM\Software\..\Telephony: DomainName = aa.swh.mhn.de O17 - HKLM\System\CCS\Services\Tcpip\..\{36094DB0-41AF-4EBD-AE32-8E295AF1A0FD}: Domain = uni-muenchen.de O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = aa.swh.mhn.de O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = aa.swh.mhn.de O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 12176 bytes CCleaner auch schon ausgeführt. Außerdem SUPERAntiSpyware und Malwarebytes. Die beiden haben ich vorgestern einen vollen Scan machen lassen, da hat er viele Sachen gefunden und gelöscht. Problem war aber nicht behoben. Dann RSIT durchlaufen lassen, hier RSIT info: [QUOTE]info.txtRSIT Logfile: Code:
ATTFilter logfile of random's system information tool 1.08 2010-08-03 13:24:52
======Uninstall list======
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->MsiExec.exe /I{0394CDC8-FABD-4ED8-B104-03393876DFDF}
-->MsiExec.exe /I{0D397393-9B50-4C52-84D5-77E344289F87}
-->MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
-->MsiExec.exe /I{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}
-->MsiExec.exe /I{83FFCFC7-88C6-41C6-8752-958A45325C82}
-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
ac'tivAid v1.3.1-->C:\Program Files\AutoHotkey\AutoHotkey.exe "C:\Program Files\ac'tivAid\ac'tivAid.ahk" uninstall
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin
Adobe Premiere Elements 4.0 Templates-->msiexec /I {F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}
Adobe Premiere Elements 4.0 Templates-->MsiExec.exe /I{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}
Adobe Premiere Elements 4.0-->msiexec /I {3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}
Adobe Premiere Elements 4.0-->MsiExec.exe /I{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}
Adobe Reader 8.1.4 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81300000003}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Alps Pointing-device for VAIO-->C:\Program Files\Apoint\Uninstap.exe ADDREMOVE
AnyDVD-->"C:\Program Files\Media\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\Media\AnyDVD"
Apple Application Support-->MsiExec.exe /I{B2D328BE-45AD-4D92-96F9-2151490A203E}
Apple Mobile Device Support-->MsiExec.exe /I{85991ED2-010C-4930-96FA-52F43C2CE98A}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft Magic-i Visual Effects Installer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9AB83A3C-604D-4B4F-AA25-A23A3FC39844}\Setup.exe" -l0x7
Atlantis - Sky Patrol (remove only)-->C:\Big Fish Games\Atlantis - Sky Patrol\Uninstall.exe
Attribute Changer 6.10b-->C:\Program Files\Tools\Attribute Changer\uninstall.exe
Audacity 1.3.5 (Unicode)-->"C:\Program Files\Media\Audacity 1.3 Beta (Unicode)\unins000.exe"
AutoHotkey 1.0.47.06-->C:\Program Files\AutoHotkey\uninst.exe
Avanquest update-->"C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe" -runfromtemp -l0x0007 -removeonly
AVI Splitter-->"C:\Program Files\Tools\avisplit\unins000.exe"
Avid Codecs LE-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE64A793-CD35-4950-B878-C9D1A4AC9ECC}\SETUP.exe" -l0x9 -removeonly
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC37A846-53AC-4DA7-98FA-76A4E74AA900}\setup.exe" -l0x7 -removeonly
Big Fish Games Center-->C:\Big Fish Games\Uninstall.exe
Big Fish Games Sudoku (remove only)-->C:\Big Fish Games\sudoku\Uninstall.exe
Black & White® 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}\setup.exe" -l0x7 -removeonly
Bonjour-->MsiExec.exe /X{0CB9668D-F979-4F31-B8B8-67FE90F929F8}
Broken Sword 2.5-->"H:\Spiele\Broken Sword 2.5\unins000.exe"
Brother MFL-Pro Suite MFC-490CW-->"C:\Program Files\InstallShield Installation Information\{D9461574-5FC0-4641-BBDC-D1038B196F55}\Setup.exe" -runfromtemp -l0x0007 UNINSTALL Reg=BH9_C2 -removeonly
Browser Address Error Redirector-->regsvr32 /u /s "C:\PROGRA~1\GOOGLE~1\BAE.dll"
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini"
Canon Internet Library for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini"
Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Utilities CameraWindow-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini"
Canon Utilities Digital Photo Professional 3.3-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\Digital Photo Professional\Uninst.ini"
Canon Utilities EOS Utility-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
Canon Utilities MyCamera-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCamera\Uninst.ini"
Canon Utilities Original Data Security Tools-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\Original Data Security Tools\Uninst.ini"
Canon Utilities PhotoStitch-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
Canon Utilities Picture Style Editor-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\Picture Style Editor\Uninst.ini"
Canon Utilities RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon Utilities ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
Canon ZoomBrowser EX Memory Card Utility-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX MCU\Uninst.ini"
CCleaner-->"C:\Program Files\Tools\CCleaner\uninst.exe"
Cisco Systems VPN Client 5.0.03.0530-->MsiExec.exe /X{4C271126-C295-4828-A901-5910AE0C258B}
Citavi 2.5-->C:\Program Files\Tools\Citavi\Deinstallieren.exe
Click to Disc Editor-->C:\Program Files\InstallShield Installation Information\{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}\setup.exe -runfromtemp -l0x0407
Click to Disc-->C:\Program Files\InstallShield Installation Information\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}\setup.exe -runfromtemp -l0x0007 -removeonly
CloneDVD2-->"C:\Program Files\Media\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Media\CloneDVD2"
Commandos 3 - Destination Berlin-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C270BC04-1540-4673-960F-A546B2C860CD}\SETUP.EXE"
COWON D2 User's Guide-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5347403-63C2-4B7A-AF63-AB3FE4F907B7}\Setup.exe" -l0x9
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DSD Direct Player-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{533D0A8A-D7E7-4F15-BC9E-FF2916A6BAA7}\setup.exe" -l0x7 -removeonly
DSD Direct-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}\setup.exe" -l0x7 -removeonly
DSD Playback Plug-in-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{009E7FB7-1775-4D89-8956-F5C9A1C019FC}\setup.exe" -l0x7 -removeonly
Duden Korrektor-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{91BF142C-E8C0-4279-A98D-A61A4404CF56}
Duplicate File Finder 1.1.0.3-->"C:\Program Files\Tools\Duplicate File Finder\unins000.exe"
DVD Shrink 3.2-->"C:\Program Files\Tools\DVD Shrink\unins000.exe"
eMule-->"C:\Program Files\Media\eMule\Uninstall.exe"
FoxyTunes for Firefox-->"C:\Program Files\Mozilla Firefox\firefox.exe" -chrome chrome://foxytunes/content/extras/uninstallExtension.xul
Free DVD Video Burner version 2.1-->"C:\Program Files\DVDVideoSoft\Free DVD Video Burner\unins000.exe"
Free Video to DVD Converter version 1.2-->"C:\Program Files\Tools\Free Video to DVD Converter\unins000.exe"
Garmin USB Drivers-->MsiExec.exe /X{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}
GearDrvs-->MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23}
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466}
Google Talk (remove only)-->"C:\Program Files\Google\Google Talk\uninstall.exe"
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
GTA2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}\Setup.exe" -l0x9
HDAUDIO SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200\UIU32m.exe -U -ISnSZIRXz.inf
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
IDT Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{07D8511D-C9FE-4A93-933F-EAA5C8F20095}\setup.exe" -l0x7 -remove -removeonly
Instant Mode-->C:\Program Files\InstallShield Installation Information\{E6707034-D7A4-49B1-94D0-F5AACE46F06C}\setup.exe -runfromtemp -l0x0009 -removeonly
iTunes-->MsiExec.exe /I{7AB3A249-FB81-416B-917A-A2A10E74C503}
Jasc Paint Shop Pro 9-->MsiExec.exe /I{F843C6A3-224D-4615-94F8-3C461BD9AEA0}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Mahjong Towers Eternity EU (remove only)-->C:\Big Fish Games\Mahjong Towers Eternity EU\Uninstall.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Tools\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme-->MsiExec.exe /X{90120000-00B2-0407-0000-0000000FF1CE}
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile DEU Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1031 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile DEU Language Pack-->MsiExec.exe /X{F750C986-5310-3A5A-95F8-4EC71C8AC01C}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Works-->MsiExec.exe /I{4EA2F95F-A537-4D17-9E7F-6B3FF8D9BBE3}
Mozilla Firefox (3.6.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (3.0.4)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Mystery Case Files - Prime Suspects (remove only)-->C:\Big Fish Games\Mystery Case Files - Prime Suspects\Uninstall.exe
Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
Office-Bibliothek-->MsiExec.exe /I{5C81B189-5456-40C4-9313-7FE6FA6DD64C}
OpenMG Limited Patch 4.7-07-15-19-01-->C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.7-07-15-19-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.7.00-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL
PaperPort Image Printer-->MsiExec.exe /X{2BC2781A-F7F6-452E-95EB-018A522F1B2C}
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
Roxio Activation Module-->MsiExec.exe /I{07159635-9DFE-4105-BFC0-2817DB540C68}
Roxio Easy Media Creator Home-->MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912C462042A0}
ScanSoft PaperPort 11-->MsiExec.exe /I{7A8FF745-BBC5-482B-88E4-18D3178249A9}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB982135)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0112C750-A06F-4F92-9C40-E5C1EA9A70EB}
Setting Utility Series-->"C:\Program Files\InstallShield Installation Information\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}\setup.exe" -runfromtemp -l0x0007 -removeonly
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SonicStage Mastering Studio Audio Filter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}\setup.exe" -l0x7 -removeonly
SonicStage Mastering Studio Plugins-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}\setup.exe" -l0x7 -removeonly
SonicStage Mastering Studio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6332AFF1-9D9A-429C-AA03-F82749FA4F49}\setup.exe" -l0x7 -removeonly
Sony Ericsson MD300 Wireless Modem-->MsiExec.exe /I{EF4E0DA6-02E0-47BF-9BB6-DC0E83CC6F4C}
Sony Ericsson PC Suite 4.010.00-->C:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\setup.exe -runfromtemp -l0x0007 -removeonly
Sony Ericsson Wireless Manager 5-->MsiExec.exe /I{37964A88-DAA1-488B-AE88-A5B6DDC6E9A6}
Sony Video Shared Library-->C:\Program Files\InstallShield Installation Information\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}\setup.exe -runfromtemp -l0x0007 -removeonly
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
TreeSize Free V2.3.1-->"C:\Program Files\Tools\TreeSize Free\unins000.exe"
TweetDeck-->MsiExec.exe /X{362F8AC6-4EA5-C5AC-ED7E-1F49F0EE20D5}
twhirl-->msiexec /qb /x {B73BEEBE-3D94-2634-B5D1-28B8269489FF}
twhirl-->MsiExec.exe /I{B73BEEBE-3D94-2634-B5D1-28B8269489FF}
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
VAIO Camera Capture Utility-->"C:\Program Files\InstallShield Installation Information\{6D2576EC-A0E9-418A-A09A-409933A3B6F4}\setup.exe" -runfromtemp -l0x0007 -removeonly
VAIO Content Folder Setting-->"C:\Program Files\InstallShield Installation Information\{23825B69-36DF-4DAD-9CFD-118D11D80F16}\setup.exe" -runfromtemp -l0x0007 -removeonly
VAIO Content Metadata Intelligent Analyzing Manager-->C:\Program Files\InstallShield Installation Information\{ABF29EC7-47C1-4C63-8FE7-3824FD66F357}\setup.exe -runfromtemp -l0x0007 -removeonly
VAIO Content Metadata Manager Setting-->C:\Program Files\InstallShield Installation Information\{69351E9E-23ED-41D5-B146-EDBF83C63B66}\setup.exe -runfromtemp -l0x0007 -removeonly
VAIO Content Metadata XML Interface Library-->C:\Program Files\InstallShield Installation Information\{B5E2DF30-1061-4DB4-AF28-08996C8E5680}\setup.exe -runfromtemp -l0x0007 -removeonly
VAIO Control Center-->"C:\Program Files\InstallShield Installation Information\{72042FA6-5609-489F-A8EA-3C2DD650F667}\setup.exe" -runfromtemp -l0x0007 -removeonly
VAIO Data Restore Tool-->C:\Program Files\InstallShield Installation Information\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}\setup.exe -runfromtemp -l0x0007 -removeonly
VAIO DVD Menu Data Basic-->C:\Program Files\InstallShield Installation Information\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}\setup.exe -runfromtemp -l0x0007 -removeonly
VAIO Entertainment Platform-->C:\Program Files\InstallShield Installation Information\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}\setup.exe -runfromtemp -l0x0007 -removeonly
VAIO Event Service-->"C:\Program Files\InstallShield Installation Information\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}\setup.exe" -runfromtemp -l0x0007 -removeonly
VAIO Launcher-->"C:\Program Files\InstallShield Installation Information\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}\setup.exe" -runfromtemp -l0x0007 -removeonly
Vaio Marketing Tools-->C:\Program Files\Sony\Marketing Tools\Uninstaller.exe /bootstrap
VAIO Media 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{560F6B2E-F0DF-44E5-8190-A4A161F0E205}\setup.exe" -l0x7 UNINSTALL -removeonly
VAIO Media AC3 Decoder 1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}\Setup.exe" -l0x7 UNINSTALL
VAIO Media Content Collection 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{500162A0-4DD5-460A-BAFD-895AAE48C532}\setup.exe" -l0x7 UNINSTALL -removeonly
VAIO Media Integrated Server 6.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{785EB1D4-ECEC-4195-99B4-73C47E187721}\setup.exe" -l0x7 UNINSTALL -removeonly
VAIO Media Redistribution 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}\setup.exe" -l0x7 UNINSTALL -removeonly
VAIO Media Registration Tool 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}\setup.exe" -l0x7 UNINSTALL -removeonly
VAIO Movie Story Template Data-->C:\Program Files\InstallShield Installation Information\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}\setup.exe -runfromtemp -l0x0007 -removeonly
VAIO Movie Story-->C:\Program Files\InstallShield Installation Information\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}\setup.exe -runfromtemp -l0x0007 -removeonly
VAIO MusicBox Sample Music-->"C:\Program Files\InstallShield Installation Information\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}\setup.exe" -runfromtemp -l0x0007 -removeonly
VAIO MusicBox-->"C:\Program Files\InstallShield Installation Information\{4EA55D20-27FB-45D7-8726-147E8A5F6C62}\setup.exe" -runfromtemp -l0x0007 -removeonly
VAIO Original Function Setting-->"C:\Program Files\InstallShield Installation Information\{A63E7492-A0BC-4BB9-89A7-352965222380}\setup.exe" -runfromtemp -l0x0007 -removeonly
VAIO Power Management-->"C:\Program Files\InstallShield Installation Information\{802889F8-6AF5-45A5-9764-CA5B999E50FC}\setup.exe" -runfromtemp -l0x0007 -removeonly
VAIO Update 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48820099-ED7D-424B-890C-9A82EF00656D}\setup.exe" -l0x7 -removeonly
VAIO Wallpaper Contents-->"C:\Program Files\InstallShield Installation Information\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}\setup.exe" -runfromtemp -l0x0007 -removeonly
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Virtual Villagers (remove only)-->C:\Big Fish Games\Virtual Villagers\Uninstall.exe
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 1.0.1-->C:\Program Files\Media\VLC\uninstall.exe
Vuze-->C:\Program Files\Media\Azureus\uninstall.exe
WIDCOMM Bluetooth Software 6.1.0.2000-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)-->rundll32.exe C:\PROGRA~1\DIFX\15B7F172FC21855D\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\grmnusb.inf_0efc767c\grmnusb.inf
Windows Live Messenger-->MsiExec.exe /I{279DB581-239C-4E13-97F8-0F48E40BE75C}
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinDVD BD for VAIO-->C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x0407
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinX Video Converter 4.4.5-->"C:\Program Files\Tools\WinX_Video_Converter\unins000.exe"
Wireless Switch Setting Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}\setup.exe" -l0x7 -removeonly
======Security center information======
AS: Avira AntiVir PersonalEdition
AS: Spybot - Search and Destroy (disabled) (outdated)
AS: Windows-Defender (disabled)
======System event log======
Computer Name: ***
Event Code: 33
Message: Die älteste Schattenkopie von Volume "C:" wurde gelöscht, um den Datenträger-Speicherplatz für Schattenkopien auf Volume "C:" unterhalb des benutzerdfinierten Limits zu belassen.
Record Number: 234879
Source Name: volsnap
Time Written: 20100205230554.714000-000
Event Type: Informationen
User:
Computer Name: ***
Event Code: 7036
Message: Dienst "Volumeschattenkopie" befindet sich jetzt im Status "Beendet".
Record Number: 234878
Source Name: Service Control Manager
Time Written: 20100205230341.000000-000
Event Type: Informationen
User:
Computer Name: ***
Event Code: 7036
Message: Dienst "Microsoft-Softwareschattenkopie-Anbieter" befindet sich jetzt im Status "Ausgeführt".
Record Number: 234877
Source Name: Service Control Manager
Time Written: 20100205230001.000000-000
Event Type: Informationen
User:
Computer Name: ***
Event Code: 7036
Message: Dienst "Volumeschattenkopie" befindet sich jetzt im Status "Ausgeführt".
Record Number: 234876
Source Name: Service Control Manager
Time Written: 20100205230001.000000-000
Event Type: Informationen
User:
Computer Name: ***
Event Code: 7036
Message: Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" befindet sich jetzt im Status "Beendet".
Record Number: 234875
Source Name: Service Control Manager
Time Written: 20100205222655.000000-000
Event Type: Informationen
User:
=====Application event log=====
Computer Name: ***
Event Code: 0
Message:
Record Number: 5100
Source Name: VAIO Event Service
Time Written: 20080529070250.000000-000
Event Type: Informationen
User:
Computer Name: ***
Event Code: 7
Message: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)
Record Number: 5099
Source Name: VzCdbSvc
Time Written: 20080529070250.000000-000
Event Type: Fehler
User:
Computer Name: ***
Event Code: 5615
Message: Der Windows-Verwaltungsinstrumentationsdienst wurde erfolgreich gestartet.
Record Number: 5098
Source Name: Microsoft-Windows-WMI
Time Written: 20080529070249.000000-000
Event Type: Informationen
User:
Computer Name: ***
Event Code: 0
Message:
Record Number: 5097
Source Name: IviRegMgr
Time Written: 20080529070247.000000-000
Event Type: Informationen
User:
Computer Name: ***
Event Code: 4096
Message: Der AntiVir Dienst wurde erfolgreich gestartet!
Record Number: 5096
Source Name: Avira AntiVir
Time Written: 20080529070246.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
=====Security event log=====
Computer Name: ***
Event Code: 4624
Message: Ein Konto wurde erfolgreich angemeldet.
Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: ***
Kontodomäne: ***
Anmelde-ID: 0x3e7
Anmeldetyp: 5
Neue Anmeldung:
Sicherheits-ID: S-1-5-18
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e7
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}
Prozessinformationen:
Prozess-ID: 0x2a4
Prozessname: C:\Windows\System32\services.exe
Netzwerkinformationen:
Arbeitsstationsname:
Quellnetzwerkadresse: -
Quellport: -
Detaillierte Authentifizierungsinformationen:
Anmeldeprozess: Advapi
Authentifizierungspaket: Negotiate
Übertragene Dienste: -
Paketname (nur NTLM): -
Schlüssellänge: 0
Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.
Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".
Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).
Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.
Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.
Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
- Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
- Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
- Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
- Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
Record Number: 43926
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090620085415.820555-000
Event Type: Überwachung erfolgreich
User:
Computer Name: ***
Event Code: 4648
Message: Anmeldeversuch mit expliziten Anmeldeinformationen.
Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: ***
Kontodomäne: ***
Anmelde-ID: 0x3e7
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}
Konto, dessen Anmeldeinformationen verwendet wurden:
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}
Zielserver:
Zielservername: localhost
Weitere Informationen: localhost
Prozessinformationen:
Prozess-ID: 0x2a4
Prozessname: C:\Windows\System32\services.exe
Netzwerkinformationen:
Netzwerkadresse: -
Port: -
Dieses Ereignis wird bei einem Anmeldeversuch durch einen Prozess generiert, wenn ausdrücklich die Anmeldeinformationen des Kontos angegeben werden. Dies ist normalerweise der Fall in Batch-Konfigurationen, z. B. bei geplanten Aufgaben oder wenn der Befehl "runas" verwendet wird.
Record Number: 43925
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090620085415.820555-000
Event Type: Überwachung erfolgreich
User:
Computer Name: ***
Event Code: 4672
Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen.
Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e7
Berechtigungen: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 43924
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090620085415.773755-000
Event Type: Überwachung erfolgreich
User:
Computer Name: ***
Event Code: 4624
Message: Ein Konto wurde erfolgreich angemeldet.
Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: ***
Kontodomäne: ***
Anmelde-ID: 0x3e7
Anmeldetyp: 5
Neue Anmeldung:
Sicherheits-ID: S-1-5-18
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e7
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}
Prozessinformationen:
Prozess-ID: 0x2a4
Prozessname: C:\Windows\System32\services.exe
Netzwerkinformationen:
Arbeitsstationsname:
Quellnetzwerkadresse: -
Quellport: -
Detaillierte Authentifizierungsinformationen:
Anmeldeprozess: Advapi
Authentifizierungspaket: Negotiate
Übertragene Dienste: -
Paketname (nur NTLM): -
Schlüssellänge: 0
Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.
Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".
Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).
Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.
Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.
Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
- Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
- Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
- Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
- Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
Record Number: 43923
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090620085415.773755-000
Event Type: Überwachung erfolgreich
User:
Computer Name: ***
Event Code: 4648
Message: Anmeldeversuch mit expliziten Anmeldeinformationen.
Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: ***
Kontodomäne: ***
Anmelde-ID: 0x3e7
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}
Konto, dessen Anmeldeinformationen verwendet wurden:
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}
Zielserver:
Zielservername: localhost
Weitere Informationen: localhost
Prozessinformationen:
Prozess-ID: 0x2a4
Prozessname: C:\Windows\System32\services.exe
Netzwerkinformationen:
Netzwerkadresse: -
Port: -
Dieses Ereignis wird bei einem Anmeldeversuch durch einen Prozess generiert, wenn ausdrücklich die Anmeldeinformationen des Kontos angegeben werden. Dies ist normalerweise der Fall in Batch-Konfigurationen, z. B. bei geplanten Aufgaben oder wenn der Befehl "runas" verwendet wird.
Record Number: 43922
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090620085415.773755-000
Event Type: Überwachung erfolgreich
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\Samsung\Samsung PC Studio 3;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\Media\Quicktime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"configsetroot"=%SystemRoot%\ConfigSetRoot
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"asl.log"=Destination=file;OnFirstLog=command,environment
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
und hier RSIT log: RSIT Logfile: Code:
ATTFilter Logfile of random's system information tool 1.08 (written by random/random) Run by *** at 2010-08-03 13:24:46 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 20 GB (11%) free of 180 GB Total RAM: 2046 MB (54% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:24:50, on 03.08.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Windows\System32\rundll32.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Windows\System32\rundll32.exe C:\Program Files\Media\iTunes\iTunesHelper.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Apoint\Apntex.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\System32\mobsync.exe C:\Users\***\Desktop\RSIT.exe C:\Program Files\trend micro\***.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Asz.Citavi.IEPicker.IEPickerButton - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\system32\mscoree.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Media\Quicktime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\Media\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - Startup: ac'tivAid.lnk = C:\Program Files\ac'tivAid\ac'tivAid.ahk O4 - Global Startup: VPN Client.lnk = ? O8 - Extra context menu item: &Citavi Picker... - file://C:\Program Files\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Citavi Picker - {619D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\system32\mscoree.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file:///F:/components/hidinputmonitorx.ocx O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} (A9Helper.A9) - file:///F:/components/A9.ocx O16 - DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} (WMVHDRatingCtrl Class) - file:///F:/components/wmvhdrating.ocx O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = aa.swh.mhn.de O17 - HKLM\Software\..\Telephony: DomainName = aa.swh.mhn.de O17 - HKLM\System\CCS\Services\Tcpip\..\{36094DB0-41AF-4EBD-AE32-8E295AF1A0FD}: Domain = uni-muenchen.de O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = aa.swh.mhn.de O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 12059 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Ad-Aware Update (Weekly).job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\User_Feed_Synchronization-{D7D98F91-450C-49D3-BB4B-0438F4214718}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{609D670F-B735-4da7-AC6D-F3BD358E325E}] Asz.Citavi.IEPicker.IEPickerButton - C:\Windows\system32\mscoree.dll [2009-11-08 297808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}] CBrowserHelperObject Object - C:\PROGRA~1\GOOGLE~1\BAE.dll [2006-06-23 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472] "QuickTime Task"=C:\Program Files\Media\Quicktime\QTTask.exe [2010-03-17 421888] "PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-08-31 328992] "PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-10-11 29984] "NvSvc"=C:\Windows\system32\nvsvc.dll [2007-10-30 86016] "BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2008-05-29 1085440] "Apoint"=C:\Program Files\Apoint\Apoint.exe [2007-06-10 118784] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-10-30 81920] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-10-30 8429568] "iTunesHelper"=C:\Program Files\Media\iTunes\iTunesHelper.exe [2010-06-15 141624] "ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2007-09-19 311296] "IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-10-11 46368] "ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-12-21 86016] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] ""= [] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup VPN Client.lnk - C:\Windows\Installer\{4C271126-C295-4828-A901-5910AE0C258B}\Icon3E5562ED7.ico C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup ac'tivAid.lnk - C:\Program Files\ac'tivAid\ac'tivAid.ahk [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon] C:\Windows\system32\VESWinlogon.dll [2007-08-14 98304] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=4 "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======List of files/folders created in the last 1 months====== 2010-08-03 13:24:46 ----D---- C:\rsit 2010-08-03 13:24:46 ----D---- C:\Program Files\trend micro 2010-08-03 13:03:24 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys 2010-08-03 13:03:22 ----A---- C:\Windows\system32\drivers\mbam.sys 2010-08-03 10:44:58 ----A---- C:\Windows\system32\shell32.dll 2010-08-02 19:16:58 ----D---- C:\Windows\ERDNT 2010-08-02 18:50:56 ----D---- C:\Program Files\7-Zip 2010-08-02 18:29:25 ----A---- C:\Windows\system32\bootkit_remover_debug_log.txt 2010-08-01 13:12:37 ----D---- C:\Users\***\AppData\Roaming\SUPERAntiSpyware.com 2010-08-01 13:12:37 ----D---- C:\ProgramData\SUPERAntiSpyware.com 2010-08-01 13:08:28 ----D---- C:\Users\***\AppData\Roaming\Malwarebytes 2010-08-01 13:08:18 ----D---- C:\ProgramData\Malwarebytes 2010-08-01 13:03:58 ----A---- C:\Windows\system32\remover.exe 2010-07-31 11:52:22 ----ASH---- C:\hiberfil.sys 2010-07-31 11:10:58 ----D---- C:\Users\***\AppData\Roaming\Avira 2010-07-31 11:10:27 ----D---- C:\ProgramData\Avira 2010-07-31 11:10:27 ----D---- C:\Program Files\Avira 2010-07-31 11:10:27 ----A---- C:\Windows\system32\drivers\avipbb.sys 2010-07-31 11:10:27 ----A---- C:\Windows\system32\drivers\avgntmgr.sys 2010-07-31 11:10:27 ----A---- C:\Windows\system32\drivers\avgntflt.sys 2010-07-31 11:10:27 ----A---- C:\Windows\system32\drivers\avgntdd.sys 2010-07-31 07:43:28 ----D---- C:\Windows\pss ======List of files/folders modified in the last 1 months====== 2010-08-03 13:24:50 ----D---- C:\Windows\Prefetch 2010-08-03 13:24:46 ----RD---- C:\Program Files 2010-08-03 13:23:40 ----D---- C:\Program Files\ac'tivAid 2010-08-03 13:23:04 ----D---- C:\Windows\Temp 2010-08-03 13:17:05 ----RSD---- C:\Windows\Media 2010-08-03 13:17:05 ----D---- C:\Windows\system32\drivers 2010-08-03 13:10:01 ----D---- C:\Windows 2010-08-03 13:03:22 ----D---- C:\Program Files\Tools 2010-08-03 12:55:40 ----D---- C:\ProgramData\Spybot - Search & Destroy 2010-08-03 12:55:35 ----D---- C:\Windows\Minidump 2010-08-03 12:55:35 ----D---- C:\Windows\Debug 2010-08-03 12:50:14 ----D---- C:\Windows\System32 2010-08-03 12:50:14 ----D---- C:\Windows\inf 2010-08-03 12:50:14 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-08-03 12:41:27 ----D---- C:\Windows\system32\Samsung_USB_Drivers 2010-08-03 12:38:07 ----D---- C:\Windows\winsxs 2010-08-03 12:37:23 ----SHD---- C:\System Volume Information 2010-08-03 12:34:18 ----HD---- C:\Program Files\InstallShield Installation Information 2010-08-03 12:33:57 ----D---- C:\Windows\system32\catroot2 2010-08-03 12:33:57 ----D---- C:\Windows\system32\catroot 2010-08-03 12:33:05 ----D---- C:\Program Files\AskBarDis 2010-08-03 12:32:16 ----D---- C:\Users\***\AppData\Roaming\Samsung 2010-08-03 12:32:05 ----SHD---- C:\Windows\Installer 2010-08-03 11:08:31 ----D---- C:\Program Files\Mozilla Thunderbird 2010-08-02 18:21:19 ----D---- C:\Users\***\AppData\Roaming\Skype 2010-08-02 16:09:46 ----D---- C:\Users\***\AppData\Roaming\skypePM 2010-08-01 20:37:25 ----D---- C:\Windows\ServiceProfiles 2010-08-01 13:12:37 ----HD---- C:\ProgramData 2010-07-30 20:55:06 ----D---- C:\Program Files\Mozilla Firefox 2010-07-29 09:20:22 ----D---- C:\Program Files\Windows Mail 2010-07-28 18:18:15 ----D---- C:\Users\***\AppData\Roaming\vlc 2010-07-23 16:16:54 ----D---- C:\Users\***\AppData\Roaming\dvdcss 2010-07-19 15:49:28 ----D---- C:\Film 2010-07-18 15:30:20 ----D---- C:\Bilder 2010-07-08 14:44:01 ----D---- C:\ProgramData\DVD Shrink ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-03-01 277784] R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-11-20 43872] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-12-29 717296] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-01 124784] R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2007-09-19 10216] R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2008-07-12 5632] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-02-16 60936] R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2008-04-17 306299] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-10-05 12672] R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 11032] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-05 8192] R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2008-09-04 99648] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-06-10 140800] R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne2000.sys [2008-03-29 125328] R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2007-02-16 11984] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-10-05 985600] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-10-05 207360] R3 NETw4v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-19 2222080] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-10-30 7115072] R3 R5U870FLx86;R5U870 UVC Lower Filter ; C:\Windows\System32\Drivers\R5U870FLx86.sys [2007-10-30 75008] R3 R5U870FUx86;R5U870 UVC Upper Filter ; C:\Windows\System32\Drivers\R5U870FUx86.sys [2007-10-30 43904] R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-08-29 9344] R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-10-27 330240] R3 StillCam;Treiber für serielle Digitalkamera; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-19 9216] R3 ti21sony;ti21sony; C:\Windows\system32\drivers\ti21sony.sys [2007-06-06 812544] R3 usbvideo;R5U870 (UVC) ; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-10-05 659968] R3 WSDPrintDevice;WSD-Druckunterstützung durch UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-19 16896] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-10-05 246784] S0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [] S3 61883;61883-Einheitsgerät; C:\Windows\system32\DRIVERS\61883.sys [2008-01-19 45696] S3 afmhedhq;afmhedhq; C:\Windows\system32\drivers\afmhedhq.sys [] S3 Avc;AVC-Gerät; C:\Windows\system32\DRIVERS\avc.sys [2008-01-19 40448] S3 BthEnum;Bluetooth-Auflistungsdienst; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528] S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160] S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904] S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696] S3 btwaudio;Bluetooth-Audiogerät; C:\Windows\system32\drivers\btwaudio.sys [2007-10-10 81448] S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-10-10 99880] S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2007-10-10 28464] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-10-10 17448] S3 CVirtA;Cisco Systems VPN Adapter; C:\Windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275] S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 grmnusb;Garmin USB Driver; C:\Windows\system32\drivers\grmnusb.sys [2009-04-17 9344] S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704] S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-03-11 55216] S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\k750mdfl.sys [2005-03-11 6576] S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\Windows\system32\DRIVERS\k750mdm.sys [2005-03-11 89872] S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\Windows\system32\DRIVERS\k750mgmt.sys [2005-03-11 81728] S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\Windows\system32\DRIVERS\k750obex.sys [2005-03-11 79488] S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-19 52608] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992] S3 s3017bus;Sony Ericsson Device 3017 driver (WDM); C:\Windows\system32\DRIVERS\s3017bus.sys [2007-12-10 83880] S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s3017mdfl.sys [2007-12-10 15016] S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s3017mdm.sys [2007-12-10 110632] S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s3017mgmt.sys [2007-12-10 104616] S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS); C:\Windows\system32\DRIVERS\s3017nd5.sys [2007-12-10 25512] S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s3017obex.sys [2007-12-10 100648] S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM); C:\Windows\system32\DRIVERS\s3017unic.sys [2007-12-10 110120] S3 sembbus;SEMC WMC Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sembbus.sys [2008-02-06 260992] S3 sembcard;Sony Ericsson PC300 Mobile Broadband Command Interface Drivers (WDM); C:\Windows\system32\DRIVERS\sembcard.sys [2008-02-06 337408] S3 sembmdfl2;Sony Ericsson PC300 Wireless Modem Filter; C:\Windows\system32\DRIVERS\sembmdfl2.sys [2008-02-06 14976] S3 sembmdm2;Sony Ericsson PC300 Wireless Modem Driver; C:\Windows\system32\DRIVERS\sembmdm2.sys [2008-02-06 380672] S3 sembmgmt;Sony Ericsson PC300 Mobile Broadband Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\sembmgmt.sys [2008-02-06 343680] S3 sembnd5;Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (NDIS); C:\Windows\system32\DRIVERS\sembnd5.sys [2008-02-06 24960] S3 sembunic;Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (WDM); C:\Windows\system32\DRIVERS\sembunic.sys [2008-02-06 344064] S3 sembwwan;Sony Ericsson PC300 Mobile Broadband Ethernet Control Drivers (WDM); C:\Windows\system32\DRIVERS\sembwwan.sys [2008-02-06 337408] S3 SEMCReserved;SEMC Reserved Interface; C:\Windows\system32\DRIVERS\semcreserved.sys [2008-02-15 17408] S3 Sony_EricssonWWSC;Sony Ericsson SIM Card Reader; C:\Windows\system32\DRIVERS\sesc.sys [2007-08-14 12672] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448] S3 usbaudio;USB-Audiotreiber (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-02-13 128104] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-07-31 267432] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176] R2 Bonjour Service;Dienst "Bonjour"; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2008-04-17 1528608] R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\stacsv.exe [2007-10-27 102400] R2 VAIO Event Service;VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2007-08-14 182392] R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2007-08-28 192512] R2 VzFw;VAIO Entertainment File Import Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [2007-08-28 131072] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-05 386560] R3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2010-06-15 540472] R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2007-06-28 274432] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon [] S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-11 133104] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-08-12 654848] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-11-02 1838592] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-11-02 138168] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344] S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632] S3 usnjsvc;Messenger USN Journal Reader-Service für freigegebene Ordner; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136] S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [2007-06-28 73728] S3 VAIOMediaPlatform-IntegratedServer-AppServer;VAIO Media Integrated Server; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2007-06-20 2523136] S3 VAIOMediaPlatform-IntegratedServer-HTTP;VAIO Media Integrated Server (HTTP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-06-20 397312] S3 VAIOMediaPlatform-IntegratedServer-UPnP;VAIO Media Integrated Server (UPnP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 1089536] S3 VAIOMediaPlatform-Mobile-Gateway;VAIO Media Gateway Server; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [2007-06-20 499712] S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection; C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 745472] S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-06-20 397312] S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 1089536] S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2007-09-28 292128] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2007-09-20 79136] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] -----------------EOF----------------- Danke für die Hilfe! |
|
03.08.2010, 18:09
| #2 |
| /// Selecta Jahrusso   | Viele Bluescreens, dann Schlachtmusik Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist. Vista und Win7 User Alle Tools mit Rechtsklick "als Administrator ausführen" starten. Schritt 1 Poste mir bitte die aktuelle Logfile von Malwarebytes Starte Malwarebytes--> Reiter Scan-Berichte--> klick auf den aktuellsten Bericht--> es öffnet sich automatisch ein Text-Dokument Schritt 2 Downloade Dir bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
Poste mir bitte den Inhalt des .txt Dokumentes
__________________ |
|
03.08.2010, 22:22
| #3 | |||
| | Viele Bluescreens, dann Schlachtmusik Hallo Daniel,
__________________danke für Deine Antwort! Ah richtig, Malwarebytes-Log. Ich hatte heute Nachmittag einen Quickscan gemacht, hier der Log davon: Zitat:
Zitat:
Zitat:
|
|
03.08.2010, 23:46
| #4 |
| /// Selecta Jahrusso | Viele Bluescreens, dann Schlachtmusik Lösche bitte die vorhandenen MBRCheck.txt. Starte bitte MBRCheck.exe erneut. Diesmal tippe in das Fenster folgendes ein und bestätige jede Eingabe mit Enter bei
Nun findest Du 2 MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop. Poste mir den Inhalt von beiden .txt Dokumenten
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
04.08.2010, 11:27
| #5 | ||
| | Viele Bluescreens, dann Schlachtmusik Ok, erledigt. Hier das erste Dokument: Zitat:
Zitat:
|
|
04.08.2010, 12:33
| #6 |
| /// Selecta Jahrusso | Viele Bluescreens, dann SchlachtmusikCombofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!Lade ComboFix von einem der unten aufgeführten Links herunter. Du musst diese umbenennen, bevor Du es auf den Desktop speicherst. Speichere ComboFix auf deinen Desktop.**NB: Es ist wichtig, das ComboFix.exe auf dem Desktop gespeichert wird**  
__________________ --> Viele Bluescreens, dann Schlachtmusik |
|
| Themen zu Viele Bluescreens, dann Schlachtmusik |
| 32 bit, ad-aware, antivir, antivir guard, avira, bluescree, bluescreen, bonjour, browser, data restore, desktop, device driver, diagnostics, error, firefox, flash player, fontcache, google, hdaudio.sys, hijackthis, home, home premium, iastor.sys, install.exe, logfile, msiexec.exe, not less, nvlddmkm.sys, office 2007, plug-in, problem, programdata, proxy, safer networking, schattenkopien, schlachtmusik, security, server, software, sptd.sys, staropen, start menu, studio, symantec, system, usbvideo.sys, video converter, vista, vista 32, vista 32 bit, windows, windows-defender |
Hybrid-Darstellung
