Trojaner-Board - ich weiß nicht mehr weiter =(

hi,

hab das so gemacht wie du beschrieben hast, alle 3 haben "leider" nix gefunden hier die ergebnisse:

Dateiname : Software4u.UpdateServer.exe
Größe : 36864 byte
Typ : MS Windows PE 32-bit Intel 80386 GUI executable
MD5 : 65e1ca3b0e909dcb8804ec2dd358d284
SHA1 : d00f9786bf2824e7fad13da640c8ea86e0f32db1

deine Vermutung war korrekt hab einen Fujitsu Siemens Computer,

Code:

Deckard's System Scanner v20071014.68

Run by Conan on 2008-06-22 14:20:15

Computer is in Normal Mode.

--------------------------------------------------------------------------------
 

-- Last 2 Restore Point(s) --

2: 2008-06-22 11:36:26 UTC - RP270 - Windows Live Anmelde-Assistent wird entfernt

1: 2008-06-22 11:23:59 UTC - RP269 - Removed Microsoft Office Enterprise 2007
 
 

Backed up registry hives.

Performed disk cleanup.
 
 
 

-- HijackThis (run as Conan.exe) -----------------------------------------------
 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:23:52, on 22.06.2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v8.00 (8.00.6001.17184)

Boot mode: Normal
 

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

c:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Spyware Doctor\pctsAuxs.exe

C:\Program Files\Spyware Doctor\pctsSvc.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Spyware Doctor\pctsTray.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Windows\system32\conime.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Windows\System32\mobsync.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Users\Conan\AppData\Local\ucsesai.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Users\Conan\Desktop\dss.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Conan\Desktop\NEUERO~1\Conan.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe
 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.de/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing)

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Skytel] Skytel.exe

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"

O4 - HKLM\..\Run: [Software4u-UpdateServer] C:\Program Files\S.A.D\Registry CleanUP 2008\Software4u.UpdateServer.exe

O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [fsc-reg] C:\ProgramData\fsc-reg\fscreg.exe 20080611

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [BLASC] "C:\Program Files\buffed\BLASC.exe" silent

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [ucsesai] c:\users\conan\appdata\local\ucsesai.exe ucsesai

O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')

O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')

O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe

O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe

O13 - Gopher Prefix: 

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: FSCLBaseUpdaterService - Unknown owner - c:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe

O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
 

--

End of file - 9298 bytes
 

-- File Associations -----------------------------------------------------------
 

All associations okay.
 
 

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
 

S3 MOUSEWDFilter - \??\c:\windows\system32\drivers\mousewd.sys
 
 

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
 

R2 FSCLBaseUpdaterService - "c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\fscwbaseupdaterservice.exe" <Not Verified; ; FSCWBaseUpdaterService>
 

S2 CLTNetCnService (Symantec Lic NetConnect service) - "c:\program files\common files\symantec shared\ccsvchst.exe" /h cccommon (file missing)

S3 gusvc (Google Updater Service) - "c:\program files\google\common\google updater\googleupdaterservice.exe" (file missing)

S3 ServiceLayer - "c:\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>
 
 

-- Device Manager: Disabled ----------------------------------------------------
 

No disabled devices found.
 
 

-- Scheduled Tasks -------------------------------------------------------------
 

2008-06-20 16:31:59       408 --a------ C:\Windows\Tasks\Norton Security Scan.job
 
 

-- Files created between 2008-05-22 and 2008-06-22 -----------------------------
 

2008-06-22 11:54:00         0 d-------- C:\Users\All Users\Office Genuine Advantage

2008-06-22 11:10:40         0 d-------- C:\Program Files\Panda Security

2008-06-22 10:38:30     21129 --a------ C:\Windows\system32\msdx92.dll

2008-06-22 10:38:30         0 d-------- C:\Users\All Users\Software4u

2008-06-22 10:38:15         0 d-------- C:\Program Files\S.A.D

2008-06-22 10:18:24         0 d-------- C:\!KillBox

2008-06-17 13:29:23        23 --ahs---- C:\Windows\system32\dadbd_g.dll

2008-06-17 13:00:39         0 d-------- C:\Program Files\Web Photo Album

2008-06-17 13:00:36         0 d-------- C:\Program Files\Jpeg Enhancer

2008-06-14 16:37:54         0 d-------- C:\Program Files\Common Files\SWF Studio

2008-06-14 16:37:52   1305232 --a------ C:\Windows\ZDFheute_Bildschirmschoner.scr <Not Verified; ZDF; ZDFheute Bildschirmschoner>

2008-06-14 16:37:52     45056 --a------ C:\Windows\NCUNINST.EXe <Not Verified; Northern Codeworks; Uninstall>

2008-06-14 16:37:52     69632 --a------ C:\Windows\NCLAUNCH.EXe <Not Verified; Northcode Inc.; SWF Studio Launcher>

2008-06-06 19:36:11         0 d-------- C:\Users\Conan\Application Data

2008-06-06 19:36:11         0 d-------- C:\Users\Conan\Application Data\Adobe

2008-06-06 19:36:06         0 d-------- C:\Program Files\Adobe Media Player
 
 

-- Find3M Report ---------------------------------------------------------------
 

2008-06-22 14:13:19         0 d-------- C:\Users\Conan\AppData\Roaming\StarOffice8

2008-06-22 13:59:10         0 d-------- C:\Users\Conan\AppData\Roaming\Xfire

2008-06-22 13:56:11        12 --a------ C:\Windows\bthservsdp.dat

2008-06-22 13:52:24         0 d-------- C:\Users\Conan\AppData\Roaming\uTorrent

2008-06-22 12:16:40         0 d-------- C:\Users\Conan\AppData\Roaming\OpenOffice.org2

2008-06-22 12:14:44         0 --a------ C:\Users\Conan\AppData\Roaming\wklnhst.dat

2008-06-22 10:38:28         0 d-------- C:\Users\Conan\AppData\Roaming\Software4u

2008-06-22 10:32:43         0 d-------- C:\Program Files\Windows Live

2008-06-22 05:32:21         0 d-------- C:\Program Files\Common Files\Symantec Shared

2008-06-20 20:03:40         0 d-------- C:\Program Files\Spyware Doctor

2008-06-20 19:59:45    618192 --a------ C:\Windows\system32\perfh007.dat

2008-06-20 19:59:45    122442 --a------ C:\Windows\system32\perfc007.dat

2008-06-20 15:00:00         0 d-------- C:\Program Files\Norton Security Scan

2008-06-19 18:36:26         0 d-------- C:\Users\Conan\AppData\Roaming\teamspeak2

2008-06-17 13:01:54         0 d-------- C:\Users\Conan\AppData\Roaming\PanoramaStudio

2008-06-14 16:37:54         0 d-------- C:\Program Files\Common Files

2008-06-13 13:27:25         0 d-------- C:\Program Files\Windows Mail

2008-06-10 12:50:53         0 d-------- C:\Program Files\Xfire

2008-06-07 21:44:01         0 d-------- C:\Program Files\Common Files\Adobe

2008-06-07 17:42:43         0 d-------- C:\Program Files\Google

2008-06-06 19:35:33         0 d-------- C:\Users\Conan\AppData\Roaming\Adobe

2008-05-20 18:04:49         0 d-------- C:\Program Files\buffed

2008-05-10 19:14:00         0 d-------- C:\Program Files\ICQLite

2008-05-01 20:48:28         0 d-------- C:\Program Files\Common Files\xing shared

2008-05-01 20:48:23         0 d-------- C:\Program Files\Common Files\Real

2008-04-26 20:48:51         0 d-------- C:\Users\Conan\AppData\Roaming\Nokia

2008-04-26 20:35:29         0 d-------- C:\Users\Conan\AppData\Roaming\Nokia Multimedia Player

2008-04-26 20:33:56         0 d-------- C:\Users\Conan\AppData\Roaming\PC Suite

2008-04-26 20:31:34         0 d-------- C:\Program Files\Common Files\Nokia

2008-04-26 20:31:32         0 d-------- C:\Program Files\Common Files\PCSuite

2008-04-26 20:31:28         0 d-------- C:\Program Files\Nokia

2008-04-26 20:31:18         0 d-------- C:\Program Files\DIFX

2008-04-26 20:30:25         0 d-------- C:\Program Files\PC Connectivity Solution

2008-04-22 23:15:45         0 d-------- C:\Program Files\Winamp Remote
 
 

-- Registry Dump ---------------------------------------------------------------
 

*Note* empty entries & legit default entries are not shown
 
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [19.01.2008 09:38]

"RtHDVCpl"="RtHDVCpl.exe" [01.10.2007 11:53 C:\Windows\RtHDVCpl.exe]

"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [26.02.2007 21:46]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22.02.2008 05:25]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [16.05.2008 01:19]

"ICQ Lite"="C:\Program Files\ICQLite\ICQLite.exe" [11.07.2006 12:15]

"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [24.08.2007 08:00]

"Skytel"="Skytel.exe" [03.08.2007 13:22 C:\Windows\SkyTel.exe]

"NvSvc"="C:\Windows\system32\nvsvc.dll" [06.11.2007 21:00]

"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [06.11.2007 21:00]

"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [06.11.2007 21:00]

"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [01.05.2008 20:47]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11.01.2008 22:16]

"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [01.02.2008 12:55]

"Software4u-UpdateServer"="C:\Program Files\S.A.D\Registry CleanUP 2008\Software4u.UpdateServer.exe" [28.05.2008 14:41]
 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [19.01.2008 09:33]

"fsc-reg"="C:\ProgramData\fsc-reg\fscreg.exe" [08.11.2007 15:38]

"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [19.01.2008 09:33]

"BLASC"="C:\Program Files\buffed\BLASC.exe" [20.05.2008 18:05]

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [19.01.2008 09:33]

"ucsesai"="c:\users\conan\appdata\local\ucsesai.exe" [20.06.2008 12:33]
 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]

"ICQ Lite"=C:\Program Files\ICQLite\ICQLite.exe -trayboot
 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 

C:\Users\Conan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Xfire.lnk - C:\Program Files\Xfire\xfire.exe [03.06.2008 02:56:46]
 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"=2 (0x2)

"EnableUIADesktopToggle"=0 (0x0)
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

@="Service"
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

@="Service"
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

@="Service"
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

@="Service"
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

@="Service"
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

@="Service"
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

@="Service"
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

@="Service"
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

@="Service"
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

@="Service"
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

@="Driver"
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

@="Driver"
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

@="Volume shadow copy"
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

@="IEEE 1394 Bus host controllers"
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

@="SBP2 IEEE 1394 Devices"
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

@="SecurityDevices"
 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalService        nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc

LocalSystemNetworkRestricted        hidserv WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum UxSms

bthsvcs        BthServ
 
 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]

C:\Windows\system32\unregmp2.exe /ShowWMP
 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]

%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
 
 
 

-- Hosts -----------------------------------------------------------------------
 

127.0.0.1        www.007guard.com

127.0.0.1        007guard.com

127.0.0.1        008i.com

127.0.0.1        www.008k.com

127.0.0.1        008k.com

127.0.0.1        www.00hq.com

127.0.0.1        00hq.com

127.0.0.1        010402.com

127.0.0.1        www.032439.com

127.0.0.1        032439.com
 

8032 more entries in hosts file.
 
 

-- End of Deckard's System Scanner: finished at 2008-06-22 14:25:43 ------------

hat nicht beides aufgepasst also hier ist teil 2 der "extra.txt"

Code:

Deckard's System Scanner v20071014.68

Extra logfile - please post this as an attachment with your post.

--------------------------------------------------------------------------------
 

-- System Information ----------------------------------------------------------
 

Microsoft® Windows Vista™ Home Premium  (build 6001) SP 1.0

Architecture: X86; Language: German
 

CPU 0: Intel(R) Core(TM)2 Quad CPU    Q6600  @ 2.40GHz

Percentage of Memory in Use: 42%

Physical Memory (total/avail): 2046.58 MiB / 1168.19 MiB

Pagefile Memory (total/avail): 4334.22 MiB / 3260.23 MiB

Virtual Memory (total/avail): 2047.88 MiB / 1885.2 MiB
 

C: is Fixed (NTFS) - 216.41 GiB total, 45.07 GiB free. 

D: is Fixed (NTFS) - 107.22 GiB total, 16.76 GiB free. 

E: is CDROM (No Media)

G: is Removable (No Media)

H: is Removable (No Media)

I: is Removable (No Media)

J: is Removable (No Media)

K: is Removable (No Media)
 

\\.\PHYSICALDRIVE0 - ST3360320AS ATA Device - 335.35 GiB - 3 partitions

  \PARTITION0 - Unknown - 11.72 GiB

  \PARTITION1 (bootable) - Installierbares Dateisystem - 216.41 GiB - C:

  \PARTITION2 - Installierbares Dateisystem - 107.22 GiB - D:
 

\\.\PHYSICALDRIVE1 - Generic 2.0 Reader    -0 USB Device
 

\\.\PHYSICALDRIVE2 - Generic 2.0 Reader    -1 USB Device
 

\\.\PHYSICALDRIVE3 - Generic 2.0 Reader    -2 USB Device
 

\\.\PHYSICALDRIVE4 - Generic 2.0 Reader    -3 USB Device
 

\\.\PHYSICALDRIVE5 - Generic 2.0 Reader    -4 USB Device
 
 
 

-- Security Center -------------------------------------------------------------
 

AUOptions is scheduled to auto-install.

Windows Internal Firewall is enabled.
 

AV: avast! antivirus 4.8.1201 [VPS 080621-0] v4.8.1201 (ALWIL Software)

AS: Spyware Doctor v5.5.0.204 (PC Tools)

AS: Windows-Defender v1.1.1505.0 (Microsoft Corporation)

AS: avast! antivirus 4.8.1201 [VPS 080621-0] v4.8.1201 (ALWIL Software)
 

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 

-- Environment Variables -------------------------------------------------------
 

ALLUSERSPROFILE=C:\ProgramData

APPDATA=C:\Users\Conan\AppData\Roaming

CommonProgramFiles=C:\Program Files\Common Files

COMPUTERNAME=HOME

ComSpec=C:\Windows\system32\cmd.exe

FP_NO_HOST_CHECK=NO

HOMEDRIVE=C:

HOMEPATH=\Users\Conan

LOCALAPPDATA=C:\Users\Conan\AppData\Local

LOGONSERVER=\\HOME

NUMBER_OF_PROCESSORS=4

OS=Windows_NT

Path=C:\Program Files\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Ulead Systems\MPEG

PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

PROCESSOR_ARCHITECTURE=x86

PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 11, GenuineIntel

PROCESSOR_LEVEL=6

PROCESSOR_REVISION=0f0b

ProgramData=C:\ProgramData

ProgramFiles=C:\Program Files

PROMPT=$P$G

PUBLIC=C:\Users\Public

SystemDrive=C:

SystemRoot=C:\Windows

TEMP=C:\Users\Conan\AppData\Local\Temp

TMP=C:\Users\Conan\AppData\Local\Temp

USERDOMAIN=Home

USERNAME=Conan

USERPROFILE=C:\Users\Conan

windir=C:\Windows
 
 

-- User Profiles ---------------------------------------------------------------
 

Conan
 
 

-- Add/Remove Programs ---------------------------------------------------------
 

 --> "C:\Program Files\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}

 --> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL

 --> C:\Windows\UNNeroMediaHome.exe /UNINSTALL

 --> C:\Windows\UNNeroShowTime.exe /UNINSTALL

 --> C:\Windows\UNNeroVision.exe /UNINSTALL

 --> C:\Windows\UNRecode.exe /UNINSTALL

 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34449598-3F4B-43B5-A996-84A7345FD15F}\setup.exe" -l0x9 

 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B95708FA-609B-4F7F-A50C-76D2338464AE}\setup.exe" -l0x9 

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

Activation Assistant for the 2007 Microsoft Office suites --> "C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE

Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Media Player --> MsiExec.exe /I{1EBB57D4-63FF-87CC-A0F0-D73982CF6008}

Adobe Reader 8.1.2 - Deutsch --> MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81200000003}

µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL

avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup

BLASC 2.0 --> C:\Program Files\buffed\UnInstaller.exe

Free Video to Mp3 Converter version 2.8 --> "C:\Program Files\DVDVideoSoft\Free Video to Mp3 Converter\unins000.exe"

Free YouTube to Mp3 Converter version 2.4 --> "C:\Program Files\DVDVideoSoft\Free YouTube to Mp3 Converter\unins000.exe"

FSCLounge --> MsiExec.exe /I{9A3BC157-B94F-4EFD-ABA9-1E56DEB00655}

HijackThis 2.0.2 --> "C:\Users\Conan\Desktop\Neuer Ordner\HijackThis.exe" /uninstall

HyperMediaCenter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AE9C8073-B7CA-4BE3-BC3A-8797109343BE}\Setup.exe" -l0x7 

ICQ 5.1 --> C:\Program Files\ICQLite\ICQLiteUninstall.EXE

InstallRTC --> MsiExec.exe /X{200F584F-848D-4B6B-B1A1-C74D735F18A4}

Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}

Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}

Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}

Kaspersky Online Scanner --> C:\Windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe

Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}

Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}

Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL

Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}

Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}

Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}

Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}

Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}

Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}

Microsoft Office PowerPoint Viewer 2007 (German) --> MsiExec.exe /X{95120000-00AF-0407-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}

Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}

Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}

Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}

Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}

Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Works --> MsiExec.exe /I{39D0E034-1042-4905-BECB-5502909FCB7C}

MobMap 1.58 --> "C:\Users\Conan\Saved Games\World of Warcraft\Interface\AddOns\MobMapUpdater\unins000.exe"

Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSVC80_x86 --> MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}

Nero 7 Essentials --> MsiExec.exe /X{81CD6232-10F5-4832-B3DA-1B88B1571031}

Nokia Connectivity Cable Driver --> MsiExec.exe /X{4F1DCA42-2030-437C-A94E-736692A499C1}

Nokia Multimedia Factory --> "C:\ProgramData\Installations\{4CFB3821-1582-4f3b-BF8D-30986923B36B}\Nokia_Multimedia_Factory_2_0.exe" /MAINTENANCE /SILENT="SWLPCER" /LANG="2057" /MSI_COMMON_OPTIONS="PCSLANG= MMFLANG=eng"

Nokia Multimedia Factory --> MsiExec.exe /I{4CFB3821-1582-4F3B-BF8D-30986923B36B}

Nokia PC Suite --> C:\ProgramData\Installations\{9C05FA75-0337-4523-AA57-9D3511018887}\Nokia_PC_Suite_rel_6_86_9_3_ger_web.exe

Nokia PC Suite --> MsiExec.exe /I{9C05FA75-0337-4523-AA57-9D3511018887}

Nokia Video Manager --> "C:\ProgramData\Installations\{B1B4E612-9ACC-4fab-BD04-1721D9503266}\NokiaVideoManager1.6.exe" /MAINTENANCE /SILENT="SGWLRPFCE" /LANG="1031" /O=";EXTUNINSTALL=1"

Nokia Video Manager --> MsiExec.exe /I{B1B4E612-9ACC-4FAB-BD04-1721D9503266}

Norton Security Scan --> MsiExec.exe /I{D4D9F101-9C35-477E-88FC-935415CD9916}

NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI

OpenOffice.org 2.3 --> MsiExec.exe /I{DD5B65F7-7CA5-4DE4-AEE7-7E8F26BF78F5}

PC Connectivity Solution --> MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}

Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"

Realtek High Definition Audio Driver --> RtlUpd.exe -r -m

Registry CleanUP 2008 --> "C:\Program Files\S.A.D\Registry CleanUP 2008\unins000.exe"

RegSupreme --> "C:\Program Files\RegSupreme\unins000.exe"

Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for Excel 2007 (KB946974) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}

Security Update for Microsoft Office Publisher 2007 (KB950114) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}

Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}

Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}

Security Update for Office 2007 (KB947801) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}

Security Update for Outlook 2007 (KB946983) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}

Security Update for Visio 2007 (KB947590) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}

Spyware Doctor 5.5 --> C:\Program Files\Spyware Doctor\unins000.exe /LOG

StarOffice 8 --> MsiExec.exe /I{0ED5C5EF-1BA0-4289-B71F-BACBE1F7EEAE}

StarOffice 8 Product Update 9 --> MsiExec.exe /X{EDB8BB14-ED14-4AEF-BACC-DE952E56F57E}

TeamSpeak 2 RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe"

Update for Office 2007 (KB946691) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}

Update for Outlook 2007 Junk Email Filter (kb950378) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F6296086-AED5-4EC0-938B-08EA0254F20E}

Vista Codec Package --> MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}

Winamp --> "C:\Program Files\Winamp\UninstWA.exe"

Windows-Treiberpaket - Nokia Modem (03/05/2008 3.7) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_ce5ad925\nokia_bluetooth.inf

Windows-Treiberpaket - Nokia Modem (03/13/2008 6.86.0.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_674398ba\nokbtmdm.inf

Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf

Windows Installer Clean Up --> MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}

Windows Live installer --> MsiExec.exe /X{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}

Windows Live OneCare safety scanner --> MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}

Windows Media Player Firefox Plugin --> MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

Windows Media Tools 4.0 --> C:\Program Files\Windows Media Components\Tools\_insttoo.exe /U

WinRAR --> C:\Program Files\WinRAR\uninstall.exe

World of Warcraft --> C:\Program Files\Common Files\Blizzard Entertainment\WORLD OF WARCRAFT\Uninstall.exe

Xfire (remove only) --> "C:\Program Files\Xfire\uninst.exe"

Zoom Player (remove only) --> "C:\Program Files\Zoom Player\uninstall.exe"
 
 

-- Application Event Log -------------------------------------------------------
 

Event Record #/Type25358 / Success

Event Submitted/Written: 06/22/2008 01:57:18 PM

Event ID/Source: 5617 / WinMgmt

Event Description:
 
 

Event Record #/Type25357 / Success

Event Submitted/Written: 06/22/2008 01:57:15 PM

Event ID/Source: 5615 / WinMgmt

Event Description:
 
 

Event Record #/Type25354 / Success

Event Submitted/Written: 06/22/2008 01:57:11 PM

Event ID/Source: 902 / Software Licensing Service

Event Description:

Der Softwarelizenzierungsdienst wurde gestartet.
 

Event Record #/Type25340 / Warning

Event Submitted/Written: 06/22/2008 01:56:01 PM

Event ID/Source: 1530 / profsvc

Event Description:

Es wurde festgestellt, dass Ihre Registrierungsdatei noch von anderen Anwendungen oder Diensten verwendet wird. Die Datei wird nun entladen. Die Anwendungen oder Dienste, die Ihre Registrierungsdatei anhalten, funktionieren anschließend u. U. nicht mehr ordnungsgemäß.  
 

 DETAIL - 

 1 user registry handles leaked from \Registry\User\S-1-5-21-1436272777-3953240225-3870684877-1000_Classes:

Process 932 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1436272777-3953240225-3870684877-1000_CLASSES
 

Event Record #/Type25339 / Warning

Event Submitted/Written: 06/22/2008 01:55:59 PM

Event ID/Source: 1530 / profsvc

Event Description:

Es wurde festgestellt, dass Ihre Registrierungsdatei noch von anderen Anwendungen oder Diensten verwendet wird. Die Datei wird nun entladen. Die Anwendungen oder Dienste, die Ihre Registrierungsdatei anhalten, funktionieren anschließend u. U. nicht mehr ordnungsgemäß.  
 

 DETAIL - 

 1 user registry handles leaked from \Registry\User\S-1-5-21-1436272777-3953240225-3870684877-1000:

Process 932 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1436272777-3953240225-3870684877-1000
 
 
 

-- Security Event Log ----------------------------------------------------------
 

No Errors/Warnings found.
 
 

-- System Event Log ------------------------------------------------------------
 

Event Record #/Type54792 / Error

Event Submitted/Written: 06/22/2008 01:57:10 PM

Event ID/Source: 15016 / HTTP

Event Description:

\Device\Http\ReqQueueKerberos
 

Event Record #/Type54776 / Warning

Event Submitted/Written: 06/22/2008 01:56:16 PM

Event ID/Source: 4001 / Microsoft-Windows-WLAN-AutoConfig

Event Description:
 
 

Event Record #/Type54753 / Warning

Event Submitted/Written: 06/22/2008 01:55:47 PM

Event ID/Source: 3004 / WinDefend

Event Description:

Vom %Home27-Echtzeitschutz-Agent wurden Änderungen erkannt. Microsoft empfiehlt, die Software, die diese Änderungen vorgenommen hat, zu analysieren, um potenzielle Risiken festzustellen. Sie können anhand der Informationen über die Funktionsweise dieser Programme entscheiden, ob die Software ausgeführt werden kann oder vom Computer entfernt werden soll. Lassen Sie nur Änderungen zu, wenn das Programm oder der Softwareherausgeber vertrauenswürdig ist. %Home27 kann Änderungen, die Sie zugelassen haben, nicht mehr rückgängig machen.
 

Weitere Informationen finden Sie im Folgenden:

%Home275
 

        Scan-ID: {C130A8F8-91D0-4520-844E-4CED24D78661}

 

        Benutzer: Home\Conan
 

        Name: %Home271
 

        ID: %Home272
 

        Schweregrad-ID: %Home273
 

        Kategorie-ID: %Home274
 

        Gefundener Pfad: %Home276
 

        Warnungsart: %Home278
 

        Feststellungstyp:  1.1.1600.02
 

Event Record #/Type54752 / Warning

Event Submitted/Written: 06/22/2008 01:55:47 PM

Event ID/Source: 3004 / WinDefend

Event Description:

Vom %Home27-Echtzeitschutz-Agent wurden Änderungen erkannt. Microsoft empfiehlt, die Software, die diese Änderungen vorgenommen hat, zu analysieren, um potenzielle Risiken festzustellen. Sie können anhand der Informationen über die Funktionsweise dieser Programme entscheiden, ob die Software ausgeführt werden kann oder vom Computer entfernt werden soll. Lassen Sie nur Änderungen zu, wenn das Programm oder der Softwareherausgeber vertrauenswürdig ist. %Home27 kann Änderungen, die Sie zugelassen haben, nicht mehr rückgängig machen.
 

Weitere Informationen finden Sie im Folgenden:

%Home275
 

        Scan-ID: {C43C793C-65DC-4249-B789-B84DEAF3FE29}

 

        Benutzer: Home\Conan
 

        Name: %Home271
 

        ID: %Home272
 

        Schweregrad-ID: %Home273
 

        Kategorie-ID: %Home274
 

        Gefundener Pfad: %Home276
 

        Warnungsart: %Home278
 

        Feststellungstyp:  1.1.1600.02
 

Event Record #/Type54751 / Error

Event Submitted/Written: 06/22/2008 01:55:47 PM

Event ID/Source: 10010 / DCOM

Event Description:

{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
 
 

-- End of Deckard's System Scanner: finished at 2008-06-22 14:25:43 ------------