Trojaner-Board
Seite 4 von 6 « Erste 23 4 56
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Infiziert? (https://www.trojaner-board.de/75270-infiziert.html)

john.doe 17.07.2009 21:29
Schau dir das VT-Ergebnis an:
Code:
Datei ESQULcrlbgpsvaxtvndqqnxxoquvgvupx empfangen 2009.07.15 23:03:05 (UTC)
Status:    Beendet
Ergebnis: 3/41 (7.32%)
 Filter
Drucken der Ergebnisse  Antivirus        Version        letzte aktualisierung        Ergebnis
a-squared        4.5.0.24        2009.07.15        -
AhnLab-V3        5.0.0.2        2009.07.15        -
AntiVir        7.9.0.215        2009.07.15        -
Antiy-AVL        2.0.3.7        2009.07.15        -
Authentium        5.1.2.4        2009.07.16        -
Avast        4.8.1335.0        2009.07.15        -
AVG        8.5.0.387        2009.07.15        -
BitDefender        7.2        2009.07.16        -
CAT-QuickHeal        10.00        2009.07.15        -
ClamAV        0.94.1        2009.07.15        -
Comodo        1663        2009.07.16        -
DrWeb        5.0.0.12182        2009.07.15        -
eSafe        7.0.17.0        2009.07.15        -
eTrust-Vet        31.6.6617        2009.07.15        -
F-Prot        4.4.4.56        2009.07.16        -
F-Secure        8.0.14470.0        2009.07.15        -
Fortinet        3.120.0.0        2009.07.15        -
GData        19        2009.07.15        -
Ikarus        T3.1.1.64.0        2009.07.15        -
Jiangmin        11.0.706        2009.07.15        -
K7AntiVirus        7.10.793        2009.07.15        -
Kaspersky        7.0.0.125        2009.07.16        -
McAfee        5677        2009.07.15        -
McAfee+Artemis        5677        2009.07.15        -
McAfee-GW-Edition        6.8.5        2009.07.15        -
Microsoft        1.4803        2009.07.16        VirTool:Win32/Obfuscator.ER
NOD32        4247        2009.07.15        -
Norman        6.01.09        2009.07.15        -
nProtect        2009.1.8.0        2009.07.15        -
Panda        10.0.0.14        2009.07.15        -
PCTools        4.4.2.0        2009.07.15        -
Prevx        3.0        2009.07.16        High Risk Cloaked Malware
Rising        21.38.24.00        2009.07.15        -
Sophos        4.43.0        2009.07.15        -
Sunbelt        3.2.1858.2        2009.07.15        -
Symantec        1.4.4.12        2009.07.16        Suspicious.Vundo.2
TheHacker        6.3.4.3.368        2009.07.15        -
TrendMicro        8.950.0.1094        2009.07.15        -
VBA32        3.12.10.8        2009.07.15        -
ViRobot        2009.7.15.1837        2009.07.15        -
VirusBuster        4.6.5.0        2009.07.15        -
weitere Informationen
File size: 23552 bytes
MD5...: db4997444d76434e325050c090b2efd0
SHA1..: 18bbb4ce71310704533018075cc0c96423717878
SHA256: 51bdd7a2cc1ba343884e4bc6b6c8015719c162d72f405e65a95b3748b00b0d9c
ssdeep: 384:U8Y+Y+GmLiTwYRd5miLiIMhv2zP7n6OTu8JuGrj1:U8wmLiTwYr5m7IMhuz5
Tuur
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.2%)
Clipper DOS Executable (9.1%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1ba0
timedatestamp.....: 0x4588ab51 (Wed Dec 20 03:17:37 2006)
machinetype.......: 0x14c (I386)

( 6 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x246c 0x2000 5.67 ef3748688ff1ad621c4440174d387826
.data 0x4000 0x1863 0x800 2.53 a700095863e2c6898515aa6560eca25c
.rdata 0x6000 0x383c 0x1400 5.42 8855869c1ce8c2329da8cab68783b134
.edata 0xa000 0x28ad 0xc00 3.05 bb966077cbc634aa3da2a3bd54723d6e
.rsrc 0xd000 0x862 0x800 0.00 c99a74c555371a433d121f551d6c6398
.reloc 0xe000 0x82f 0x800 3.95 07f5f5e06c84805c990e53240827ad5f

( 6 imports )
> KERNEL32.DLL: VirtualFree, GetCurrentProcess, GetModuleHandleW, VirtualAlloc, ExitProcess, GlobalAlloc, FindFirstFileA, GetFileType, ResumeThread, GetProcessHeap
> msvcrt.dll: __p__fmode, realloc, __p__commode, __set_app_type
> GDI32.DLL: AngleArc, GdiGetDC, GetCurrentObject, ExcludeClipRect
> OLE32.DLL: CoGetInterfaceAndReleaseStream, OleLoadFromStream
> ADVAPI32.DLL: QueryServiceStatus, OpenSCManagerW, RegFlushKey, EqualSid, GetUserNameA, OpenServiceW, RegCreateKeyW, StartServiceCtrlDispatcherA
> version.dll: VerQueryValueA, GetFileVersionInfoW, GetFileVersionInfoSizeA, GetFileVersionInfoA

( 2 exports )
DzrcJqTHbbgrgf, ZriWYSvxIgg
PDFiD.: -
RDS...: NSRL Reference Data Set
-
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=12A3CABE0000AA245C6F00259D6ABA00ABB30703' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=12A3CABE0000AA245C6F00259D6ABA00ABB30703</a>
Noch Fragen? :D

1.) Deinstalliere SuperAntiSpyware

2.) Panda Active Scan
Folgende Seite führt dich durch die Installation: PandaActiveScan2.0 Installation

Drücke auf Jetzt Scannen!

Eine Registrierung ist nicht erforderlich!

Nachdem der Scan abgeschlossen ist drücke auf das Text-Icon Export und speichere das log auf dem Desktop.
Öffne die Datei ActiveScan.txt die sich nun auf deinem Desktop befindet und poste uns den Inhalt.
3.) Überprüfe den Rechner mit PrevXCSI. Poste ein Screenshot falls etwas gefunden werden sollte.

ciao, andreas

der_gizmo 17.07.2009 22:01
7% ?
Wo fang ich mir nur immer so Dinger ein (vor zwei Wochen H1N1... jetzt sowas... ich fang so langsam schon an zu glauben, dass ich meinen PC angesteckt hab... :affe: )

Da ich morgen (an einem Samstag...) aber zeitig raus muss, werd ich mich nun schlafen legen, das Scan-Ergebnis liefer ich morgen früh nach, falls ich aus irgendeinem Grund Schlafstörungen habe, eventuell schon früher... ;)

john.doe 17.07.2009 22:07
http://www.hofnik.omb-systems.com/pics/abinsbett.JPG

ciao, andreas

der_gizmo 18.07.2009 11:35
Panda:

Code:
;***********************************************************************************************************************************************************************************
ANALYSIS: 2009-07-18 12:33:33
PROTECTIONS: 1
MALWARE: 13
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description                                  Version                      Active    Updated
;===================================================================================================================================================================================
AntiVir Desktop                              9.0.1.30                      No        Yes
;===================================================================================================================================================================================
MALWARE
Id        Description                        Type                Active    Severity  Disinfectable  Disinfected Location
;===================================================================================================================================================================================
00041402  Exploit/MS04-022.gen              HackTools          No        0        Yes            No          C:\WINDOWS\Installer\29566.msp[unk_0007]
00139061  Cookie/Doubleclick                TrackingCookie      No        0        Yes            No          C:\Dokumente und Einstellungen\kwam\Cookies\kwam@doubleclick[1].txt
00139061  Cookie/Doubleclick                TrackingCookie      No        0        Yes            No          C:\WINDOWS\system32\config\systemprofile\Cookies\system@doubleclick[1].txt
00145393  Cookie/Tradedoubler                TrackingCookie      No        0        Yes            No          C:\Dokumente und Einstellungen\kwam\Cookies\kwam@tradedoubler[1].txt
00149116  Cookie/Ccbill                      TrackingCookie      No        0        Yes            No          C:\Dokumente und Einstellungen\kwam\Cookies\kwam@ccbill[1].txt
00168056  Cookie/YieldManager                TrackingCookie      No        0        Yes            No          C:\WINDOWS\system32\config\systemprofile\Cookies\system@ad.yieldmanager[2].txt
00168109  Cookie/Adtech                      TrackingCookie      No        0        Yes            No          C:\WINDOWS\system32\config\systemprofile\Cookies\system@adtech[1].txt
00168109  Cookie/Adtech                      TrackingCookie      No        0        Yes            No          C:\Dokumente und Einstellungen\kwam\Cookies\kwam@adtech[1].txt
00262020  Cookie/Atwola                      TrackingCookie      No        0        Yes            No          C:\Dokumente und Einstellungen\kwam\Cookies\kwam@atwola[1].txt
00590315  Rootkit/Agent.LNB                  HackTools          No        0        Yes            No          C:\System Volume Information\_restore{B7ABC265-EE74-42B4-8042-29A10BC5CEA1}\RP274\A0089106.sys
01675833  Trj/SMSlock.C                      Virus/Trojan        No        0        No            No          C:\Dokumente und Einstellungen\kwam\Desktop\Qoobox.rar[Qoobox\Quarantine\C\cleanup.exe.vir]
03074964  Trj/CI.A                          Virus/Trojan        No        0        No            No          C:\Dokumente und Einstellungen\kwam\Desktop\Qoobox.rar[Qoobox\Quarantine\C\WINDOWS\system32\ESQULjwoaypplxqliosrhdgapirxxdnowqyin.dll.vir]
03432103  Bck/Ciadoor.FQ                    Virus/Trojan        No        1        Yes            No          C:\Dokumente und Einstellungen\kwam\Desktop\dud\ICQ Status Checker.exe
03738701  Generic Malware                    Virus/Trojan        No        0        Yes            No          C:\Programme\QIP\uninstall.exe
03912402  Bck/Ciadoor.FQ                    Virus/Trojan        No        1        Yes            No          C:\Dokumente und Einstellungen\kwam\Desktop\dud\ICQ Ignore Checker.exe
;===================================================================================================================================================================================
SUSPECTS
Sent      Location                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              `
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id        Severity  Description                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                `
;===================================================================================================================================================================================
;===================================================================================================================================================================================

der_gizmo 18.07.2009 11:40
PrevXCSI ging ja schnell. Hat auf jeden Fall nichts entdeckt.

john.doe 18.07.2009 11:47
1.) Lösche Qoobox.rar von deinem Desktop, die Dateien wurden schon an die AVP-Hersteller verschickt.

2.) Folgende Dateien würde ich dir auch dringend zum Löschen empfehlen:
Zitat:
C:\Dokumente und Einstellungen\kwam\Desktop\dud\ICQ Status Checker.exe
C:\Dokumente und Einstellungen\kwam\Desktop\dud\ICQ Ignore Checker.exe
3.) Die Datei
Zitat:
C:\Programme\QIP\uninstall.exe
bitte bei www.virustotal.com überprüfen lassen und hier den kompletten Bericht posten. Benutze bitte [ code]Bericht[ /code]-Befehle, dann ist die Darstellung besser. Alternativ kannst du in der Symbolleiste dass 4. Symbol von rechts => # benutzen.

4.) Deaktiviere die Systemwiederherstellung, im Verlauf der Infektion wurden auch Malwaredateien in Wiederherstellungspunkten mitgesichert - die sind alle nun unbrauchbar, da ein Zurücksetzen des System durch einen Wiederherstellungspunkt das System wahrscheinlich wieder infizieren würde.
Nach Neustart kann sie wieder aktiviert werden.

ciao, andreas

der_gizmo 18.07.2009 16:28
Die Dateiüberprüfung läuft nun bereits über 3h. Kann das sein, oder lief da irgendetwas schief?

john.doe 18.07.2009 16:32
Zitat:
Kann das sein, oder lief da irgendetwas schief?
Ganz sicher, klicke auf aktualisieren. Sollte das nicht helfen und die Datei kleiner als 3MB sein, kannst du sie auch bei uns uploaden => http://www.trojaner-board.de/54791-a...ner-board.html

ciao, andreas

der_gizmo 18.07.2009 16:39
Ok, F5 hat geholfen ;)


Code:
Antivirus        Version        letzte aktualisierung        Ergebnis
a-squared        4.5.0.24        2009.07.18        -
AhnLab-V3        5.0.0.2        2009.07.18        -
AntiVir        7.9.0.220        2009.07.17        -
Antiy-AVL        2.0.3.7        2009.07.17        -
Authentium        5.1.2.4        2009.07.18        -
Avast        4.8.1335.0        2009.07.17        -
AVG        8.5.0.387        2009.07.18        -
BitDefender        7.2        2009.07.18        -
CAT-QuickHeal        10.00        2009.07.17        -
ClamAV        0.94.1        2009.07.18        -
Comodo        1690        2009.07.18        -
DrWeb        5.0.0.12182        2009.07.18        -
eSafe        7.0.17.0        2009.07.16        Suspicious File
eTrust-Vet        31.6.6623        2009.07.18        -
F-Prot        4.4.4.56        2009.07.17        -
F-Secure        8.0.14470.0        2009.07.17        -
Fortinet        3.120.0.0        2009.07.18        -
GData        19        2009.07.18        -
Ikarus        T3.1.1.64.0        2009.07.18        -
Jiangmin        11.0.800        2009.07.18        -
K7AntiVirus        7.10.794        2009.07.16        Trojan.Win32.Malware.1
Kaspersky        7.0.0.125        2009.07.18        -
McAfee        5679        2009.07.17        -
McAfee+Artemis        5679        2009.07.17        -
McAfee-GW-Edition        6.8.5        2009.07.18        -
Microsoft        1.4803        2009.07.18        -
NOD32        4256        2009.07.18        -
Norman        6.01.09        2009.07.17        -
nProtect        2009.1.8.0        2009.07.18        -
Panda        10.0.0.14        2009.07.17        Generic Malware
PCTools        4.4.2.0        2009.07.17        -
Prevx        3.0        2009.07.18        High Risk Worm
Rising        21.38.52.00        2009.07.18        -
Sophos        4.43.0        2009.07.18        -
Sunbelt        3.2.1858.2        2009.07.18        -
Symantec        1.4.4.12        2009.07.18        -
TheHacker        6.3.4.3.370        2009.07.17        -
TrendMicro        8.950.0.1094        2009.07.17        PAK_Generic.001
VBA32        3.12.10.8        2009.07.17        -
ViRobot        2009.7.17.1841        2009.07.17        -
VirusBuster        4.6.5.0        2009.07.16        -
weitere Informationen
File size: 10752 bytes
MD5  : 25116b532484c18ec775bc26914da309
SHA1  : 34313cc8e85585206167a14ccb5868060a569806
SHA256: b88e752f1647e7e10cd72ff49212a701f5b2b5445f93d46f0dd375bcd67c074b
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x9C90
timedatestamp.....: 0x43F654A2 (Fri Feb 17 23:56:34 2006)
machinetype.......: 0x14C (Intel I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0x7000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0x8000 0x2000 0x1E00 7.83 fc4ef447659b59cf04c5f06c45607d5f
.rsrc 0xA000 0x1000 0x800 3.36 c160677f97d54879bdc87533f8c2c760

( 7 imports )

> advapi32.dll: RegCloseKey
> kernel32.dll: LoadLibraryA, GetProcAddress, ExitProcess
> msvcp60.dll: __1_Winit@std@@QAE@XZ
> msvcrt.dll: exit
> ole32.dll: CoInitialize
> shell32.dll: SHGetMalloc
> user32.dll: GetFocus

( 0 exports )
TrID  : File type identification
39.5% (.EXE) UPX compressed Win32 Executable (30569/9/7)
34.3% (.EXE) Win32 EXE Yoda's Crypter (26569/9/4)
11.0% (.EXE) Win32 Executable Generic (8527/13/3)
9.8% (.DLL) Win32 Dynamic Link Library (generic) (7583/30/2)
2.5% (.EXE) Generic Win/DOS Executable (2002/3)
ssdeep: 192:agMMw34x7j4Dsw7zPTeCB04u9N2cQZMa+3EGrfaTsPI32hZP7C9WU5y:D/rdjsw9McQmpUGrjQGHP7Doy
Prevx Info: http://info.prevx.com/aboutprogramtext.asp?PX5=14183E20004B4AA72A13005869B4930050768941
PEiD  : UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
packers (Kaspersky): UPX
packers (F-Prot): UPX
CWSandbox: http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=25116b532484c18ec775bc26914da309
RDS  : NSRL Reference Data Set

der_gizmo 18.07.2009 16:41
Liste der Anhänge anzeigen (Anzahl: 1)
Diesen S-Shot wollte ich eigentlich noch annhängen. Warum er nun nicht angezeigt wird, weiß ich nicht.

john.doe 18.07.2009 16:56
Die gleichen Dateien, die Panda auch angenörgelt hat, lösche beide, dann ist Ruhe.

1.) Wie geht es dem Rechner? Noch irgendwelche Auffälligkeiten?

2.) Poste neue RSIT-Logs => http://www.trojaner-board.de/74910-a...tion-tool.html

3.) Kaspersky - Onlinescanner

Dieser Scanner entfernt die Funde nicht, gibt aber einen guten Überblick über die vorhandene Malware.

---> hier herunterladen => Kaspersky Online Scanner
=> Hinweise zu älteren Versionen beachten!
=> Voraussetzung: Internet Explorer 6.0 oder höher
=> die nötigen ActiveX-Steuerelemente installieren => Update der Signaturen => Weiter
=> Scan-Einstellungen => Standard wählen => OK => Link "Arbeitsplatz" anklicken
=> Scan beginnt automatisch => Untersuchung wurde abgeschlossen => Protokoll speichern als
=> Dateityp auf .txt umstellen => auf dem Desktop als Kaspersky.txt speichern => Log hier posten
=> Deinstallation => Systemsteuerung => Software => Kaspersky Online Scanner entfernen

ciao, andreas

der_gizmo 18.07.2009 17:00
Nein, ich merke nichts mehr, allerdings ist das schon seit dem Avengerdurchlauf so der Fall.

der_gizmo 18.07.2009 17:05
Log, Teil I:

Code:
Logfile of random's system information tool 1.06 (written by random/random)
Run by kwam at 2009-07-18 18:03:55
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 132 GB (55%) free of 238 GB
Total RAM: 2046 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:03:56, on 18.07.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Programme\ICQ6Toolbar\ICQ Service.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\CardReader2.0\OTiReader.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Programme\Winamp\winampa.exe
C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Creative\MediaSource\Detector\CTDetect.exe
C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Programme\Gemeinsame Dateien\Teleca Shared\Generic.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programme\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\Prevx\prevx.exe
C:\Programme\Prevx\prevx.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\ICQ6.5\ICQ.exe
C:\Programme\Winamp\winamp.exe
C:\Dokumente und Einstellungen\kwam\Desktop\RSIT(2).exe
C:\Programme\trend micro\kwam.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=101677&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: (no name) -  - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Programme\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\GEMEIN~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Programme\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ6.5\ICQ.exe" silent
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: CSIScanner - Prevx - C:\Programme\Prevx\prevx.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Programme\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Programme\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OTi Card Reader Service - Unknown owner - C:\Programme\CardReader2.0\OTiReader.exe

--
End of file - 9681 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\programme\google\googletoolbar1.dll [2008-10-24 2427968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-12-24 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\programme\google\googletoolbar1.dll [2008-10-24 2427968]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll [2008-10-14 863688]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Programme\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-05-13 7606272]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit []
"CTHelper"=C:\WINDOWS\CTHELPER.EXE [2005-08-08 16384]
"CTxfiHlp"=C:\WINDOWS\system32\CTXFIHLP.EXE [2005-08-08 18944]
"D-Link AirPlus G"=C:\Programme\D-Link\AirPlus G\AirGCFG.exe [2005-07-22 1519616]
"ANIWZCS2Service"=C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2004-12-16 49152]
"JMB36X Configure"=C:\WINDOWS\system32\JMRaidTool.exe [2006-04-20 385024]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-05-04 16206848]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-04-24 1448960]
"Sony Ericsson PC Suite"=C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-03-28 593920]
"WinampAgent"=C:\Programme\Winamp\winampa.exe [2009-02-25 37888]
"AdobeCS4ServiceManager"=C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"Acrobat Assistant 8.0"=C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]
"Adobe_ID0ENQBO"=C:\PROGRA~1\GEMEIN~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2008-08-15 378224]
"avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Creative Detector"=C:\Programme\Creative\MediaSource\Detector\CTDetect.exe [2004-12-02 102400]
"Sony Ericsson PC Suite"=C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-02-16 405504]
"ICQ"=C:\Programme\ICQ6.5\ICQ.exe [2009-03-01 172792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-23 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cognac]
C:\DOKUME~1\kwam\LOKALE~1\Temp\b.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CRBroadCasting]
C:\Programme\CardReader2.0\CRBroadCasting.exe [2004-07-27 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Programme\DAEMON Tools Lite\daemon.exe [2008-08-08 490952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Programme\Skype\Phone\Skype.exe [2008-11-07 21633320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-24 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\ICQ6.5\ICQ.exe"="C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Dokumente und Einstellungen\kwam\Desktop\dud\Age Of Empires 2 & The Conquerors Expansion -\age2_x1.exe"="C:\Dokumente und Einstellungen\kwam\Desktop\dud\Age Of Empires 2 & The Conquerors Expansion -\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe"="C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:*:Enabled:Adobe Version Cue CS4 Server"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.js - open - "C:\Programme\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 months======

2009-07-18 18:01:25 ----D---- C:\rsit
2009-07-18 12:36:18 ----D---- C:\Programme\Prevx
2009-07-18 12:36:14 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PrevxCSI
2009-07-18 12:36:14 ----A---- C:\WINDOWS\wininit.ini
2009-07-17 22:37:32 ----D---- C:\Programme\Panda Security
2009-07-17 22:35:59 ----SHD---- C:\Config.Msi
2009-07-17 20:08:39 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com
2009-07-17 20:08:22 ----D---- C:\Programme\SUPERAntiSpyware
2009-07-17 20:08:22 ----D---- C:\Dokumente und Einstellungen\kwam\Anwendungsdaten\SUPERAntiSpyware.com
2009-07-17 18:10:00 ----SD---- C:\combo-fix
2009-07-17 10:11:31 ----A---- C:\ComboFix.txt
2009-07-17 09:56:36 ----D---- C:\WINDOWS\temp
2009-07-16 01:34:42 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-16 01:34:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-16 01:33:18 ----A---- C:\WINDOWS\imsins.BAK
2009-07-16 01:33:14 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-16 01:03:54 ----D---- C:\Dokumente und Einstellungen\kwam\Anwendungsdaten\Malwarebytes
2009-07-16 00:51:18 ----A---- C:\Boot.bak
2009-07-16 00:51:10 ----D---- C:\cmdcons
2009-07-16 00:47:56 ----D---- C:\WINDOWS\ERDNT
2009-07-16 00:26:58 ----A---- C:\RootRepeal report 07-16-09 (00-26-58).txt
2009-07-15 23:23:19 ----A---- C:\RootRepeal report 07-15-09 (23-23-19).txt
2009-07-15 22:13:21 ----D---- C:\Programme\CCleaner
2009-07-15 15:15:13 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2009-07-15 15:15:13 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2009-07-14 22:35:27 ----D---- C:\Programme\Trend Micro
2009-07-14 20:46:52 ----D---- C:\WINDOWS\Minidump
2009-07-14 20:38:41 ----A---- C:\WINDOWS\Robota.INI
2009-07-14 20:38:36 ----D---- C:\Dokumente und Einstellungen\kwam\Anwendungsdaten\MAGIX
2009-07-14 20:23:09 ----A---- C:\WINDOWS\system32\mpg4c32.dll
2009-07-14 20:23:07 ----A---- C:\WINDOWS\system32\wmv8dmod.dll
2009-07-14 20:22:19 ----A---- C:\WINDOWS\system32\msxml4a.dll
2009-07-14 20:22:17 ----A---- C:\WINDOWS\system32\TTIC32.dll
2009-07-14 20:22:17 ----A---- C:\WINDOWS\system32\TTI32.dll
2009-07-14 20:22:17 ----A---- C:\WINDOWS\system32\STRING32.dll
2009-07-14 20:22:17 ----A---- C:\WINDOWS\system32\MXRestore.exe
2009-07-14 20:22:17 ----A---- C:\WINDOWS\system32\mgxcdr.txt
2009-07-14 20:22:17 ----A---- C:\WINDOWS\system32\mgxasio2.dll
2009-07-14 20:22:17 ----A---- C:\WINDOWS\system32\DLLTPO32.dll
2009-07-14 20:22:17 ----A---- C:\WINDOWS\system32\DLLRES32.dll
2009-07-14 20:22:17 ----A---- C:\WINDOWS\system32\DLLRD32.dll
2009-07-14 20:22:16 ----A---- C:\WINDOWS\system32\DLLPTL32.dll
2009-07-14 20:22:16 ----A---- C:\WINDOWS\system32\DLLPRJ32.dll
2009-07-14 20:22:16 ----A---- C:\WINDOWS\system32\DLLPRF32.dll
2009-07-14 20:22:16 ----A---- C:\WINDOWS\system32\DLLPNT32.dll
2009-07-14 20:22:16 ----A---- C:\WINDOWS\system32\DLLMSC32.dll
2009-07-14 20:22:16 ----A---- C:\WINDOWS\system32\DLLIX.dll
2009-07-14 20:22:16 ----A---- C:\WINDOWS\system32\DLLISO32.dll
2009-07-14 20:22:16 ----A---- C:\WINDOWS\system32\DLLIO32.dll
2009-07-14 20:22:16 ----A---- C:\WINDOWS\system32\DLLIMG32.dll
2009-07-14 20:22:16 ----A---- C:\WINDOWS\system32\DLLDRV32.dll
2009-07-14 20:22:16 ----A---- C:\WINDOWS\system32\DLLDIR32.dll
2009-07-14 20:22:16 ----A---- C:\WINDOWS\system32\DLLDEV32.dll
2009-07-14 20:22:16 ----A---- C:\WINDOWS\system32\DLLCPY32.dll
2009-07-14 20:22:16 ----A---- C:\WINDOWS\system32\DLLCDF32.dll
2009-07-14 20:22:16 ----A---- C:\WINDOWS\system32\DLLCDA32.dll
2009-07-14 20:22:16 ----A---- C:\WINDOWS\system32\DLLAV32.dll
2009-07-14 20:21:38 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
2009-07-14 20:21:23 ----A---- C:\WINDOWS\system32\DLLDEV32i.dll
2009-07-14 20:21:10 ----D---- C:\WINDOWS\system32\MAGIX
2009-07-14 20:21:10 ----A---- C:\WINDOWS\system32\mgxoschk.dll
2009-07-14 20:21:10 ----A---- C:\WINDOWS\mgxoschk.ini
2009-07-14 19:27:31 ----D---- C:\Programme\Audacity
2009-07-10 20:47:49 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-07-10 20:47:08 ----A---- C:\WINDOWS\system32\psisdecd.dll
2009-07-10 20:47:02 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2009-07-07 18:30:23 ----D---- C:\Programme\Avira
2009-07-07 18:30:23 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
2009-07-06 22:52:05 ----D---- C:\Dokumente und Einstellungen\kwam\Anwendungsdaten\com.adobe.ExMan
2009-07-02 21:11:46 ----D---- C:\Dokumente und Einstellungen\kwam\Anwendungsdaten\Apple Computer
2009-06-24 00:06:08 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-06-24 00:05:48 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-06-22 15:26:19 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
2009-06-22 15:22:16 ----A---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpe146.dll
2009-06-22 15:12:11 ----D---- C:\Programme\Gemeinsame Dateien\Sony Shared
2009-06-22 15:11:58 ----D---- C:\Programme\Sony
2009-06-22 15:09:10 ----D---- C:\Programme\Gemeinsame Dateien\Apple
2009-06-22 15:09:08 ----D---- C:\Programme\QuickTime
2009-06-22 15:09:07 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple Computer
2009-06-22 15:08:57 ----D---- C:\Programme\Apple Software Update
2009-06-22 15:08:57 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple
2009-06-22 15:08:22 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-06-22 15:08:00 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-06-22 15:06:51 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2009-06-22 15:05:58 ----D---- C:\Dokumente und Einstellungen\kwam\Anwendungsdaten\Sony

der_gizmo 18.07.2009 17:07
Log, Teil II:
Code:

======List of files/folders modified in the last 1 months======

2009-07-18 18:03:37 ----RD---- C:\Programme
2009-07-18 18:03:27 ----D---- C:\WINDOWS\Prefetch
2009-07-18 18:03:27 ----D---- C:\Programme\Vuze
2009-07-18 17:52:18 ----D---- C:\Dokumente und Einstellungen\kwam\Anwendungsdaten\Winamp
2009-07-18 12:36:18 ----D---- C:\WINDOWS\system32\drivers
2009-07-18 12:36:14 ----D---- C:\WINDOWS
2009-07-18 07:54:32 ----D---- C:\Programme\Mozilla Firefox
2009-07-18 07:53:33 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-18 01:09:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-17 22:43:40 ----D---- C:\Dokumente und Einstellungen\kwam\Anwendungsdaten\temp
2009-07-17 22:42:18 ----D---- C:\WINDOWS\system32
2009-07-17 22:39:47 ----HD---- C:\WINDOWS\inf
2009-07-17 22:36:09 ----SHD---- C:\WINDOWS\Installer
2009-07-17 22:36:02 ----D---- C:\Programme\Gemeinsame Dateien
2009-07-17 22:29:12 ----D---- C:\Programme\PartyGaming
2009-07-17 18:10:30 ----SHD---- C:\System Volume Information
2009-07-17 18:10:30 ----D---- C:\WINDOWS\system32\Restore
2009-07-17 09:58:51 ----A---- C:\WINDOWS\system.ini
2009-07-17 09:50:44 ----D---- C:\WINDOWS\AppPatch
2009-07-16 19:38:29 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lavasoft
2009-07-16 15:52:56 ----D---- C:\Dokumente und Einstellungen\kwam\Anwendungsdaten\FrostWire
2009-07-16 01:34:42 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-16 01:34:40 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-16 01:33:24 ----D---- C:\WINDOWS\Debug
2009-07-16 00:51:18 ----RASH---- C:\boot.ini
2009-07-15 23:59:29 ----SD---- C:\WINDOWS\Tasks
2009-07-14 23:01:21 ----A---- C:\WINDOWS\win.ini
2009-07-14 22:06:57 ----D---- C:\Programme\Warcraft III
2009-07-14 20:23:18 ----D---- C:\WINDOWS\Help
2009-07-14 20:22:39 ----RSD---- C:\WINDOWS\Fonts
2009-07-14 20:21:11 ----D---- C:\Dokumente und Einstellungen\kwam\Anwendungsdaten\Azureus
2009-07-10 22:57:54 ----SD---- C:\Dokumente und Einstellungen\kwam\Anwendungsdaten\Microsoft
2009-07-10 20:46:55 ----D---- C:\WINDOWS\system32\DirectX
2009-07-10 20:10:54 ----D---- C:\Programme\Microsoft Games
2009-07-10 16:06:56 ----D---- C:\Dokumente und Einstellungen\kwam\Anwendungsdaten\Skype
2009-07-10 16:01:01 ----D---- C:\Dokumente und Einstellungen\kwam\Anwendungsdaten\skypePM
2009-07-07 19:11:49 ----D---- C:\WINDOWS\WinSxS
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-06 22:54:36 ----D---- C:\Dokumente und Einstellungen\kwam\Anwendungsdaten\Adobe
2009-07-02 21:16:14 ----D---- C:\Programme\Gemeinsame Dateien\DVDVideoSoft
2009-07-02 21:16:10 ----D---- C:\Programme\DVDVideoSoft
2009-06-24 00:06:25 ----D---- C:\WINDOWS\system32\CatRoot
2009-06-22 15:28:08 ----SD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft
2009-06-22 15:22:02 ----HD---- C:\Programme\InstallShield Installation Information
2009-06-22 15:22:02 ----D---- C:\Programme\Sony Ericsson
2009-06-22 15:09:29 ----D---- C:\Programme\Internet Explorer
2009-06-22 15:08:28 ----D---- C:\Programme\Windows Media Player
2009-06-22 15:08:08 ----D---- C:\WINDOWS\system32\LogFiles

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-07-08 96104]
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-07-08 28520]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 ANIO;ANIO Service; \??\C:\WINDOWS\system32\ANIO.SYS []
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-07-08 55640]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2005-08-07 501760]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2005-08-07 439424]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2005-08-07 7168]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2005-08-07 142848]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2006-04-03 199168]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2005-08-07 77824]
R3 ha20x2k;Creative 20X HAL Driver; C:\WINDOWS\system32\drivers\ha20x2k.sys [2005-08-07 1093632]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12288]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-05-13 3918176]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2005-08-07 114688]
R3 RT61;D-Link Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2005-06-04 319104]
R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbstor;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 ab7p2ig4;ab7p2ig4; C:\WINDOWS\system32\drivers\ab7p2ig4.sys []
S3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 catchme;catchme; \??\C:\DOKUME~1\kwam\LOKALE~1\Temp\catchme.sys []
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2005-07-13 340704]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-01-29 25280]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-05-04 4271616]
S3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1018bus.sys [2008-11-04 86696]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys [2008-11-04 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1018mdm.sys [2008-11-04 114472]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys [2008-11-04 108328]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1018nd5.sys [2008-11-04 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1018obex.sys [2008-11-04 104616]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1018unic.sys [2008-11-04 109736]
S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360]
S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 97088]
S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624]
S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS); C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 18704]
S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432]
S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 90800]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-07-08 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-07-08 185089]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [1999-12-12 44032]
R2 CSIScanner;CSIScanner; C:\Programme\Prevx\prevx.exe [2009-07-18 4368952]
R2 ICQ Service;ICQ Service; C:\Programme\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 NMSAccessU;NMSAccessU; C:\Programme\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-05-13 155715]
R2 OTi Card Reader Service;OTi Card Reader Service; C:\Programme\CardReader2.0\OTiReader.exe [2004-07-26 139369]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ANIWZCSdService;ANIWZCSd Service; C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [2004-10-22 49152]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.20506\aspnet_state.exe [2009-05-06 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 clr_optimization_v4.0.20506_32;.NET Runtime Optimization Service v4.0.20506_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.20506\mscorsvw.exe [2009-05-06 104272]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Programme\MAGIX\Common\Database\bin\fbserver.exe []
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-06-05 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

der_gizmo 18.07.2009 17:08
Info, Teil I.a:

Code:
info.txt logfile of random's system information tool 1.06 2009-07-18 18:01:28

======Uninstall list======

-->"C:\Programme\Creative\Sound Blaster X-Fi\Program\SETUP.EXE" /S /U /W /L:GER
-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x7  /remove
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}\setup.exe" -l0x7  /remove
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x7  /remove
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{32903944-19A2-418C-901D-4BBAF4C55ABA}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{32903944-19A2-418C-901D-4BBAF4C55ABA}\setup.exe" -l0x7  /remove
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}\setup.exe" -l0x7  /remove
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{6BF90A01-FA3F-42B9-A071-7D744409967E}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{6BF90A01-FA3F-42B9-A071-7D744409967E}\setup.exe" -l0x7  /remove
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x7  /remove
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x7  /remove
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x7  /remove
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B8DA9EB2-DBEF-4F0A-B90A-45B77D9E65B2}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B8DA9EB2-DBEF-4F0A-B90A-45B77D9E65B2}\setup.exe" -l0x7  /remove
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x7
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x7  /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->msiexec /qb /x {C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}
Acrobat.com-->MsiExec.exe /I{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}
Adobe After Effects CS4 Presets-->MsiExec.exe /I{44E240EC-2224-4078-A88B-2CEE0D3016EF}
Adobe After Effects CS4 Third Party Content-->MsiExec.exe /I{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}
Adobe After Effects CS4-->MsiExec.exe /I{45EC816C-0771-4C14-AE6D-72D1B578F4C8}
Adobe AIR-->c:\Programme\Gemeinsame Dateien\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Asset Services CS4-->MsiExec.exe /I{B9F4561A-924D-4510-A85A-BB0960C338CB}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}
Adobe Color Video Profiles AE CS4-->MsiExec.exe /I{B15381DD-FF97-4FCD-A881-ED4DB0975500}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe Contribute CS4-->MsiExec.exe /I{A6EC82A0-1414-475D-8AFD-469089F3080D}
Adobe Creative Suite 4 Master Collection-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\b2d6abde968e6f277ddbfd501383e02\Setup.exe --uninstall=1
Adobe Creative Suite 4 Master Collection-->MsiExec.exe /I{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}
Adobe CS4 American English Speech Analysis Models-->MsiExec.exe /I{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Dreamweaver CS4-->MsiExec.exe /I{30C8AA56-4088-426F-91D1-0EDFD3A25678}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
Adobe Encore CS4 Codecs-->MsiExec.exe /I{FB2A5FCC-B81B-48C2-A009-7804694D83E9}
Adobe Encore CS4-->MsiExec.exe /I{5EAD5443-7194-46CC-A055-428E6ABB1BAF}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Fireworks CS4-->MsiExec.exe /I{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}
Adobe Flash CS4 Extension - Flash Lite STI en-->MsiExec.exe /I{793D1D88-6141-43DE-BE58-59BCE31B4090}
Adobe Flash CS4 STI-en-->MsiExec.exe /I{2168245A-B5AD-40D8-A641-48E3E070B5B6}
Adobe Flash CS4-->MsiExec.exe /I{F6E99614-F042-4459-82B7-8B38B2601356}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Illustrator CS4-->MsiExec.exe /I{87532CAB-7932-4F84-8937-823337622807}
Adobe InDesign CS4 Application Feature Set Files (Roman)-->MsiExec.exe /I{2BAF2B96-7560-48B4-87D4-10178DDBE217}
Adobe InDesign CS4 Common Base Files-->MsiExec.exe /I{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}
Adobe InDesign CS4 Icon Handler-->MsiExec.exe /I{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}
Adobe InDesign CS4-->MsiExec.exe /I{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Encoder CS4 Additional Exporter-->MsiExec.exe /I{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}
Adobe Media Encoder CS4 Dolby-->MsiExec.exe /I{EE353798-E875-42E0-B58D-7E6696182EA8}
Adobe Media Encoder CS4 Exporter-->MsiExec.exe /I{561968FD-56A1-49FD-9ED0-F55482C7C5BC}
Adobe Media Encoder CS4 Importer-->MsiExec.exe /I{8186FF34-D389-4B7E-9A2F-C197585BCFBD}
Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe MotionPicture Color Files CS4-->MsiExec.exe /I{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}
Adobe OnLocation CS4-->MsiExec.exe /I{7406DF60-016D-476B-A2C7-55D997592047}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Premiere Pro CS4 Functional Content-->MsiExec.exe /I{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}
Adobe Premiere Pro CS4 Third Party Content-->MsiExec.exe /I{C938BE91-3BB5-4B84-9EF6-88F0505D0038}
Adobe Premiere Pro CS4-->MsiExec.exe /I{D499F8DE-3F31-4900-9157-61061613704B}
Adobe Reader 9.1 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A91000000001}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}
Adobe SGM CS4-->MsiExec.exe /I{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}
Adobe SING CS4-->MsiExec.exe /I{4A52555C-032A-4083-BDD9-6A85ABFB39A8}
Adobe Soundbooth CS4 Codecs-->MsiExec.exe /I{52232EF4-CC12-4C21-ABCF-ADB79618302D}
Adobe Soundbooth CS4-->MsiExec.exe /I{14F70205-1940-4000-88C7-BE799A6B2CAD}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe Version Cue CS4 Server-->MsiExec.exe /I{1B7C06E1-4888-47A6-992A-0990B9683486}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
Adobe® Photoshop® Album Starter Edition 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:35 Uhr.
Seite 4 von 6 « Erste 23 4 56
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131