Home » Spyware & Browser Hijacker Support Forum » IE-Explorer ruft immer wieder neue Seiten und Fenster auf » Themenansicht

IE-Explorer ruft immer wieder neue Seiten und Fenster auf
#0
07.07.2008, 17:42
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#31 hat sich wieder neu erstellt: ;)
C:\WINDOWS\system32\mFYnccsN.exe

Avenger

Zitat

Files to delete:
C:\WINDOWS\system32\mtp8Iqyj.exe
C:\WINDOWS\system32\mFYnccsN.exe
C:\WINDOWS\system32\mFYnccsN.exe__
C:\WINDOWS\system32\mFYnccsN.exe_
Folders to delete:
C:\Programme\EleFun Desktops
C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\elefundesktops

__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
07.07.2008, 18:02
InodeGue-LNZ
...neu hier

Beiträge: 10
#32 Folders deleted
war nur mehr eine datei da C:\WINDOWS\system32\mFYnccsN.exe

und die hab ich auch deleted

lg
\gue
Seitenanfang Seitenende
07.07.2008, 18:03
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#33 dann
ComboFix entfernen
Start - Ausführen - Kopiere rein: Combofix /U
- klicke "OK"

lade combofix neu + poste den report
http://virus-protect.org/artikel/tools/combofix.html
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
07.07.2008, 18:13
InodeGue-LNZ
...neu hier

Beiträge: 10
#34 scheint alles weg zu sein
keine der obgenannten nach reboot da
keine popups mehr
aber die handles gehen auf 16000 rauf
Threads 754
Seitenanfang Seitenende
07.07.2008, 18:18
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#35 o.k. dann wenden wir uns mal den handles zu.
Was ist das ;)

poste hier die 2 logs von comboscan
http://virus-protect.org/artikel/tools/comboscan.html
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
07.07.2008, 18:30
InodeGue-LNZ
...neu hier

Beiträge: 10
#36 '###############################################################'


MAIN.TXT

Deckard's System Scanner v20071014.68
Run by InodeGue on 2008-07-07 18:29:18
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Failed to create restore point; System Restore is disabled (service is not running).


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as InodeGue.exe) --------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:30:33, on 07.07.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programme\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Programme\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Programme\Creative\Shared Files\Module Loader\DLLML.exe
C:\Programme\DU Meter\DUMeter.exe
C:\Programme\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Programme\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Windows Live\Messenger\MsnMsgr.Exe
C:\Programme\Creative\MediaSource5\Go\CTCMSGoU.exe
C:\Programme\QIP 2005 psYNovA-Edition\qip.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Programme\DAEMON Tools\daemon.exe
C:\Programme\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.EXE
C:\Programme\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Programme\Trend Micro\Internet Security\SfCtlCom.exe
C:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Trend Micro\BM\TMBMSRV.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Programme\Trend Micro\Internet Security\TmProxy.exe
C:\Programme\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Dokumente und Einstellungen\InodeGue\Desktop\dss.exe
C:\WINDOWS\system32\taskmgr.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\InodeGue.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.at/ig?hl=de
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://powerc102.toptip.nu/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Programme\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VolPanel] "C:\Programme\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Programme\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Programme\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DU Meter] C:\Programme\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Programme\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Programme\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Programme\Creative\MediaSource5\Go\CTCMSGoU.exe" /SCB
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Programme\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [QIP2005] C:\Programme\QIP 2005 psYNovA-Edition\qip.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programme\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programme\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: An vorhandenes PDF anfügen - res://C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1213705816133
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1213712912859
O16 - DPF: {A672558F-A878-4D5A-A921-627C091CEB66} (Flatcast Producer 5.0) - http://data.flatcast.com/data/objects/NpFp501.dll
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} (Flatcast Viewer 5.0) - http://data.flatcast.com/data/objects/NpFv501.dll
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15035/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{668FF12A-FDD5-4B77-AB00-1CEF3DA59FFB}: NameServer = 195.58.160.194,195.58.161.122
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Programme\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Zentrale Steuerkomponente (SfCtlCom) - Trend Micro Inc. - C:\Programme\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Programme\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Programme\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 11077 bytes

-- File Associations -----------------------------------------------------------

[COLOR=red].cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*[/COLOR]
[COLOR=red].cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*[/COLOR]


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 MarxDev1 - c:\windows\system32\drivers\marxdev1.sys
R2 MarxDev2 - c:\windows\system32\drivers\marxdev2.sys
R2 MarxDev3 - c:\windows\system32\drivers\marxdev3.sys
R3 MMRTKRNL - c:\windows\system32\drivers\mmrtkrnl.sys <Not Verified; ALCATech GmbH; ALCATech Realtime Audio Kernel>

S3 GMSIPCI - m:\install\gmsipci.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 PLFlash DeviceIoControl Service - c:\windows\system32\ioctlsvc.exe <Not Verified; Prolific Technology Inc.; IoctlSvc Application>

S2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - c:\programme\bonjour\mdnsresponder.exe (file missing)
S3 FLEXnet Licensing Service - "c:\programme\gemeinsame dateien\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S4 Nero BackItUp Scheduler 3 - c:\programme\nero\nero8\nero backitup\nbservice.exe


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Description: PS/2 Keyboard
Device ID: ACPI\PNP0303\4&2B0A5BEB&0
Manufacturer: Logitech
Name: PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&2B0A5BEB&0
Service: i8042prt

Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: PS/2 Compatible Mouse
Device ID: ACPI\PNP0F03\4&2B0A5BEB&0
Manufacturer: Logitech
Name: PS/2 Compatible Mouse
PNP Device ID: ACPI\PNP0F03\4&2B0A5BEB&0
Service: i8042prt

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: NVIDIA nForce Networking Controller
Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV0373\4&210CEC41&0&00
Manufacturer: NVIDIA
Name: NVIDIA nForce Networking Controller #2
PNP Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV0373\4&210CEC41&0&00
Service: NVENETFD

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA


-- Files created between 2008-06-07 and 2008-07-07 -----------------------------

2008-07-07 16:38:51 0 d-------- C:\WINDOWS\system32\appmgmt
2008-07-07 11:46:34 0 d-------- C:\Programme\CCleaner
2008-07-07 10:20:18 175616 --a------ C:\WINDOWS\system32\strings.exe
2008-07-07 10:20:18 16384 --a------ C:\WINDOWS\system32\restart.exe <Not Verified; WareSoft Software; restart>
2008-07-07 10:20:18 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2008-07-07 10:20:18 39184 --a------ C:\WINDOWS\system32\Ntrights.exe
2008-07-07 10:20:18 11254 --a------ C:\WINDOWS\system32\locate.com
2008-07-05 12:08:06 0 d-------- C:\Programme\DAEMON Tools
2008-07-02 17:05:57 48128 --a------ C:\WINDOWS\system32\WNASPI32.DLL <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-07-02 17:05:57 47104 --a------ C:\WINDOWS\system32\TDXMW32.DLL <Not Verified; TechnoData GmbH; >
2008-07-02 17:05:57 8012 --a------ C:\WINDOWS\system32\drivers\TDLPT.SYS <Not Verified; Sven Goers Software; Lpt-Driver>
2008-07-02 17:05:57 8864 --a------ C:\WINDOWS\system32\drivers\MARXDEV3.SYS
2008-07-02 17:05:57 8864 --a------ C:\WINDOWS\system32\drivers\MARXDEV2.SYS
2008-07-02 17:05:57 8864 --a------ C:\WINDOWS\system32\drivers\MARXDEV1.SYS
2008-07-02 17:05:57 28448 --a------ C:\WINDOWS\system32\drivers\CBUSB.SYS <Not Verified; Marx Software Security AG; MARX(c) USB crypToken>
2008-07-02 17:05:57 23936 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-07-02 17:05:57 4672 --a------ C:\WINDOWS\system\WOWPOST.EXE <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-07-02 17:05:54 32960 --a------ C:\WINDOWS\system32\drivers\mmrtkrnl.sys <Not Verified; ALCATech GmbH; ALCATech Realtime Audio Kernel>
2008-07-02 17:04:25 299520 --a------ C:\WINDOWS\uninst.exe <Not Verified; InstallShield Corporation, Inc.; InstallShield unInstaller>
2008-07-02 11:02:48 0 d-------- C:\Programme\TuneUp Utilities 2008
2008-07-02 10:44:23 0 d-------- C:\Programme\MSXML 4.0
2008-07-02 10:43:23 0 d-------- C:\WINDOWS\system32\LogFiles
2008-06-30 20:51:05 0 d-------- C:\Programme\Windows Live Safety Center
2008-06-23 20:47:03 0 d-------- C:\Programme\Lavalys
2008-06-23 14:40:40 0 d-------- C:\Programme\Skype
2008-06-21 20:54:32 0 d-------- C:\Programme\eMule
2008-06-20 14:57:04 0 d-------- C:\Programme\Nero
2008-06-20 14:57:04 0 d-------- C:\Programme\Gemeinsame Dateien\Nero
2008-06-19 15:17:17 0 d-------- C:\Programme\Java
2008-06-19 15:16:57 0 d-------- C:\Programme\Gemeinsame Dateien\Java
2008-06-18 22:58:25 0 d-------- C:\WINDOWS\system32\NtmsData
2008-06-18 19:40:57 0 d-------- C:\Programme\VirtualDJ
2008-06-18 18:13:05 0 d-------- C:\Programme\Windows Media Connect 2
2008-06-18 18:11:39 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-06-18 14:49:04 0 d-------- C:\Programme\Microsoft Virtual PC
2008-06-18 06:22:19 0 d-------- C:\WINDOWS\pss
2008-06-17 19:26:55 0 d-------- C:\Programme\Gemeinsame Dateien\Logishrd
2008-06-17 19:18:46 0 d-------- C:\Programme\Logitech
2008-06-17 18:09:58 685816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-06-17 18:09:39 0 d-------- C:\Programme\Bonjour
2008-06-17 18:05:11 0 d-------- C:\Programme\Gemeinsame Dateien\Macrovision Shared
2008-06-17 18:03:41 0 d-------- C:\Programme\Gemeinsame Dateien\Adobe
2008-06-17 17:33:27 0 d-------- C:\Programme\Microsoft CAPICOM 2.1.0.2
2008-06-17 16:59:23 0 d-------- C:\WINDOWS\Prefetch
2008-06-17 16:54:37 0 d-------- C:\WINDOWS\system32\de
2008-06-17 16:54:37 0 d-------- C:\WINDOWS\l2schemas
2008-06-17 16:54:36 0 d-------- C:\WINDOWS\system32\bits
2008-06-17 16:52:45 0 d-------- C:\WINDOWS\ServicePackFiles
2008-06-17 16:51:29 0 d-------- C:\WINDOWS\network diagnostic
2008-06-17 15:49:58 0 d-------- C:\WebCam
2008-06-17 15:45:04 25088 -----n--- C:\WINDOWS\system32\CTSVCCTL.EXE <Not Verified; Creative Technology Ltd; Creative Service Control>
2008-06-17 15:45:04 44032 -----n--- C:\WINDOWS\system32\CTSVCCDA.EXE <Not Verified; Creative Technology Ltd; Creative Service for CDROM Access>
2008-06-17 15:28:34 0 d-------- C:\Programme\Messenger Plus! Live
2008-06-17 15:07:23 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-06-17 15:05:27 0 d-------- C:\Programme\Gemeinsame Dateien\Deterministic Networks
2008-06-17 15:03:17 0 d--hs--c- C:\Programme\Gemeinsame Dateien\WindowsLiveInstaller
2008-06-17 15:03:00 0 d-------- C:\Programme\Windows Live
2008-06-17 14:52:09 0 d-------- C:\WINDOWS\Internet Logs
2008-06-17 14:49:57 0 d-------- C:\WINDOWS\system32\PreInstall
2008-06-17 14:49:39 0 d-------- C:\Programme\Cisco Systems
2008-06-17 14:42:42 41984 -----n--- C:\WINDOWS\Ctregrun.exe <Not Verified; Creative Technology Ltd; Creative On-line Registration System>
2008-06-17 14:41:12 0 d-------- C:\Programme\Gemeinsame Dateien\Creative
2008-06-17 14:41:11 0 d--h----- C:\Programme\Creative Installation Information
2008-06-17 14:38:17 409600 --a------ C:\WINDOWS\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>
2008-06-17 14:38:17 86016 --a------ C:\WINDOWS\system32\OpenAL32.dll <Not Verified; Portions (C) Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL(TM) Library>
2008-06-17 14:37:02 0 d-------- C:\WINDOWS\system32\Data
2008-06-17 14:37:02 3072 --a------ C:\WINDOWS\CTXFIGER.DLL <Not Verified; ; CTxfiRes Dynamic Link Library>
2008-06-17 14:37:02 11264 --a------ C:\WINDOWS\CTDCRGER.DLL <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-06-17 14:36:10 0 d-------- C:\Programme\QIP 2005 psYNovA-Edition
2008-06-17 14:32:31 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-06-17 14:31:32 0 d-------- C:\Programme\Creative
2008-06-17 14:30:59 0 d--h----- C:\Programme\InstallShield Installation Information
2008-06-17 14:30:04 0 d-------- C:\WINDOWS
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\WinSxS
2008-06-17 14:30:04 0 dr------- C:\WINDOWS\Web
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\twain_32
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\wins
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\wbem
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\usmt
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\spool
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\ShellExt
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\Setup
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\ras
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\oobe
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\npp
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\mui
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\inetsrv
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\IME
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\icsxml
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\ias
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\export
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\drivers
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-06-17 14:30:04 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\dhcp
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\config
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\3076
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\2052
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\1054
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\1042
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\1041
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\1037
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\1033
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\1031
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\1028
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system32\1025
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\system
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\security
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\Resources
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\repair
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\Provisioning
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\PeerNet
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\pchealth
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\mui
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\msapps
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\msagent
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\Media
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\java
2008-06-17 14:30:04 0 d--h----- C:\WINDOWS\inf
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\ime
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\Help
2008-06-17 14:30:04 0 dr--s---- C:\WINDOWS\Fonts
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\ehome
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\Driver Cache
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\Debug
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\Cursors
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\Connection Wizard
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\Config
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\AppPatch
2008-06-17 14:30:04 0 d-------- C:\WINDOWS\addins
2008-06-17 14:16:17 0 d-------- C:\Programme\Windows Desktop Search
2008-06-17 14:16:14 0 d-------- C:\WINDOWS\system32\de-DE
2008-06-17 14:15:04 0 d--h----- C:\WINDOWS\$hf_mig$
2008-06-17 14:13:11 0 d-------- C:\Programme\Gemeinsame Dateien\Sonic Shared
2008-06-17 14:11:48 0 d-------- C:\Programme\Gemeinsame Dateien\HP
2008-06-17 14:09:13 0 d-------- C:\Programme\Hewlett-Packard
2008-06-17 14:07:11 0 d-------- C:\WINDOWS\system32\URTTemp
2008-06-17 14:05:30 0 d-------- C:\Programme\Gemeinsame Dateien\Hewlett-Packard
2008-06-17 14:04:44 0 d-------- C:\WINDOWS\nview
2008-06-17 14:01:36 0 d-------- C:\Programme\Trend Micro
2008-06-17 14:01:32 0 d-------- C:\NVIDIA
2008-06-17 14:00:27 57344 --a------ C:\WINDOWS\system32\HPZisn12.dll <Not Verified; HP; HP SNMP Windows>
2008-06-17 14:00:27 94208 --a------ C:\WINDOWS\system32\HPZipt12.dll <Not Verified; HP; HP SNMP Windows>
2008-06-17 14:00:27 204800 --a------ C:\WINDOWS\system32\HPZipr12.dll <Not Verified; HP; HP PmlRtl>
2008-06-17 14:00:27 73728 --a------ C:\WINDOWS\system32\HPZipm12.exe <Not Verified; HP; HP PML>
2008-06-17 14:00:27 61440 --a------ C:\WINDOWS\system32\HPZinw12.exe <Not Verified; HP; HP Dot4Net Windows>
2008-06-17 14:00:27 278584 --a------ C:\WINDOWS\system32\HPZidr12.dll <Not Verified; HP; HP Dot4Rtl>
2008-06-17 14:00:27 0 d-------- C:\Program Files
2008-06-17 14:00:23 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-06-17 13:58:50 0 d-------- C:\Programme\HP
2008-06-17 13:57:10 21124 -----n--- C:\WINDOWS\hpomdl07.dat
2008-06-17 13:57:10 113129 --a------ C:\WINDOWS\hpoins07.dat
2008-06-17 13:55:06 0 d-------- C:\WINDOWS\NV18202016.TMP
2008-06-17 13:54:44 0 d-------- C:\Programme\Gemeinsame Dateien\InstallShield
2008-06-17 13:54:36 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-06-17 13:36:43 0 d--hs---- C:\WINDOWS\Installer
2008-06-17 13:36:42 0 d-------- C:\Programme\Gemeinsame Dateien\ODBC
2008-06-17 13:36:40 0 d-------- C:\Programme\Gemeinsame Dateien\SpeechEngines
2008-06-17 13:36:39 0 dr------- C:\Programme
2008-06-17 13:36:39 0 d-------- C:\Programme\Gemeinsame Dateien
2008-06-17 13:36:12 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-06-17 13:36:12 0 d-------- C:\WINDOWS\system32\CatRoot
2008-06-17 13:35:44 0 d--hs---- C:\System Volume Information
2008-06-17 13:35:44 0 d-------- C:\Dokumente und Einstellungen
2008-06-17 13:29:15 0 d-------- C:\Programme\Microsoft Works
2008-06-17 13:29:07 0 d-------- C:\Programme\MSBuild
2008-06-17 13:26:22 0 d-------- C:\WINDOWS\SHELLNEW
2008-06-17 13:26:00 0 dr-h----- C:\MSOCache
2008-06-17 13:22:12 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-06-17 13:22:10 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-06-17 12:48:36 0 d-------- C:\WINDOWS\system32\xircom
2008-06-17 12:48:36 0 d-------- C:\Programme\microsoft frontpage
2008-06-17 12:48:23 0 -rahs---- C:\MSDOS.SYS
2008-06-17 12:48:23 0 -rahs---- C:\IO.SYS
2008-06-17 12:48:23 0 --a------ C:\CONFIG.SYS
2008-06-17 12:48:23 0 --a------ C:\AUTOEXEC.BAT
2008-06-17 12:47:34 0 dr------- C:\WINDOWS\Offline Web Pages
2008-06-17 12:47:34 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-06-17 12:47:26 0 d--h----- C:\Programme\WindowsUpdate
2008-06-17 12:47:23 0 d-------- C:\Programme\Online-Dienste
2008-06-17 12:47:13 0 d-------- C:\WINDOWS\system32\DirectX
2008-06-17 12:46:54 0 d-------- C:\Programme\Gemeinsame Dateien\Dienste
2008-06-17 12:46:53 0 d---s---- C:\WINDOWS\Tasks
2008-06-17 12:46:52 0 d-------- C:\Programme\Gemeinsame Dateien\MSSoap
2008-06-17 12:46:50 0 d-------- C:\WINDOWS\srchasst
2008-06-17 12:46:49 0 d-------- C:\WINDOWS\system32\Macromed
2008-06-17 12:46:45 0 d-------- C:\Programme\Movie Maker
2008-06-17 12:46:40 0 d-------- C:\WINDOWS\system32\Restore
2008-06-17 12:46:12 21740 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-06-17 12:45:58 0 d-------- C:\WINDOWS\Registration
2008-06-17 12:45:52 0 d-------- C:\Programme\Online Services
2008-06-17 12:45:46 0 d-------- C:\Programme\Messenger
2008-06-17 12:45:44 0 d-------- C:\Programme\MSN Gaming Zone
2008-06-17 12:45:21 0 d-------- C:\Programme\Windows NT
2008-06-17 12:45:20 0 d-------- C:\WINDOWS\system32\MsDtc
2008-06-17 12:45:18 0 d-------- C:\WINDOWS\system32\Com


-- Find3M Report ---------------------------------------------------------------

2008-07-02 11:03:11 0 d-------- C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\TuneUp Software
2008-07-02 10:41:04 0 d-------- C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\Skype
2008-06-22 11:33:50 0 d-------- C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\eMule
2008-06-20 14:58:45 0 d-------- C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\Nero
2008-06-19 15:17:55 0 d-------- C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\Sun
2008-06-18 14:50:33 420998 --a------ C:\WINDOWS\system32\perfh007.dat
2008-06-18 14:50:33 75112 --a------ C:\WINDOWS\system32\perfc007.dat
2008-06-18 06:42:03 96421 --a------ C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\PatchUpdate_HP_CounterReport_Update_HPSU.log
2008-06-18 06:40:55 2115 --a------ C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\HPSU_48BitScanUpdate.log
2008-06-18 06:37:15 359 --a------ C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\HelpFilesUpdatePatch_PRINTHELPWRAPPER.log
2008-06-18 06:37:13 0 --a------ C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\HelpFilesUpdatePatch_HELPFILEREPLACE.log
2008-06-18 06:37:00 3188 --a------ C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\PatchUpdate_InstantShareJPG.log
2008-06-18 06:36:49 3998 --a------ C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\PatchUpdate_IZClosingDiscError.log
2008-06-18 06:35:48 524461 --a------ C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\Update_HP_RedboxHprblog_HPSU.log
2008-06-17 19:28:04 0 d-------- C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\Logitech
2008-06-17 19:26:54 0 d-------- C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\InstallShield
2008-06-17 18:43:17 0 d-------- C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\Adobe
2008-06-17 18:04:20 0 d-------- C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\WinRAR
2008-06-17 16:46:24 0 d-------- C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\Macromedia
2008-06-17 16:35:54 0 d-------- C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\Creative
2008-06-17 14:22:46 0 d-------- C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\Windows Desktop Search
2008-06-17 13:56:57 0 d-------- C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\HP
2008-06-17 13:36:21 62 --ahs---- C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\desktop.ini
2008-06-17 13:22:54 0 d-------- C:\Dokumente und Einstellungen\InodeGue\Anwendungsdaten\Identities


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe" [24.08.2007 07:00]
"UfSeAgnt.exe"="C:\Programme\Trend Micro\Internet Security\UfSeAgnt.exe" [07.03.2008 04:47]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [05.12.2007 01:41]
"VolPanel"="C:\Programme\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [13.07.2006 14:11]
"AudioDrvEmulator"="C:\Programme\Creative\Shared Files\Module Loader\DLLML.exe" [04.11.2005 18:07]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [11.05.2000 01:00]
"DU Meter"="C:\Programme\DU Meter\DUMeter.exe" [01.02.2005 19:28]
"Launch LCDMon"="C:\Programme\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [13.12.2007 17:43]
"Launch LGDCore"="C:\Programme\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [13.12.2007 17:57]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [29.02.2008 03:12 C:\WINDOWS\KHALMNPR.Exe]
"CTxfiHlp"="CTXFIHLP.EXE" [24.05.2006 06:20 C:\WINDOWS\system32\CTXFIHLP.EXE]
"CTHelper"="CTHELPER.EXE" [24.05.2006 06:20 C:\WINDOWS\CTHELPER.EXE]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [05.12.2007 01:41]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [14.04.2008 04:22]
"MsnMsgr"="C:\Programme\Windows Live\Messenger\MsnMsgr.exe" [18.10.2007 11:34]
"Creative MediaSource Go"="C:\Programme\Creative\MediaSource5\Go\CTCMSGoU.exe" [09.11.2006 10:19]
"Creative WebCam Tray"="C:\Programme\Creative\Shared Files\CamTray.exe" [27.10.2005 18:00]
"QIP2005"="C:\Programme\QIP 2005 psYNovA-Edition\qip.exe" [01.07.2008 18:34]
"DAEMON Tools"="C:\Programme\DAEMON Tools\daemon.exe" [18.09.2007 16:16]

C:\Dokumente und Einstellungen\All Users\Startmen\Programme\Autostart\
Adobe Reader Synchronizer.lnk - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [23.10.2006 00:01:50]
HP Digital Imaging Monitor.lnk - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe [11.05.2005 23:23:26]
HP Image Zone Schnellstart.lnk - C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe [12.05.2005 00:49:24]
Logitech SetPoint.lnk - C:\Programme\Logitech\SetPoint\SetPoint.exe [17.06.2008 19:27:04]
VPN Client.lnk - C:\WINDOWS\Installer\{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}\Icon3E5562ED7.ico [17.06.2008 15:05:47]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Programme\Windows Desktop Search\MSNLNamespaceMgr.dll [05.02.2007 15:39 294400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll 02.05.2008 02:42 72208 c:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Acrobat - Schnellstart.lnk]
path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Acrobat - Schnellstart.lnk
backup=C:\WINDOWS\pss\Adobe Acrobat - Schnellstart.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Windows-Desktopsuche.lnk]
path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Windows-Desktopsuche.lnk
backup=C:\WINDOWS\pss\Windows-Desktopsuche.lnkCommon Startup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
"C:\Programme\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Programme\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
"C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{96d9a336-3c68-11dd-9511-806d6172696f}]
AutoRun\command- M:\Ctrun\Start.exe




-- Hosts -----------------------------------------------------------------------

127.0.0.1 007guard.com

8624 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-07-07 18:32:17 ------------

EXTRA.TXT


Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 3.0
Architecture: X86; Language: German

CPU 0: AMD Athlon(tm) 64 X2 Dual Core Processor 5600+
Percentage of Memory in Use: 24%
Physical Memory (total/avail): 3071.36 MiB / 2325.72 MiB
Pagefile Memory (total/avail): 6990.75 MiB / 6415.91 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1902.47 MiB

C: is Fixed (NTFS) - 186.31 GiB total, 129.32 GiB free.
D: is Fixed (NTFS) - 136.71 GiB total, 54.03 GiB free.
E: is Fixed (NTFS) - 298.09 GiB total, 294.03 GiB free.
F: is Fixed (NTFS) - 153.38 GiB total, 92.61 GiB free.
G: is Fixed (NTFS) - 465.76 GiB total, 210.66 GiB free.
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (No Media)
K: is Removable (No Media)
L: is Fixed (NTFS) - 142.76 GiB total, 52.82 GiB free.
M: is CDROM (No Media)
O: is CDROM (CDFS)

\\.\PHYSICALDRIVE1 - Maxtor 6L300S0 - 279.47 GiB - 2 partitions
\PARTITION0 (bootable) - Installierbares Dateisystem - 136.71 GiB - D:
\PARTITION1 - Installierbares Dateisystem - 142.76 GiB - L:

\\.\PHYSICALDRIVE0 - ST3320620AS - 298.09 GiB - 1 partition
\PARTITION0 (bootable) - Installierbares Dateisystem - 298.09 GiB - E:

\\.\PHYSICALDRIVE2 - WDC WD2000JD-00HBB0 - 186.31 GiB - 1 partition
\PARTITION0 - Installierbares Dateisystem - 186.31 GiB - C:

\\.\PHYSICALDRIVE6 - Generic USB CF Reader USB Device

\\.\PHYSICALDRIVE8 - Generic USB MS Reader USB Device

\\.\PHYSICALDRIVE5 - Generic USB SD Reader USB Device

\\.\PHYSICALDRIVE7 - Generic USB SM Reader USB Device

\\.\PHYSICALDRIVE4 - HDS72251 6VLAT20 USB Device - 153.38 GiB - 1 partition
\PARTITION0 (bootable) - Installierbares Dateisystem - 153.38 GiB - F:

\\.\PHYSICALDRIVE3 - Maxtor OneTouch USB Device - 465.76 GiB - 1 partition
\PARTITION0 (bootable) - Installierbares Dateisystem - 465.76 GiB - G:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.


-- User Profiles ---------------------------------------------------------------

InodeGue (admin)
L2MFIX (new local, admin)


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Programme\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /nolog/l0x0007
--> "C:\Programme\Creative Installation Information\CTCMSGO\Setup.exe" /remove /nolog/l0x0007
--> "C:\Programme\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /nolog/l0x0007
--> "C:\Programme\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /nolog/l0x0007
--> "C:\Programme\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /nolog/l0x0007
--> "C:\Programme\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /nolog/l0x0007
--> "C:\Programme\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /nolog/l0x0007
--> "C:\Programme\Creative\Sound Blaster X-Fi\Program\SETUP.EXE" /S /U /W /L:GER
--> C:\Programme\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x7
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x7 /remove
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x7
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x7 /remove
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x7
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x7 /remove
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x7
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x7
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x7 /remove
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x7
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x7 /remove
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x7
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x7 /remove
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x7
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x7 /remove
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x7
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{C229589D-CC1A-43FF-9507-CDED3AB85325}\setup.exe" -l0x7
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{C229589D-CC1A-43FF-9507-CDED3AB85325}\setup.exe" -l0x7 /remove
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D8A544F4-AC5F-4B67-9C74-F3E976798797}\setup.exe" -l0x7
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D8A544F4-AC5F-4B67-9C74-F3E976798797}\setup.exe" -l0x7 /remove
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{E5ABA5FD-EE3D-4F15-895D-B32321E6C96B}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{ECC3C64B-2A22-48C5-857B-E952D7BE64F5}\setup.exe" -l0x7
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{ECC3C64B-2A22-48C5-857B-E952D7BE64F5}\setup.exe" -l0x7 /remove
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x7
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x7 /remove
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x7
--> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x7 /remove
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {58FC5E37-DD28-4D4A-A549-125744C6763C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0044-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {888B9AC7-8F5C-456B-A27A-157A6C310E52}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00BA-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Adobe Acrobat 8 Professional - English, Français, Deutsch --> msiexec /I {AC76BA86-1033-F400-7760-000000000003}
Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific --> MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings --> MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings --> MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Color JA Extra Settings --> MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Extra Settings --> MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3 --> MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Fonts All --> MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3 --> MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3 --> MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3 --> C:\Programme\Gemeinsame Dateien\Adobe\Installers\5f143314a5d434c8511097393d17397\Setup.exe
Adobe Photoshop CS3 --> MsiExec.exe /I{29F05234-DCBB-4FE0-88DC-5160C9250312}
Adobe Setup --> MsiExec.exe /I{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}
Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin --> MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3 --> MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
CCleaner (remove only) --> "C:\Programme\CCleaner\uninst.exe"
CDDRV_Installer --> MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
Cisco Systems VPN Client 5.0.00.0340 --> MsiExec.exe /X{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}
Creative-Systeminformationen --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x7 /remove
Creative MediaSource 5 --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x7 /remove
Creative Software AutoUpdate --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x7 /remove
Creative WebCam Center --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{E5ABA5FD-EE3D-4F15-895D-B32321E6C96B}\setup.exe" -l0x9 /remove
Creative WebCam Live! Pro/Effects Driver (1.02.05.0506) --> C:\WINDOWS\CtDrvIns.exe -uninstall -script VF0080.uns -unsext NT -plugin V0080Pin.dll -pluginres CtCamPin.crl
DU Meter --> "C:\Programme\DU Meter\unins000.exe"
eMule --> "C:\Programme\eMule\Uninstall.exe"
EVEREST Ultimate Edition v4.00 --> "C:\Programme\Lavalys\EVEREST Ultimate Edition\unins000.exe"
HijackThis 2.0.2 --> "C:\Programme\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Document Viewer 5.3 --> C:\Programme\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Extended Capabilities 5.3 --> C:\Programme\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Image Zone 5.3 --> C:\Programme\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Imaging Device Functions 5.3 --> C:\Programme\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP PSC & OfficeJet 5.3.B --> "C:\Programme\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP Software Update --> MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
HP Solution Center & Imaging Support Tools 5.3 --> C:\Programme\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
KhalInstallWrapper --> MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
Logitech GamePanel Software 2.02 --> MsiExec.exe /X{0523EAF4-402C-4435-A0DA-13C40193D811}
Logitech SetPoint --> C:\Programme\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe -runfromtemp -l0x0007 -removeonly
Messenger Plus! Live --> "C:\Programme\Messenger Plus! Live\Uninstall.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Access MUI (German) 2007 --> MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISER /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{91120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007 --> MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Groove MUI (German) 2007 --> MsiExec.exe /X{90120000-00BA-0407-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (German) 2007 --> MsiExec.exe /X{90120000-0044-0407-0000-0000000FF1CE}
Microsoft Office OneNote MUI (German) 2007 --> MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007 --> MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007 --> MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007 --> MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007 --> MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Publisher MUI (German) 2007 --> MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007 --> MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007 --> MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Virtual PC 2007 --> MsiExec.exe /X{8A7CAA24-7B23-410B-A7C3-F994B0944160}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MSN --> C:\Programme\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 6.0 Parser (KB927977) --> MsiExec.exe /I{5A710547-B58E-488B-828D-CA9A25A0533C}
Nero 8 --> MsiExec.exe /X{3C5F1B30-B10B-4579-86DD-D00F662E1031}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers --> C:\WINDOWS\system32\nvuninst.exe UninstallGUI
PDF Settings --> MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
QIP 2005 psYNovA-Edition --> "C:\Programme\QIP 2005 psYNovA-Edition\unins000.exe"
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Excel 2007 (KB946974) --> msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
Security Update for Microsoft Office Publisher 2007 (KB950114) --> msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Office 2007 (KB947801) --> msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
Security Update for Outlook 2007 (KB946983) --> msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
Sicherheitsupdate für Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950760) --> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950762) --> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376-v2) --> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376) --> "C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951698) --> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Skype™ 3.8 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sound Blaster X-Fi --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}\SETUP.EXE" -l0x7 /remove
Trend Micro Internet Security --> MsiExec.exe /X{A621B45A-D138-4A95-BE10-7CABA05EF94E}
Update für Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Update for Office 2007 (KB946691) --> msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb950378) --> msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {F6296086-AED5-4EC0-938B-08EA0254F20E}
Virtual DJ Home Edition - Atomix Productions --> C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Windows-Desktopsuche 3.01 --> "C:\WINDOWS\$NtUninstallKB917013$\spuninst\spuninst.exe"
Windows Live Anmelde-Assistent --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Live installer --> MsiExec.exe /X{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}
Windows Live Messenger --> MsiExec.exe /X{2B091530-69AA-442E-AB09-39ED06B58220}
Windows Live OneCare safety scanner --> RunDll32.exe "C:\Programme\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR --> C:\Programme\WinRAR\uninstall.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type1683 / Success
Event Submitted/Written: 07/07/2008 06:14:43 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type1662 / Success
Event Submitted/Written: 07/07/2008 05:19:20 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type1649 / Success
Event Submitted/Written: 07/07/2008 04:57:23 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type1613 / Success
Event Submitted/Written: 07/07/2008 10:20:56 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type1601 / Error
Event Submitted/Written: 07/07/2008 09:58:28 AM
Event ID/Source: 1000 / Application Error
Event Description:
Fehlgeschlagene Anwendung FxIstbar.exe, Version 1.1.0.0, fehlgeschlagenes Modul FxIstbar.exe, Version 1.1.0.0, Fehleradresse 0x00003773.
Das medienspezifische Ereignis für [FxIstbar.exe!ws!] wird verarbeitet.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type2290 / Error
Event Submitted/Written: 07/07/2008 06:05:06 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
i8042prt

Event Record #/Type2289 / Error
Event Submitted/Written: 07/07/2008 06:05:04 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Der Dienst "##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Event Record #/Type2280 / Warning
Event Submitted/Written: 07/07/2008 06:00:18 PM
Event ID/Source: 51 / Disk
Event Description:
Bei einem Auslagerungsvorgang wurde ein Fehler festgestellt. Betroffen ist Gerät \Device\Harddisk3\D.

Event Record #/Type2246 / Error
Event Submitted/Written: 07/07/2008 05:29:57 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
i8042prt

Event Record #/Type2245 / Error
Event Submitted/Written: 07/07/2008 05:29:54 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Der Dienst "##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2



-- End of Deckard's System Scanner: finished at 2008-07-07 18:32:17 ------------


HOSTS datei

127.0.0.1 localhost
# Start of entries inserted by Spybot - Search & Destroy
127.0.0.1 .007guard.
Dieser Beitrag wurde am 07.07.2008 um 18:50 Uhr von InodeGue-LNZ editiert.
Seitenanfang Seitenende
07.07.2008, 22:52
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#37 ««

Zitat

Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
i8042prt
Der i8042 Port Driver Prozess gehört zur Software i8042 Keyboard and PS/2 Mouse Port Driver oder Microsoft® Windows® Operating System der Firma Microsoft Corporation

schau im Gerätemanger, ob es ein gelbes Warnzeichen gibt

Zitat

Fehlgeschlagene Anwendung FxIstbar.exe, Version 1.1.0.0, fehlgeschlagenes Modul FxIstbar.exe
Istbar Scan and Removal Tool- anwenden
http://securityresponse.symantec.com/avcenter/FxIstbar.exe

Zitat

Bei einem Auslagerungsvorgang wurde ein Fehler festgestellt. Betroffen ist Gerät \Device\Harddisk3\D.
««
# mit Rechtsklick auf Deinem Lokalen Datenträger auf "Eigenschaften" drücken; nun gehst Du auf
# "Extras" und wählst hernach
# "Fehlerüberprüfung"

"Jetzt prüfen" - Häkchen setzen in Dateisystemfehler automatisch korrigieren und Fehlerhafte Sektoren suchen/wiederherstellen.
Die Prüfung startet dann nach einem Neustart!!
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 123