eaeyy.exe öffnet ständig popups... google bringt keine ergebnisse!!!

09.06.2009, 09:31

dmc

...neu hier

Beiträge: 3

#1 also.. ich habe ein problem mit o. g. proggi... ich habe gegoogelt..und nicht ausser ausser japanischen oder chinesischen seiten herausgefunden... der arbeitet glaub ich im hintergrund mit dem Microsoft Internet explorer.. das weiss ich daher, weil ich beim öffnen des internet explorers deutlich lange brauche... zwar arbeite ich standardmäßig immer mit firefox.. aber beim counterstrike source zocken sind die startbildschirme (die von den clans eingebauten seiten mit der clanpage) auch mit dem microsoft internet explorer verknüpft.. das hängt sich zu und die hl2.exe zieht plötzlich 800 bis 1000 mb arbeitsspeicher... und es geht nichts mehr... sobald ich die eaeyy.exe "prozessstruktur schließen" mache.. geht es langsam wieder..

habe eben combofix runtergeladen und wollte es durchlaufen lassen.. weil es mir bisher bei solchen problemen immer geholfen hat.. nur hatte ich bisher auch immer windows xp und nicht vista.. unter vista homepremium 64 bit läuft das programm anscheinend nicht... bekomme die "Error - Win32 only" Meldung... und im Fenster steht dann "Inkompatibles Betriebssystem. Combofix läuft nur unter Windows 2000 und XP"

Wer kann mir bitte helfen? Ist ganz dringend, weil ich das Notebook in meiner Werbeagentur benutze und es sehr Schei... ist, wenn ich diese Probleme hier habe!

Danke schon mal im Voraus!

DMC

hier ne log file vom random :

Zitat

Logfile of random's system information tool 1.06 (written by random/random)
Run by DMC Agentur at 2009-06-09 09:40:56
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 207 GB (71%) free of 294 GB
Total RAM: 4092 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:41:00, on 09.06.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Users\DMC Agentur\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\DMC Agentur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Steam] "c:\program files (x86)\steam\steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [eaeyy] "c:\users\dmc agentur\appdata\local\eaeyy.exe" eaeyy
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\AESTSr64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\STacSV64.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - c:\Windows\system32\vfsFPService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11100 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Klick-Wartung.job
C:\Windows\tasks\User_Feed_Synchronization-{525BE8A9-68E9-44CE-99CA-FFD0E70BFC90}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2008-06-11 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-06-06 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10 136560]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-04-23 206392]
"UCam_Menu"=C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]
"AdobeCS4ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
""= []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=c:\program files (x86)\steam\steam.exe [2009-06-05 1217784]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"eaeyy"=c:\users\dmc agentur\appdata\local\eaeyy.exe [2009-06-05 282624]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
BTTray.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-06-09 09:40:57 ----D---- C:\Program Files (x86)\trend micro
2009-06-09 09:40:56 ----D---- C:\rsit
2009-06-09 09:16:38 ----D---- C:\ComboFix
2009-06-09 09:16:38 ----A---- C:\Windows\system32\CF478.exe
2009-06-09 09:16:15 ----A---- C:\Windows\system32\CF403.exe
2009-06-09 09:16:11 ----A---- C:\Windows\system32\cmd.execf
2009-06-09 09:15:18 ----A---- C:\Windows\system32\CF197.exe
2009-06-08 22:03:48 ----D---- C:\Windows\pss
2009-06-08 21:58:29 ----D---- C:\Program Files (x86)\Microsoft WSE
2009-06-08 21:58:07 ----A---- C:\Windows\system32\d3dx9_31.dll
2009-06-08 21:16:38 ----D---- C:\Program Files (x86)\Electronic Arts
2009-06-08 21:13:56 ----D---- C:\Program Files (x86)\CCleaner
2009-06-08 15:49:27 ----D---- C:\Program Files (x86)\Samsung
2009-06-08 15:49:24 ----D---- C:\Temp
2009-06-08 13:03:05 ----RSD---- C:\Fonts
2009-06-08 11:06:12 ----A---- C:\Windows\system32\summausb.dll
2009-06-08 11:06:11 ----D---- C:\Program Files (x86)\Summa
2009-06-08 11:01:42 ----A---- C:\Windows\system32\VBAR332.DLL
2009-06-08 11:01:42 ----A---- C:\Windows\system32\ODBCTL32.DLL
2009-06-08 11:01:40 ----D---- C:\Program Files (x86)\SummaWinplot
2009-06-08 11:01:23 ----D---- C:\Program Files (x86)\Summa Cutter Tools
2009-06-07 18:44:12 ----D---- C:\Program Files (x86)\MSXML 4.0
2009-06-06 18:41:50 ----D---- C:\Users\DMC Agentur\AppData\Roaming\vlc
2009-06-06 18:41:15 ----D---- C:\Program Files (x86)\VideoLAN
2009-06-06 17:18:34 ----D---- C:\ProgramData\Avira
2009-06-06 17:18:34 ----D---- C:\Program Files (x86)\Avira
2009-06-06 16:52:28 ----D---- C:\ProgramData\Malwarebytes
2009-06-06 16:52:28 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2009-06-06 16:49:50 ----A---- C:\Windows\system32\CF29253.exe
2009-06-06 16:49:46 ----A---- C:\Windows\system32\swsc.exe
2009-06-06 16:49:44 ----D---- C:\Qoobox
2009-06-06 16:49:43 ----A---- C:\Bug.txt
2009-06-06 09:58:11 ----D---- C:\Downloads
2009-06-06 09:55:00 ----D---- C:\Program Files (x86)\Falk
2009-06-06 09:29:37 ----A---- C:\Windows\system32\ROBOEX32.DLL
2009-06-06 09:27:38 ----A---- C:\Windows\system32\javaws.exe
2009-06-06 09:27:38 ----A---- C:\Windows\system32\javaw.exe
2009-06-06 09:27:38 ----A---- C:\Windows\system32\java.exe
2009-06-06 09:27:38 ----A---- C:\Windows\system32\deploytk.dll
2009-06-05 16:02:48 ----D---- C:\Program Files (x86)\Microsoft
2009-06-05 16:02:15 ----D---- C:\Program Files (x86)\Windows Live SkyDrive
2009-06-05 16:01:53 ----D---- C:\Program Files (x86)\Windows Live
2009-06-05 15:59:38 ----D---- C:\Program Files (x86)\Common Files\Windows Live
2009-06-05 13:47:56 ----A---- C:\Windows\system32\uxtuneup.dll
2009-06-05 13:47:56 ----A---- C:\Windows\system32\authuitu.dll
2009-06-05 13:47:46 ----D---- C:\Users\DMC Agentur\AppData\Roaming\TuneUp Software
2009-06-05 13:47:31 ----D---- C:\ProgramData\TuneUp Software
2009-06-05 13:47:31 ----D---- C:\Program Files (x86)\TuneUp Utilities 2009
2009-06-05 13:47:02 ----SHD---- C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357}
2009-06-05 13:42:20 ----D---- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2009-06-05 13:33:57 ----D---- C:\Program Files (x86)\Common Files\Steam
2009-06-05 13:33:56 ----D---- C:\Program Files (x86)\Steam
2009-06-05 12:28:43 ----D---- C:\ProgramData\FLEXnet
2009-06-05 12:16:38 ----D---- C:\ProgramData\ALM
2009-06-05 12:13:01 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2009-06-05 12:13:00 ----D---- C:\Program Files (x86)\Common Files\Sonic Shared
2009-06-05 11:55:23 ----D---- C:\Windows\system32\spool
2009-06-05 11:55:19 ----D---- C:\Program Files (x86)\Adobe Media Player
2009-06-05 11:54:31 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR
2009-06-05 11:50:59 ----D---- C:\Program Files (x86)\Common Files\Macrovision Shared
2009-06-05 11:27:28 ----D---- C:\Users\DMC Agentur\AppData\Roaming\Corel
2009-06-05 11:24:16 ----D---- C:\ProgramData\Corel
2009-06-05 11:24:16 ----D---- C:\Program Files (x86)\Common Files\Protexis
2009-06-05 11:22:15 ----D---- C:\Program Files (x86)\Common Files\Corel
2009-06-05 11:21:37 ----D---- C:\Program Files (x86)\Corel
2009-06-05 11:16:36 ----D---- C:\Program Files (x86)\Common Files\DataDesign
2009-06-05 11:14:59 ----D---- C:\Program Files (x86)\Sybase
2009-06-05 11:10:38 ----D---- C:\Program Files (x86)\Lexware
2009-06-05 10:00:41 ----A---- C:\Windows\system32\actrpt.dll
2009-06-05 10:00:38 ----A---- C:\Windows\system32\VB5DB.DLL
2009-06-05 10:00:36 ----A---- C:\Windows\system32\msrepl35.dll
2009-06-05 10:00:35 ----A---- C:\Windows\system32\msrd2x35.dll
2009-06-05 10:00:34 ----A---- C:\Windows\system32\msjet35.dll
2009-06-05 10:00:33 ----A---- C:\Windows\system32\msjter35.dll
2009-06-05 10:00:33 ----A---- C:\Windows\system32\MSJINT35.DLL
2009-06-05 10:00:32 ----D---- C:\Program Files (x86)\Common Files\DAO
2009-06-05 09:59:17 ----D---- C:\Users\DMC Agentur\AppData\Roaming\Lexware
2009-06-05 09:58:32 ----N---- C:\Windows\LxFrame.ini
2009-06-05 09:57:30 ----A---- C:\Windows\system32\LxDbSets.dll
2009-06-05 09:56:40 ----A---- C:\Windows\ODBCINST.ini
2009-06-05 09:55:52 ----D---- C:\ProgramData\BTrieve
2009-06-05 09:55:33 ----A---- C:\Windows\system32\LxXtreme.dll
2009-06-05 09:54:21 ----D---- C:\ProgramData\Lexware
2009-06-05 09:54:09 ----D---- C:\Program Files (x86)\examotion
2009-06-05 09:54:05 ----A---- C:\Windows\system32\cdintf250.dll
2009-06-05 09:53:45 ----D---- C:\ProgramData\Adobe
2009-06-05 09:53:43 ----D---- C:\Program Files (x86)\Adobe
2009-06-05 09:53:14 ----D---- C:\Program Files (x86)\Java
2009-06-05 09:53:14 ----D---- C:\Program Files (x86)\Common Files\Java
2009-06-05 09:52:02 ----D---- C:\Program Files (x86)\Common Files\Lexware
2009-06-05 09:50:44 ----D---- C:\Users\DMC Agentur\AppData\Roaming\WinRAR
2009-06-05 09:50:00 ----D---- C:\Program Files (x86)\Common Files\Adobe
2009-06-05 09:49:36 ----D---- C:\Program Files (x86)\WinRAR
2009-06-05 09:38:26 ----D---- C:\Program Files (x86)\Microsoft Works
2009-06-05 09:38:14 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2009-06-05 09:38:14 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
2009-06-05 09:37:56 ----D---- C:\Windows\PCHEALTH
2009-06-05 09:37:56 ----D---- C:\Program Files (x86)\Microsoft.NET
2009-06-05 09:36:23 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2009-06-05 09:35:48 ----D---- C:\ProgramData\Microsoft Help
2009-06-05 09:35:48 ----D---- C:\Program Files (x86)\Microsoft Office
2009-06-05 09:33:56 ----RHD---- C:\MSOCache
2009-06-04 22:11:07 ----D---- C:\Users\DMC Agentur\AppData\Roaming\WinBatch
2009-06-04 20:55:40 ----D---- C:\Users\DMC Agentur\AppData\Roaming\Macromedia
2009-06-04 20:55:40 ----D---- C:\Users\DMC Agentur\AppData\Roaming\Adobe
2009-06-04 20:48:06 ----D---- C:\Users\DMC Agentur\AppData\Roaming\hpqLog
2009-06-04 20:38:51 ----D---- C:\ProgramData\LightScribe
2009-06-04 20:20:45 ----D---- C:\Windows\Driver Cache
2009-06-04 20:20:45 ----D---- C:\Program Files (x86)\AVerMedia
2009-06-04 20:20:21 ----D---- C:\Program Files (x86)\Common Files\LightScribe
2009-06-04 20:18:54 ----D---- C:\Program Files (x86)\CyberLink
2009-06-04 20:18:31 ----D---- C:\ProgramData\Temp
2009-06-04 20:06:07 ----D---- C:\Windows\system32\Macromed
2009-06-04 19:58:43 ----D---- C:\Users\DMC Agentur\AppData\Roaming\Mozilla
2009-06-04 19:58:38 ----D---- C:\Program Files (x86)\Mozilla Firefox
2009-06-04 19:53:19 ----D---- C:\ProgramData\NVIDIA
2009-06-04 19:39:34 ----D---- C:\Program Files (x86)\HP DVB-T TV Tuner
2009-06-04 19:39:15 ----D---- C:\Windows\system32\es-MX
2009-06-04 19:39:15 ----D---- C:\Windows\system32\es-AR
2009-06-04 19:37:46 ----A---- C:\Windows\system32\BttnCmns.dll
2009-06-04 19:37:46 ----A---- C:\Windows\system32\BttnCmn.dll
2009-06-04 19:35:13 ----A---- C:\Windows\xUninstall.bat
2009-06-04 19:34:51 ----D---- C:\Windows\JMCR_DIR
2009-06-04 19:25:13 ----A---- C:\Windows\sttray64.exe
2009-06-04 19:24:14 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2009-06-04 19:23:58 ----D---- C:\Program Files (x86)\Intel
2009-06-04 19:23:58 ----A---- C:\Windows\system32\CSVer.dll
2009-06-04 19:23:46 ----D---- C:\Intel
2009-06-04 19:23:35 ----D---- C:\Windows\Panther
2009-06-04 19:23:28 ----RAS---- C:\BOOTSECT.BAK
2009-06-04 19:23:26 ----SHD---- C:\Boot
2009-06-04 19:15:32 ----A---- C:\Windows\system32\wups.dll
2009-06-04 19:15:32 ----A---- C:\Windows\system32\wudriver.dll
2009-06-04 19:15:32 ----A---- C:\Windows\system32\wuapi.dll
2009-06-04 19:15:20 ----A---- C:\Windows\system32\wuwebv.dll
2009-06-04 19:15:20 ----A---- C:\Windows\system32\wuapp.exe
2009-06-04 19:12:50 ----D---- C:\Program Files (x86)\Realtek
2009-06-04 19:12:49 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2009-06-04 19:12:35 ----D---- C:\Users\DMC Agentur\AppData\Roaming\InstallShield
2009-06-04 19:11:46 ----D---- C:\Program Files (x86)\Hewlett-Packard
2009-06-04 19:11:42 ----SHD---- C:\Windows\Installer
2009-06-04 19:11:41 ----D---- C:\SWSetup
2009-06-04 18:36:11 ----D---- C:\Users\DMC Agentur\AppData\Roaming\Identities
2009-06-04 18:35:59 ----SD---- C:\Users\DMC Agentur\AppData\Roaming\Microsoft
2009-06-04 18:35:59 ----D---- C:\Users\DMC Agentur\AppData\Roaming\Media Center Programs
2009-06-04 18:34:10 ----SHD---- C:\Programme
2009-06-04 18:34:10 ----SHD---- C:\ProgramData\Vorlagen
2009-06-04 18:34:10 ----SHD---- C:\ProgramData\Startmenü
2009-06-04 18:34:10 ----SHD---- C:\ProgramData\Favoriten
2009-06-04 18:34:10 ----SHD---- C:\ProgramData\Dokumente
2009-06-04 18:34:10 ----SHD---- C:\ProgramData\Anwendungsdaten
2009-06-04 18:34:10 ----SHD---- C:\Dokumente und Einstellungen
2009-06-04 18:33:49 ----D---- C:\Windows\Debug
2009-06-04 18:28:37 ----D---- C:\Windows\SoftwareDistribution
2009-06-04 18:24:18 ----D---- C:\Windows\Prefetch
2009-06-04 18:24:05 ----SHD---- C:\System Volume Information

======List of files/folders modified in the last 1 months======

2009-06-09 09:40:59 ----D---- C:\Windows\Temp
2009-06-09 09:40:57 ----RD---- C:\Program Files (x86)
2009-06-09 09:16:38 ----D---- C:\Windows\SysWOW64
2009-06-09 08:59:52 ----D---- C:\Windows
2009-06-08 21:58:31 ----RSD---- C:\Windows\assembly
2009-06-08 21:58:08 ----D---- C:\Windows\System32
2009-06-08 21:58:03 ----D---- C:\Windows\Logs
2009-06-08 17:47:36 ----D---- C:\Windows\inf
2009-06-08 16:45:57 ----RSD---- C:\Windows\Fonts
2009-06-07 18:44:49 ----D---- C:\Windows\winsxs
2009-06-06 17:18:34 ----HD---- C:\ProgramData
2009-06-06 17:18:34 ----D---- C:\Windows\system32\drivers
2009-06-06 09:58:01 ----SD---- C:\Windows\Downloaded Program Files
2009-06-06 09:55:13 ----D---- C:\Program Files (x86)\Common Files
2009-06-06 09:30:29 ----D---- C:\Windows\WindowsMobile
2009-06-05 18:34:40 ----D---- C:\Windows\rescache
2009-06-05 16:33:11 ----D---- C:\Windows\Tasks
2009-06-05 16:02:21 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2009-06-05 15:59:13 ----SD---- C:\ProgramData\Microsoft
2009-06-05 13:37:13 ----A---- C:\Windows\win.ini
2009-06-05 12:20:10 ----RD---- C:\Program Files
2009-06-05 11:16:36 ----D---- C:\Windows\Help
2009-06-05 10:37:44 ----D---- C:\Windows\registration
2009-06-05 09:38:22 ----D---- C:\Program Files (x86)\MSBuild
2009-06-05 09:38:12 ----D---- C:\Windows\ShellNew
2009-06-05 09:36:06 ----D---- C:\Program Files (x86)\Common Files\System
2009-06-04 19:39:16 ----D---- C:\Windows\system32\zh-TW
2009-06-04 19:39:16 ----D---- C:\Windows\system32\zh-CN
2009-06-04 19:39:16 ----D---- C:\Windows\system32\sv-SE
2009-06-04 19:39:16 ----D---- C:\Windows\system32\ru-RU
2009-06-04 19:39:16 ----D---- C:\Windows\system32\pt-BR
2009-06-04 19:39:16 ----D---- C:\Windows\system32\pl-PL
2009-06-04 19:39:16 ----D---- C:\Windows\system32\nl-NL
2009-06-04 19:39:15 ----D---- C:\Windows\system32\nb-NO
2009-06-04 19:39:15 ----D---- C:\Windows\system32\ko-KR
2009-06-04 19:39:15 ----D---- C:\Windows\system32\ja-JP
2009-06-04 19:39:15 ----D---- C:\Windows\system32\it-IT
2009-06-04 19:39:15 ----D---- C:\Windows\system32\fr-FR
2009-06-04 19:39:15 ----D---- C:\Windows\system32\fi-FI
2009-06-04 19:39:15 ----D---- C:\Windows\system32\es-ES
2009-06-04 19:39:15 ----D---- C:\Windows\system32\en-US
2009-06-04 19:39:15 ----D---- C:\Windows\system32\de-DE
2009-06-04 19:39:15 ----D---- C:\Windows\system32\da-DK
2009-06-04 18:36:28 ----SHD---- C:\$Recycle.Bin
2009-06-04 18:35:59 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys []
R3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys []
R3 BthEnum;Bluetooth-Anforderungsblocktreiber; C:\Windows\system32\DRIVERS\BthEnum.sys []
R3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;USB-Treiber für Bluetooth-Sender; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 btwaudio;Bluetooth-Audiogerät; C:\Windows\system32\drivers\btwaudio.sys []
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys []
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys []
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys []
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys []
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\NETw5v64.sys []
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 usbvideo;USB-Videogerät (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys []
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys []
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys []
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys []
S3 iscFlash;iscFlash; \??\C:\SwSetup\sp43820\iscflashx64.sys [2008-08-05 24568]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys []
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
S3 SUMMACUTamd;X64CUT.Sys port 1 driver v6.2; C:\Windows\System32\Drivers\AMDX64CUT.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\AESTSr64.exe []
R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2009-04-01 108289]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-12-04 94208]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-01-27 73728]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\STacSV64.exe []
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe []
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 vfsFPService;Validity Fingerprint Service; c:\Windows\system32\vfsFPService.exe [2008-11-18 599344]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-04-23 239160]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-21 228656]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-06-05 322032]
S2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-04-11 89920]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-06-05 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-06-05 655624]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe []

-----------------EOF-----------------

Hier die info.txt dazu:

Zitat

info.txt logfile of random's system information tool 1.06 2009-06-09 09:41:01

======Uninstall list======

-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Acrobat.com-->msiexec /qb /x {C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}
Acrobat.com-->MsiExec.exe /I{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}
ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Adobe After Effects CS4 Presets-->MsiExec.exe /I{44E240EC-2224-4078-A88B-2CEE0D3016EF}
Adobe After Effects CS4 Third Party Content-->MsiExec.exe /I{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}
Adobe After Effects CS4-->MsiExec.exe /I{45EC816C-0771-4C14-AE6D-72D1B578F4C8}
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Asset Services CS4-->MsiExec.exe /I{B9F4561A-924D-4510-A85A-BB0960C338CB}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
Adobe Color Video Profiles AE CS4-->MsiExec.exe /I{B15381DD-FF97-4FCD-A881-ED4DB0975500}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe Contribute CS4-->MsiExec.exe /I{A6EC82A0-1414-475D-8AFD-469089F3080D}
Adobe Creative Suite 4 Master Collection-->C:\Program Files (x86)\Common Files\Adobe\Installers\b2d6abde968e6f277ddbfd501383e02\Setup.exe --uninstall=1
Adobe Creative Suite 4 Master Collection-->MsiExec.exe /I{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}
Adobe CS4 American English Speech Analysis Models-->MsiExec.exe /I{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Dreamweaver CS4-->MsiExec.exe /I{30C8AA56-4088-426F-91D1-0EDFD3A25678}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
Adobe Encore CS4 Codecs-->MsiExec.exe /I{FB2A5FCC-B81B-48C2-A009-7804694D83E9}
Adobe Encore CS4-->MsiExec.exe /I{5EAD5443-7194-46CC-A055-428E6ABB1BAF}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Fireworks CS4-->MsiExec.exe /I{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}
Adobe Flash CS4 Extension - Flash Lite STI others-->MsiExec.exe /I{47C6F987-685A-41AE-B092-E75B277AEE39}
Adobe Flash CS4 STI-other-->MsiExec.exe /I{BD3374D3-C2E6-42B7-A80B-E850B6886246}
Adobe Flash CS4-->MsiExec.exe /I{F6E99614-F042-4459-82B7-8B38B2601356}
Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{3A6829EF-0791-4FDD-9382-C690DD0821B9}
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Illustrator CS4-->MsiExec.exe /I{87532CAB-7932-4F84-8937-823337622807}
Adobe InDesign CS4 Application Feature Set Files (Roman)-->MsiExec.exe /I{2BAF2B96-7560-48B4-87D4-10178DDBE217}
Adobe InDesign CS4 Common Base Files-->MsiExec.exe /I{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}
Adobe InDesign CS4 Icon Handler-->MsiExec.exe /I{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}
Adobe InDesign CS4-->MsiExec.exe /I{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Encoder CS4 Additional Exporter-->MsiExec.exe /I{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}
Adobe Media Encoder CS4 Dolby-->MsiExec.exe /I{EE353798-E875-42E0-B58D-7E6696182EA8}
Adobe Media Encoder CS4 Exporter-->MsiExec.exe /I{561968FD-56A1-49FD-9ED0-F55482C7C5BC}
Adobe Media Encoder CS4 Importer-->MsiExec.exe /I{8186FF34-D389-4B7E-9A2F-C197585BCFBD}
Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe MotionPicture Color Files CS4-->MsiExec.exe /I{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}
Adobe OnLocation CS4-->MsiExec.exe /I{7406DF60-016D-476B-A2C7-55D997592047}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Premiere Pro CS4 Functional Content-->MsiExec.exe /I{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}
Adobe Premiere Pro CS4 Third Party Content-->MsiExec.exe /I{C938BE91-3BB5-4B84-9EF6-88F0505D0038}
Adobe Premiere Pro CS4-->MsiExec.exe /I{D499F8DE-3F31-4900-9157-61061613704B}
Adobe Reader 8 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A80000000002}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}
Adobe SGM CS4-->MsiExec.exe /I{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}
Adobe SING CS4-->MsiExec.exe /I{4A52555C-032A-4083-BDD9-6A85ABFB39A8}
Adobe Soundbooth CS4 Codecs-->MsiExec.exe /I{52232EF4-CC12-4C21-ABCF-ADB79618302D}
Adobe Soundbooth CS4-->MsiExec.exe /I{14F70205-1940-4000-88C7-BE799A6B2CAD}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe Version Cue CS4 Server-->MsiExec.exe /I{1B7C06E1-4888-47A6-992A-0990B9683486}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
AVerMedia A309 (MiniCard, DVB-T) 1.0.64.46-->C:\Program Files (x86)\AVerMedia\AVerMedia A309 (MiniCard, DVB-T)\uninst.exe
Avira AntiVir Personal - Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE
CCleaner (remove only)-->"C:\Program Files (x86)\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
CorelDRAW Graphics Suite X4 - Capture-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF012}
CorelDRAW Graphics Suite X4 - Content-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF016}
CorelDRAW Graphics Suite X4 - Draw-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF013}
CorelDRAW Graphics Suite X4 - Filters-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF017}
CorelDRAW Graphics Suite X4 - FontNav-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF019}
CorelDRAW Graphics SUite X4 - ICA-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF010}
CorelDRAW Graphics Suite X4 - IPM-->MsiExec.exe /I{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}
CorelDRAW Graphics Suite X4 - Lang DE-->MsiExec.exe /I{AEFBAC58-2DDD-4CEF-BDFD-52A5A5F432ED}
CorelDRAW Graphics Suite X4 - PP-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF014}
CorelDRAW Graphics Suite X4 - VBA-->MsiExec.exe /I{BF439B41-0252-48DE-8B8B-0430CB26A181}
CorelDRAW Graphics Suite X4-->MsiExec.exe /I{44A27085-0616-4181-A0C3-81C7ECA17F73}
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->c:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\Uninst.exe
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->MsiExec.exe /X{CE2DA11A-917F-4CF5-AB55-755EC115DD10}
CorelDRAW(R) Graphics Suite X4-->c:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X4\Setup\SetupARP.exe /arp
Counter-Strike: Source-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/240
CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
Die Sims™ 3-->"C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe" -runfromtemp -l0x0007 -removeonly
ESU for Microsoft Vista-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43}
Falk Navi-Manager-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3222B0CE-59C5-4CA0-B545-2B88F200756B}\setup.exe" -l0x7 -removeonly
Favorit-->c:\users\dmc agentur\appdata\local\eaeyy.bat
HijackThis 2.0.2-->"C:\Program Files (x86)\trend micro\HijackThis.exe" /uninstall
HP Active Support Library-->"C:\Program Files (x86)\InstallShield Installation Information\{0295F89F-F698-4101-9A7D-49F407EC2D82}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP Help and Support-->MsiExec.exe /I{0054A0F6-00C9-4498-B821-B5C9578F433E}
HP MediaSmart TV-->"C:\Program Files (x86)\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\Setup.exe" /z-uninstall
HP MediaSmart TV-->"C:\Program Files (x86)\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\Setup.exe" /z-uninstall
HP Quick Launch Buttons-->C:\Program Files (x86)\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0007 -removeonly uninst
HP Wireless Assistant-->MsiExec.exe /I{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}
HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
IDT Audio-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -l0x7 -remove -removeonly
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
JMicron JMB38X Flash Media Controller-->"C:\Program Files (x86)\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe" delpkg
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
Lexware büroservice komplett 2009-->C:\Program Files (x86)\InstallShield Installation Information\{B16BC678-F0DC-418A-A0E0-64625CB50CA5}\setup.exe -runfromtemp -l0x0007 -removeonly
Lexware Elster-->MsiExec.exe /I{93567BBD-4369-47B2-A621-78E008F8EA33}
Lexware Info Service-->MsiExec.exe /X{59624372-3B85-47f4-9B04-4911E551DF1E}
Lexware online banking-->MsiExec.exe /X{B71CD243-6DC4-4579-BB0B-EC91926E1B75}
LightScribe System Software-->MsiExec.exe /X{4A9849CA-E11C-4F24-8BB1-97C717A1C898}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0407-1000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Groove MUI (German) 2007-->MsiExec.exe /X{90120000-00BA-0407-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (German) 2007-->MsiExec.exe /X{90120000-0044-0407-0000-0000000FF1CE}
Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Mozilla Firefox (3.0.10)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9}
QLBCASL-->MsiExec.exe /I{F1D7AC58-554A-4A58-B784-B61558B1449A}
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0007 -removeonly
RENESIS® Player Browser Plugins-->MsiExec.exe /I{62B7C52C-CAB6-48B1-8245-52356C141C92}
Samsung CLP-310 Series-->C:\Program Files (x86)\Samsung\Samsung CLP-310 Series\Install\Setup.exe /R
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
Summa Cutter Control 4.12.0.7-->"C:\Program Files (x86)\Summa\unins000.exe"
Summa Cutter Tools 1.8.0.1-->"C:\Program Files (x86)\Summa Cutter Tools\unins000.exe"
Summa WinPlot-->"C:\Program Files (x86)\SummaWinplot\unins000.exe"
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {40EDB4D3-A95E-413F-9578-F2E01A3D209B}
Update for Outlook 2007 Junk Email Filter (kb968503)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5DD98950-4D10-4B79-8BF6-59726705207D}
Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
VLC media player 0.9.8a-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Windows Live Anmelde-Assistent-->MsiExec.exe /I{52B97218-98CB-4B8B-9283-D213C85E1AA4}
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}
Windows Live Messenger-->MsiExec.exe /X{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe

======Hosts File======

127.0.0.1 activate.adobe.com

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: 37L4247I05-02
Event Code: 4201
Message: Netzwerkadapter "Loopback Pseudo-Interface 1" wurde mit dem Netzwerk verbunden, und das System im normalen Zustand gestartet.
Record Number: 5
Source Name: Tcpip
Time Written: 20090604162358.933615-000
Event Type: Informationen
User:

Computer Name: 37L4247I05-02
Event Code: 6
Message: Der Dateisystemfilter "FileInfo" (6.0, 2008-01-19T08:05:23.000Z) wurde erfolgreich geladen und im Filter-Manager registriert.
Record Number: 4
Source Name: Microsoft-Windows-FilterManager
Time Written: 20090604162358.902415-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: 37L4247I05-02
Event Code: 6005
Message: Der Ereignisprotokolldienst wurde gestartet.
Record Number: 3
Source Name: EventLog
Time Written: 20090604162628.000000-000
Event Type: Informationen
User:

Computer Name: 37L4247I05-02
Event Code: 6009
Message: Microsoft (R) Windows (R) 6.00. 6002 Service Pack 2 Multiprocessor Free.
Record Number: 2
Source Name: EventLog
Time Written: 20090604162628.000000-000
Event Type: Informationen
User:

Computer Name: 37L4247I05-02
Event Code: 6011
Message: Der NetBIOS-Name und der DNS-Hostname dieses Computers wurde von 37L4247I05-02 in WIN-M9ICUBZEJHZ geändert.
Record Number: 1
Source Name: EventLog
Time Written: 20090604162628.000000-000
Event Type: Informationen
User:

=====Application event log=====

Computer Name: 37L4247I05-02
Event Code: 1003
Message: Der Windows-Suchdienst wurde gestartet.

Record Number: 5
Source Name: Microsoft-Windows-Search
Time Written: 20090604162634.000000-000
Event Type: Informationen
User:

Computer Name: 37L4247I05-02
Event Code: 5615
Message: Der Windows-Verwaltungsinstrumentationsdienst wurde erfolgreich gestartet.
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20090604162633.000000-000
Event Type: Informationen
User:

Computer Name: 37L4247I05-02
Event Code: 4625
Message: Das EventSystem-Subsystem unterdrückt duplizierte Ereignisprotokolleinträge für eine Dauer von 86400 Sekunden. Dieses Zeitlimit kann durch den REG_DWORD-Wert SuppressDuplicateDuration unter folgendem Registrierungsschlüssel gesteuert werden: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 3
Source Name: Microsoft-Windows-EventSystem
Time Written: 20090604162630.000000-000
Event Type: Informationen
User:

Computer Name: 37L4247I05-02
Event Code: 900
Message: Der Softwarelizenzierungsdienst wird gestartet.

Record Number: 2
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20090604162629.000000-000
Event Type: Informationen
User:

Computer Name: 37L4247I05-02
Event Code: 1531
Message: Der Benutzerprofildienst wurde erfolgreich gestartet.

Record Number: 1
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090604162629.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

=====Security event log=====

Computer Name: 37L4247I05-02
Event Code: 4624
Message: Ein Konto wurde erfolgreich angemeldet.

Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: 37L4247I05-02$
Kontodomäne: WORKGROUP
Anmelde-ID: 0x3e7

Anmeldetyp: 5

Neue Anmeldung:
Sicherheits-ID: S-1-5-18
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e7
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}

Prozessinformationen:
Prozess-ID: 0x218
Prozessname: C:\Windows\System32\services.exe

Netzwerkinformationen:
Arbeitsstationsname:
Quellnetzwerkadresse: -
Quellport: -

Detaillierte Authentifizierungsinformationen:
Anmeldeprozess: Advapi
Authentifizierungspaket: Negotiate
Übertragene Dienste: -
Paketname (nur NTLM): -
Schlüssellänge: 0

Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.

Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".

Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).

Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.

Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.

Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
- Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
- Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
- Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
- Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090604162609.054049-000
Event Type: Überwachung erfolgreich
User:

Computer Name: 37L4247I05-02
Event Code: 4648
Message: Anmeldeversuch mit expliziten Anmeldeinformationen.

Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: 37L4247I05-02$
Kontodomäne: WORKGROUP
Anmelde-ID: 0x3e7
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}

Konto, dessen Anmeldeinformationen verwendet wurden:
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}

Zielserver:
Zielservername: localhost
Weitere Informationen: localhost

Prozessinformationen:
Prozess-ID: 0x218
Prozessname: C:\Windows\System32\services.exe

Netzwerkinformationen:
Netzwerkadresse: -
Port: -

Dieses Ereignis wird bei einem Anmeldeversuch durch einen Prozess generiert, wenn ausdrücklich die Anmeldeinformationen des Kontos angegeben werden. Dies ist normalerweise der Fall in Batch-Konfigurationen, z. B. bei geplanten Aufgaben oder wenn der Befehl "runas" verwendet wird.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090604162609.054049-000
Event Type: Überwachung erfolgreich
User:

Computer Name: 37L4247I05-02
Event Code: 4902
Message: Eine Benutzerrichtlinien-Überwachungstabelle wurde erstellt.

Anzahl von Elementen: 0
Richtlinienkennung: 0x8ecdb
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090604162603.843616-000
Event Type: Überwachung erfolgreich
User:

Computer Name: 37L4247I05-02
Event Code: 4624
Message: Ein Konto wurde erfolgreich angemeldet.

Antragsteller:
Sicherheits-ID: S-1-0-0
Kontoname: -
Kontodomäne: -
Anmelde-ID: 0x0

Anmeldetyp: 0

Neue Anmeldung:
Sicherheits-ID: S-1-5-18
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e7
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}

Prozessinformationen:
Prozess-ID: 0x4
Prozessname:

Netzwerkinformationen:
Arbeitsstationsname: -
Quellnetzwerkadresse: -
Quellport: -

Detaillierte Authentifizierungsinformationen:
Anmeldeprozess: -
Authentifizierungspaket: -
Übertragene Dienste: -
Paketname (nur NTLM): -
Schlüssellänge: 0

Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.

Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".

Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).

Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.

Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.

Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
- Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
- Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
- Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
- Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090604162602.642408-000
Event Type: Überwachung erfolgreich
User:

Computer Name: 37L4247I05-02
Event Code: 4608
Message: Windows wird gestartet.

Dieses Ereignis wird protokolliert, wenn LSASS.EXE gestartet und das Überwachungssubsystem initialisiert wird.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090604162602.642408-000
Event Type: Überwachung erfolgreich
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\Sybase\SQL Anywhere 9\Win32
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\winseqfe\release\Windows6.0\lh_sp2rtm\6002.18005.090410-1830\amd64fre\symbols.pri\TraceFormat
"DFSTRACINGON"=FALSE

-----------------EOF-----------------

und zu guter letzt... hjtscanlist.txt:

Zitat

Code

 
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
                        º                                    º 
                                    hjtscanlist v2.0              
                        º                                    º 
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 

Microsoft Windows [Version 6.0.6002]
 
 
C:

  09.06.2009 09:41     C:\rsit --------- 0   
  09.06.2009 09:40     C:\Program Files (x86) --------- 20480   
  09.06.2009 09:16     C:\ComboFix --------- 40960   
  09.06.2009 09:16     C:\Bug.txt --------- 10523   
  09.06.2009 08:59     C:\Windows --------- 24576   
       C:\pagefile.sys ---------    
  08.06.2009 21:16     C:\System Volume Information --------- 65536   
  08.06.2009 15:49     C:\Temp --------- 0   
  08.06.2009 13:08     C:\Fonts --------- 524288   
  06.06.2009 17:18     C:\ProgramData --------- 8192   
  06.06.2009 16:49     C:\Qoobox --------- 0   
  06.06.2009 09:58     C:\Downloads --------- 0   
  05.06.2009 12:20     C:\Program Files --------- 8192   
  05.06.2009 09:33     C:\MSOCache --------- 0   
  05.06.2009 09:08     C:\SWSetup --------- 4096   
  04.06.2009 19:23     C:\Intel --------- 0   
  04.06.2009 19:23     C:\BOOTSECT.BAK --------- 8192   
  04.06.2009 19:23     C:\Boot --------- 4096   
  04.06.2009 18:36     C:\$Recycle.Bin --------- 0   
  04.06.2009 18:35     C:\Users --------- 4096   
  04.06.2009 18:34     C:\Programme --------- 0   
  04.06.2009 18:34     C:\Dokumente und Einstellungen --------- 0   
  11.04.2009 18:23     C:\bootmgr --------- 333257   
  21.01.2008 05:04     C:\PerfLogs --------- 0   
  02.11.2006 17:42     C:\Documents and Settings --------- 0   
----------------------------------------

 
C:\Windows

  09.06.2009 09:03     C:\Windows\WindowsUpdate.log --------- 768711   
  09.06.2009 08:59     C:\Windows\setupact.log --------- 34   
  09.06.2009 08:59     C:\Windows\setuperr.log --------- 0   
  09.06.2009 08:58     C:\Windows\bootstat.dat --------- 67584   
  08.06.2009 23:44     C:\Windows\bthservsdp.dat --------- 12   
  05.06.2009 13:37     C:\Windows\win.ini --------- 219   
  05.06.2009 11:13     C:\Windows\ODBCINST.ini --------- 198   
  04.06.2009 21:40     C:\Windows\xUninstall.bat --------- 131   
  11.04.2009 18:22     C:\Windows\explorer.exe --------- 3079168   
  03.12.2008 18:03     C:\Windows\LxFrame.ini --------- 16751   
  05.08.2008 02:10     C:\Windows\sttray64.exe --------- 441344   
  19.06.2008 14:04     C:\Windows\BtwIEProxy.Exe --------- 388136   
  21.01.2008 05:21     C:\Windows\WindowsShell.Manifest --------- 749   
  21.01.2008 04:50     C:\Windows\HelpPane.exe --------- 734720   
  21.01.2008 04:49     C:\Windows\regedit.exe --------- 161792   
  21.01.2008 04:49     C:\Windows\bfsvc.exe --------- 65536   
  21.01.2008 04:49     C:\Windows\splwow64.exe --------- 39936   
  21.01.2008 04:48     C:\Windows\fveupdate.exe --------- 14848   
  21.01.2008 04:47     C:\Windows\notepad.exe --------- 169472   
  13.08.2007 20:47     C:\Windows\Dr. Printer Icon.ico --------- 11502   
  02.11.2006 17:04     C:\Windows\WMSysPr9.prx --------- 316640   
  02.11.2006 17:02     C:\Windows\twunk_32.exe --------- 31232   
  02.11.2006 17:02     C:\Windows\twunk_16.exe --------- 49680   
  02.11.2006 17:02     C:\Windows\twain_32.dll --------- 50688   
  02.11.2006 17:02     C:\Windows\twain.dll --------- 94784   
  02.11.2006 13:15     C:\Windows\hh.exe --------- 15872   
  02.11.2006 11:45     C:\Windows\winhlp32.exe --------- 9216   
  02.11.2006 10:26     C:\Windows\mib.bin --------- 43131   
  19.09.2006 13:41     C:\Windows\HomePremium.xml --------- 8328   
  18.09.2006 23:44     C:\Windows\system.ini --------- 219   
  18.09.2006 23:30     C:\Windows\msdfmap.ini --------- 1405   
----------------------------------------

 
C:\Windows\System

----------------------------------------

 
C:\Windows\System32

 09.06.2009 09:00     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3888  
 09.06.2009 09:00     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3888  
 09.06.2009 08:59     C:\Windows\system32\FNTCACHE.DAT --------- 5941320  
 08.06.2009 17:47     C:\Windows\system32\perfh009.dat --------- 587178  
 08.06.2009 17:47     C:\Windows\system32\perfc009.dat --------- 101250  
 08.06.2009 17:47     C:\Windows\system32\perfh007.dat --------- 618368  
 08.06.2009 17:47     C:\Windows\system32\perfc007.dat --------- 122830  
 08.06.2009 17:47     C:\Windows\system32\PerfStringBackup.INI --------- 1418720  
 08.06.2009 15:49     C:\Windows\system32\catroot --------- 4096  
 08.06.2009 15:49     C:\Windows\system32\drivers --------- 65536  
 08.06.2009 09:00     C:\Windows\system32\WDI --------- 4096  
 06.06.2009 16:27     C:\Windows\system32\config --------- 12288  
 06.06.2009 16:15     C:\Windows\system32\Tasks --------- 4096  
 05.06.2009 13:48     C:\Windows\system32\TUProgSt.exe --------- 841984  
 05.06.2009 13:47     C:\Windows\system32\TuneUpDefragService.exe --------- 506624  
 05.06.2009 10:39     C:\Windows\system32\wbem --------- 65536  
 05.06.2009 10:37     C:\Windows\system32\catroot2 --------- 8192  
 04.06.2009 19:39     C:\Windows\system32\Microsoft --------- 0  
 04.06.2009 19:39     C:\Windows\system32\zh-TW --------- 4096  
 04.06.2009 19:39     C:\Windows\system32\sv-SE --------- 0  
 04.06.2009 19:39     C:\Windows\system32\zh-CN --------- 0  
 04.06.2009 19:39     C:\Windows\system32\pl-PL --------- 4096  
 04.06.2009 19:39     C:\Windows\system32\pt-BR --------- 0  
 04.06.2009 19:39     C:\Windows\system32\ru-RU --------- 4096  
 04.06.2009 19:39     C:\Windows\system32\nl-NL --------- 0  
 04.06.2009 19:39     C:\Windows\system32\nb-NO --------- 0  
 04.06.2009 19:39     C:\Windows\system32\ko-KR --------- 0  
 04.06.2009 19:39     C:\Windows\system32\fi-FI --------- 0  
 04.06.2009 19:39     C:\Windows\system32\it-IT --------- 0  
 04.06.2009 19:39     C:\Windows\system32\ja-JP --------- 0  
 04.06.2009 19:39     C:\Windows\system32\fr-FR --------- 0  
 04.06.2009 19:39     C:\Windows\system32\es-AR --------- 0  
 04.06.2009 19:39     C:\Windows\system32\es-MX --------- 0  
 04.06.2009 19:39     C:\Windows\system32\es-ES --------- 4096  
 04.06.2009 19:39     C:\Windows\system32\da-DK --------- 4096  
 04.06.2009 19:39     C:\Windows\system32\en-US --------- 4096  
 04.06.2009 19:39     C:\Windows\system32\de-DE --------- 196608  
 04.06.2009 19:11     C:\Windows\system32\restore --------- 0  
 04.06.2009 18:30     C:\Windows\system32\license.rtf --------- 332816  
 07.05.2009 00:45     C:\Windows\system32\mrt.exe --------- 26185152  
 27.04.2009 14:21     C:\Windows\system32\authuitu.dll --------- 20736  
 27.04.2009 14:21     C:\Windows\system32\uxtuneup.dll --------- 35072  
 12.04.2009 00:23     C:\Windows\system32\winrm --------- 0  
 12.04.2009 00:23     C:\Windows\system32\Branding --------- 0  
 12.04.2009 00:22     C:\Windows\system32\slmgr --------- 0  
 12.04.2009 00:22     C:\Windows\system32\0407 --------- 0  
 12.04.2009 00:22     C:\Windows\system32\WCN --------- 0  
 12.04.2009 00:22     C:\Windows\system32\Printing_Admin_Scripts --------- 0  
 12.04.2009 00:22     C:\Windows\system32\de --------- 0  
 12.04.2009 00:18     C:\Windows\system32\perfd007.dat --------- 36916  
 12.04.2009 00:18     C:\Windows\system32\perfi007.dat --------- 290748  
 11.04.2009 19:05     C:\Windows\system32\umstartup.etl --------- 52224  
 11.04.2009 19:05     C:\Windows\system32\sysprep --------- 0  
 11.04.2009 18:45     C:\Windows\system32\umstartup000.etl --------- 291840  
 11.04.2009 18:31     C:\Windows\system32\ca-ES --------- 0  
 11.04.2009 18:31     C:\Windows\system32\lv-LV --------- 0  
 11.04.2009 18:31     C:\Windows\system32\hr-HR --------- 0  
 11.04.2009 18:31     C:\Windows\system32\et-EE --------- 0  
 11.04.2009 18:31     C:\Windows\system32\sk-SK --------- 0  
 11.04.2009 18:31     C:\Windows\system32\el-GR --------- 4096  
 11.04.2009 18:31     C:\Windows\system32\oobe --------- 4096  
 11.04.2009 18:31     C:\Windows\system32\migration --------- 0  
 11.04.2009 18:31     C:\Windows\system32\eu-ES --------- 0  
 11.04.2009 18:31     C:\Windows\system32\AdvancedInstallers --------- 0  
 11.04.2009 18:31     C:\Windows\system32\he-IL --------- 0  
 11.04.2009 18:31     C:\Windows\system32\setup --------- 0  
 11.04.2009 18:31     C:\Windows\system32\cs-CZ --------- 0  
 11.04.2009 18:31     C:\Windows\system32\hu-HU --------- 4096  
 11.04.2009 18:31     C:\Windows\system32\pt-PT --------- 0  
 11.04.2009 18:31     C:\Windows\system32\SLUI --------- 0  
 11.04.2009 18:30     C:\Windows\system32\sr-Latn-CS --------- 0  
 11.04.2009 18:30     C:\Windows\system32\manifeststore --------- 0  
 11.04.2009 18:30     C:\Windows\system32\sl-SI --------- 0  
 11.04.2009 18:30     C:\Windows\system32\uk-UA --------- 0  
 11.04.2009 18:30     C:\Windows\system32\bg-BG --------- 0  
 11.04.2009 18:30     C:\Windows\system32\ro-RO --------- 0  
 11.04.2009 18:30     C:\Windows\system32\th-TH --------- 0  
 11.04.2009 18:30     C:\Windows\system32\tr-TR --------- 4096  
 11.04.2009 18:30     C:\Windows\system32\vi-VN --------- 0  
 11.04.2009 18:30     C:\Windows\system32\lt-LT --------- 0  
 11.04.2009 18:30     C:\Windows\system32\ar-SA --------- 4096  
 11.04.2009 18:30     C:\Windows\system32\migwiz --------- 4096  
 11.04.2009 18:29     C:\Windows\system32\Boot --------- 0  
 11.04.2009 18:27     C:\Windows\system32\InstallPackage_ETW.Log.perf --------- 589824  
 11.04.2009 18:27     C:\Windows\system32\InstallPackage_ETW.Log.dpx --------- 589824  
 11.04.2009 18:27     C:\Windows\system32\InstallPackage_ETW.Log --------- 11337728  
 11.04.2009 18:24     C:\Windows\system32\TsWpfWrp.exe --------- 34624  
 11.04.2009 18:24     C:\Windows\system32\winresume.exe --------- 981480  
 11.04.2009 18:24     C:\Windows\system32\winresume.efi --------- 992728  
 11.04.2009 18:24     C:\Windows\system32\winload.exe --------- 1064920  
 11.04.2009 18:24     C:\Windows\system32\winload.efi --------- 1078232  
 11.04.2009 18:24     C:\Windows\system32\whealogr.dll --------- 33280  
 11.04.2009 18:24     C:\Windows\system32\wmpmde.dll --------- 1090048  
 11.04.2009 18:24     C:\Windows\system32\scavenge.dll --------- 946688  
 11.04.2009 18:24     C:\Windows\system32\compcln.exe --------- 56320  
 11.04.2009 18:24     C:\Windows\system32\rstrui.exe --------- 339968  
 11.04.2009 18:24     C:\Windows\system32\srcore.dll --------- 474624  
 11.04.2009 18:24     C:\Windows\system32\inetpp.dll --------- 156160  
 11.04.2009 18:24     C:\Windows\system32\inetppui.dll --------- 17408  
 11.04.2009 18:24     C:\Windows\system32\photowiz.dll --------- 402944  
----------------------------------------

 
C:\Windows\Prefetch

----------------------------------------

 
C:\Windows\Tasks

 09.06.2009 09:03     C:\Windows\Tasks\User_Feed_Synchronization-{525BE8A9-68E9-44CE-99CA-FFD0E70BFC90}.job --------- 430  
 09.06.2009 09:00     C:\Windows\Tasks\1-Klick-Wartung.job --------- 534  
 09.06.2009 08:58     C:\Windows\Tasks\SA.DAT --------- 6  
 08.06.2009 23:44     C:\Windows\Tasks\SCHEDLGU.TXT --------- 12672  
----------------------------------------

 
C:\Windows\Temp

 08.06.2009 16:44     C:\Windows\Temp\fwtsqmfile01.sqm --------- 632  
----------------------------------------

 
C:\Users\DMCAGE~1\AppData\Local\Temp

 09.06.2009 09:43     C:\Users\DMCAGE~1\AppData\Local\Temp\Rar$DI00.950 --------- 0  
 09.06.2009 09:43     C:\Users\DMCAGE~1\AppData\Local\Temp\hjtscanlist.zip --------- 2097  
 09.06.2009 09:36     C:\Users\DMCAGE~1\AppData\Local\Temp\MessengerCache --------- 4096  
 09.06.2009 09:16     C:\Users\DMCAGE~1\AppData\Local\Temp\etilqs_2nMbcu3fkjCMaF1ASYZ8 --------- 24600  
 09.06.2009 09:16     C:\Users\DMCAGE~1\AppData\Local\Temp\DMC Agentur.bmp --------- 31832  
 09.06.2009 09:15     C:\Users\DMCAGE~1\AppData\Local\Temp\cmd.execf --------- 318976  
 09.06.2009 09:04     C:\Users\DMCAGE~1\AppData\Local\Temp\Low --------- 0  
 09.06.2009 09:00     C:\Users\DMCAGE~1\AppData\Local\Temp\~DF4478.tmp --------- 311350  
 09.06.2009 08:59     C:\Users\DMCAGE~1\AppData\Local\Temp\WPDNSE --------- 0  
 08.06.2009 22:38     C:\Users\DMCAGE~1\AppData\Local\Temp\wmplog01.sqm --------- 2280  
 08.06.2009 21:07     C:\Users\DMCAGE~1\AppData\Local\Temp\~DFCCF4.tmp --------- 311350  
 08.06.2009 18:43     C:\Users\DMCAGE~1\AppData\Local\Temp\PCULog2.txt --------- 1568  
 08.06.2009 18:43     C:\Users\DMCAGE~1\AppData\Local\Temp\PCULog3.txt --------- 1295  
 08.06.2009 18:42     C:\Users\DMCAGE~1\AppData\Local\Temp\wmplog00.sqm --------- 1328  
 08.06.2009 18:36     C:\Users\DMCAGE~1\AppData\Local\Temp\~DFC35E.tmp --------- 311350  
 08.06.2009 16:57     C:\Users\DMCAGE~1\AppData\Local\Temp\PCULog1.txt --------- 1295  
 08.06.2009 16:48     C:\Users\DMCAGE~1\AppData\Local\Temp\~DF1850.tmp --------- 311350  
 08.06.2009 16:24     C:\Users\DMCAGE~1\AppData\Local\Temp\csxs-ILST.log --------- 4422  
 08.06.2009 15:50     C:\Users\DMCAGE~1\AppData\Local\Temp\SetAlti.exe0.log --------- 1115  
 08.06.2009 15:50     C:\Users\DMCAGE~1\AppData\Local\Temp\Setup.exe.log --------- 20779  
 08.06.2009 15:50     C:\Users\DMCAGE~1\AppData\Local\Temp\ssrun.dll(4).log --------- 645  
 08.06.2009 15:50     C:\Users\DMCAGE~1\AppData\Local\Temp\ssrun.dll(3).log --------- 335  
 08.06.2009 15:50     C:\Users\DMCAGE~1\AppData\Local\Temp\ssrun.dll(2).log --------- 546  
 08.06.2009 15:50     C:\Users\DMCAGE~1\AppData\Local\Temp\ssrun.dll(1).log --------- 542  
 08.06.2009 15:50     C:\Users\DMCAGE~1\AppData\Local\Temp\ssrun.dll(0).log --------- 629  
 08.06.2009 15:50     C:\Users\DMCAGE~1\AppData\Local\Temp\ssinstAD.exe.log --------- 3115  
 08.06.2009 15:49     C:\Users\DMCAGE~1\AppData\Local\Temp\PreInstaller.log --------- 2954  
 08.06.2009 13:31     C:\Users\DMCAGE~1\AppData\Local\Temp\MSIe262a.LOG --------- 2205322  
 08.06.2009 12:53     C:\Users\DMCAGE~1\AppData\Local\Temp\jar_cache4470833419948516509.tmp --------- 37809  
 08.06.2009 12:53     C:\Users\DMCAGE~1\AppData\Local\Temp\jar_cache2283664702968966282.tmp --------- 37608  
 08.06.2009 12:53     C:\Users\DMCAGE~1\AppData\Local\Temp\jar_cache8315032856560483490.tmp --------- 79619  
 08.06.2009 12:53     C:\Users\DMCAGE~1\AppData\Local\Temp\jar_cache5187486973168099829.tmp --------- 58757  
 08.06.2009 12:53     C:\Users\DMCAGE~1\AppData\Local\Temp\jar_cache5831866692861159434.tmp --------- 12348  
 08.06.2009 12:53     C:\Users\DMCAGE~1\AppData\Local\Temp\jar_cache2937348480703241189.tmp --------- 83267  
 08.06.2009 12:53     C:\Users\DMCAGE~1\AppData\Local\Temp\jar_cache7084918541040299891.tmp --------- 55691  
 08.06.2009 11:11     C:\Users\DMCAGE~1\AppData\Local\Temp\VBE --------- 0  
 08.06.2009 11:06     C:\Users\DMCAGE~1\AppData\Local\Temp\DMI1AF1.tmp --------- 0  
 07.06.2009 18:40     C:\Users\DMCAGE~1\AppData\Local\Temp\~DF26CC.tmp --------- 311350  
----------------------------------------

 
C:\Program Files

 05.06.2009 12:20     C:\Program Files\Adobe --------- 0  
 05.06.2009 11:52     C:\Program Files\Common Files --------- 4096  
 05.06.2009 09:36     C:\Program Files\Microsoft Office --------- 0  
 04.06.2009 20:44     C:\Program Files\Validity Sensors, Inc --------- 0  
 04.06.2009 20:23     C:\Program Files\Synaptics --------- 0  
 04.06.2009 20:22     C:\Program Files\DIFX --------- 0  
 04.06.2009 20:17     C:\Program Files\Hewlett-Packard --------- 0  
 04.06.2009 19:39     C:\Program Files\WIDCOMM --------- 0  
 04.06.2009 19:25     C:\Program Files\IDT --------- 4096  
 04.06.2009 18:34     C:\Program Files\Windows NT --------- 4096  
 04.06.2009 18:34     C:\Program Files\Gemeinsame Dateien --------- 0  
 11.04.2009 18:32     C:\Program Files\Windows Mail --------- 4096  
 11.04.2009 18:32     C:\Program Files\Windows Sidebar --------- 4096  
 11.04.2009 18:32     C:\Program Files\Movie Maker --------- 4096  
 11.04.2009 18:32     C:\Program Files\Internet Explorer --------- 4096  
 11.04.2009 18:32     C:\Program Files\Windows Media Player --------- 4096  
 11.04.2009 18:32     C:\Program Files\Windows Journal --------- 4096  
 11.04.2009 18:32     C:\Program Files\Windows Collaboration --------- 4096  
 11.04.2009 18:32     C:\Program Files\Windows Photo Gallery --------- 4096  
 11.04.2009 18:32     C:\Program Files\Windows Defender --------- 4096  
 21.01.2008 05:21     C:\Program Files\desktop.ini --------- 174  
 21.01.2008 05:09     C:\Program Files\Windows Calendar --------- 0  
 02.11.2006 17:44     C:\Program Files\Uninstall Information --------- 0  
 02.11.2006 17:07     C:\Program Files\Microsoft Games --------- 4096  
 02.11.2006 17:07     C:\Program Files\MSBuild --------- 0  
 02.11.2006 17:07     C:\Program Files\Reference Assemblies --------- 0  
----------------------------------------

 
C:\ProgramData\.. 

DMC Agentur    
Default    
desktop.ini    
Default User    
All Users    
Public    
----------------------------------------

 
C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost
::1             localhost
127.0.0.1                activate.adobe.com

----------------------------------------

 

Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process              0 Services                   0            24 K
System                           4 Services                   0         9.616 K
smss.exe                       416 Services                   0           976 K
csrss.exe                      564 Services                   0         7.764 K
wininit.exe                    608 Services                   0         5.048 K
csrss.exe                      628 Console                    1        10.124 K
winlogon.exe                   664 Console                    1         7.392 K
services.exe                   704 Services                   0         7.920 K
lsass.exe                      716 Services                   0        10.748 K
lsm.exe                        724 Services                   0         5.532 K
svchost.exe                    876 Services                   0         8.044 K
nvvsvc.exe                     944 Services                   0         3.892 K
svchost.exe                    976 Services                   0         9.116 K
svchost.exe                   1020 Services                   0        38.412 K
svchost.exe                    428 Services                   0        20.292 K
svchost.exe                    572 Services                   0       139.652 K
svchost.exe                    552 Services                   0        85.412 K
stacsv64.exe                   696 Services                   0        11.916 K
audiodg.exe                   1056 Services                   0        20.300 K
SLsvc.exe                     1236 Services                   0        13.636 K
rundll32.exe                  1272 Console                    1         7.548 K
svchost.exe                   1340 Services                   0        14.484 K
vfsFPService.exe              1448 Services                   0        14.404 K
svchost.exe                   1536 Services                   0        19.724 K
dwm.exe                       1696 Console                    1        74.420 K
explorer.exe                  1704 Console                    1        72.832 K
spoolsv.exe                   1880 Services                   0        12.640 K
sched.exe                     1920 Services                   0         2.432 K
taskeng.exe                   1944 Console                    1        15.780 K
taskeng.exe                   2000 Services                   0         7.228 K
svchost.exe                    972 Services                   0        23.380 K
sttray64.exe                  1124 Console                    1        15.540 K
SmartMenu.exe                 2064 Console                    1        71.404 K
SynTPEnh.exe                  2076 Console                    1        10.032 K
Steam.exe                     2084 Console                    1        73.296 K
msnmsgr.exe                   2100 Console                    1        75.344 K
BTTray.exe                    2200 Console                    1        12.888 K
HPWAMain.exe                  2264 Console                    1         7.832 K
AESTSr64.exe                  2296 Services                   0         2.196 K
QLBCTRL.exe                   2304 Console                    1         8.864 K
svchost.exe                   2400 Services                   0         4.464 K
LSSrvc.exe                    2504 Services                   0         4.896 K
PsiService_2.exe              2592 Services                   0         4.048 K
svchost.exe                   2608 Services                   0         8.320 K
TUProgSt.exe                  2632 Services                   0         5.116 K
svchost.exe                   2708 Services                   0         2.820 K
SearchIndexer.exe             2732 Services                   0       128.896 K
hpqWmiEx.exe                  3048 Services                   0         6.576 K
WmiPrvSE.exe                  1728 Services                   0         8.508 K
WiFiMsg.exe                   2640 Console                    1         6.352 K
Com4QLBEx.exe                 3128 Services                   0         5.248 K
HpqToaster.exe                3272 Console                    1         7.156 K
BTStackServer.exe             3320 Console                    1        14.304 K
SynTPHelper.exe               3724 Console                    1         3.248 K
BluetoothHeadsetProxy.exe     3776 Console                    1         4.116 K
SteamService.exe              3896 Services                   0         6.364 K
conime.exe                    3232 Console                    1         4.488 K
HPHC_Service.exe              1200 Services                   0        14.328 K
PresentationFontCache.exe     3588 Services                   0        27.220 K
svchost.exe                   4052 Services                   0         8.192 K
SearchProtocolHost.exe        3592 Services                   0        12.668 K
taskeng.exe                   2976 Console                    1        14.612 K
firefox.exe                   2480 Console                    1       114.984 K
wlcomm.exe                    4636 Console                    1        28.160 K
explorer.exe                  2884 Console                    1        33.048 K
notepad.exe                   1100 Console                    1         6.836 K
notepad.exe                   4368 Console                    1         6.704 K
WinRAR.exe                    2384 Console                    1        19.964 K
SearchFilterHost.exe          2876 Services                   0        13.208 K
cmd.exe                       3988 Console                    1         3.236 K
dllhost.exe                   4604 Console                    1         5.748 K
tasklist.exe                  4528 Console                    1         5.836 K
WmiPrvSE.exe                   844 Services                   0         7.496 K

 
***** Ende des Scans 09.06.2009 um  9:46:02,86 ***

hoffe die können euch helfen

Dieser Beitrag wurde am 09.06.2009 um 09:52 Uhr von dmc editiert.

09.06.2009, 12:20

virenfinder

Member

Beiträge: 3716

#2 lass malwarebytes laufen, poste das log...
64 bit, da läuft kaum was von den reinigungsproggis...
http://board.protecus.de/t23188.htm

09.06.2009, 12:52

raman

Moderator

Beiträge: 7805

#3 Da Mbam eine grottige NAvipromo Erkennung hat( nicht nur Mbam) deinstalliere es mit folgenden Eintrag unter "Programme und Funktionen", das sollte auch reichen:

Favorit
__________
MfG Ralf
SEO-Spam Hunter

09.06.2009, 15:18

dmc

...neu hier

Themenstarter

Beiträge: 3

Zitat

raman postete
Da Mbam eine grottige NAvipromo Erkennung hat( nicht nur Mbam) deinstalliere es mit folgenden Eintrag unter "Programme und Funktionen", das sollte auch reichen:

Favorit

ich verstehe jezt nicht genau wie und was du da gerade meinst...

09.06.2009, 15:29

virenfinder

Member

Beiträge: 3716

#5 du sollst in deine softwareliste gehen (unter systemsteuerung) und da das von raman genannte deinstalieren.

10.06.2009, 09:47

dmc

...neu hier

Themenstarter

Beiträge: 3

#6 lässt sich nicht deinstallieren

10.06.2009, 10:18

virenfinder

Member

Beiträge: 3716

#7 Navilog instalieren, Option 1 ausfüren, log posten:
http://virus-protect.org/artikel/tools/navilog.html
evtl. warnmeldungen des Antivirenscanners bei navilog.exe ignorieren.

Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:

Seite(n): 1