Virus, Trojaner, Malware oder was hab ich da?

[conte]

Hallo ihr lieben!

Ich ahb mir irgendwas eingefangen!

wäre lieb, wenn ihr mal drübergugt.

Code:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:56:11, on 18.09.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Realtek\REALTEK DVB-T USB DEVICE\IR_SERVER.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Dell Support Center\gs_agent\dsc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.de/ig/dell?hl=de&c...de&ibd=4080714
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yodl.de
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.de/ig/dell?hl=de&c...de&ibd=4080714
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer bereitgestellt von Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [IR_SERVER] C:\Program Files\Realtek\REALTEK DVB-T USB DEVICE\IR_SERVER.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P10 /q c:\users\lukas\appdata\local\temp\{10798~1.SH! c:\users\lukas\appdata\local\temp\WLZAC2B.SH! (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P10 /q c:\users\lukas\appdata\local\temp\{10798~1.SH! c:\users\lukas\appdata\local\temp\WLZAC2B.SH! (User 'Default user')
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O4 - Global Startup: TMMonitor.lnk = C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - Extra 'Tools' menuitem: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mcafee.com
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (file missing)
O23 - Service: McAfee Scanner (McODS) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe (file missing)
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: McAfee Personal Firewall Service (MpfService) - Unknown owner - C:\Program Files\McAfee\MPF\MPFSrv.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - Unknown owner - C:\Program Files\McAfee\MSK\MskSrver.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\Windows\system32\IoctlSvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c204e27d\STac SV.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 8938 bytes

danke!

[Petra]

Willkommen im HijackThis.de Supportforum Conte,

ein System zu bereinigen ist unter Umständen aufwändig und mit einiger Arbeit für Dich verbunden. Bevor wir anfangen, hier noch ein paar lästige, aber wichtige grundsätzliche Punkte, die zu beachten sind: Respektiere unsere Forenregeln und sei nicht zu ungeduldig, wenn es mal etwas länger dauert, bis wir antworten. Es gibt grundsätzlich keinen Support per PN oder Mail. Weiter ist zu beachten, dass wir keine Rechner bereinigen, die geschäftlich genutzt werden und selbstverständlich auch keine Rechner, die Cracks, Keygens oder sonstige Hacks enthalten, die es ermöglichen, Bezahlsoftware ohne Bezahlung zu nutzen.

Es ist wichtig, dass Du solange mitarbeitest, bis alle Punkte abgearbeitet sind und das Signal kommt, dass die Bereinigung beendet ist, auch wenn die Symptome vielleicht schon nach den ersten Aktionen verschwunden sein sollten. Bitte alle Logfiles in Code-Tags posten. Du kannst Deine Beiträge über den "Ändern-Button" jederzeit ergänzen/ändern/löschen. Wichtig: Während unserer Reinigungphase nur Programme installieren und Scans durchführen, die wir anordnen. Vista User: Bitte alle Programme und Tools, die wir anordnen, immer mit Rechtsklick und "als Administrator ausführen" starten.

Wenn Du dazu bereit bist, arbeite die folgenden Punkte unbedingt in der vorgegebenen Reihenfolge ab. Das ist deshalb so wichtig, weil häufig der eine Punkt den anderen voraussetzt! Wenn bei einem Punkt etwas unklar ist oder etwas nicht (wie geplant) funktioniert, bitte nachfragen, bevor Du weitermachst. Berichte mir zu jedem Punkt, ob Du ihn abgearbeitet hast bzw. welche Probleme evtl. aufgetreten sind.

===== Punkt 1 =====

Zwei Antiviren-Programme mit Hintergrundwächter gleichzeitig laufen zu lassen, ist keine gute Idee, sie können sich gegenseitig stören und u. U. Dein System stark behindern oder sogar crashen lassen. Ich sehe bei Dir AntiVir und McAfee. Entscheide Dich für eine Variante und deinstalliere die andere über Systemsteuerung => Software. Rechner neu starten.

Speedy hat letztens eine einleuchtende Erklärung dazu geliefert: "Man stelle sich einen Torwart vor, der das Tor hüten soll (Viren-Programm), der Ball kommt angeflogen (Virus), der Torhüter konzentriert sich auf den Ball und fängt ihn. Jetzt stelle Dir zwei Torhüter im Tor vor ...., die knallen aneinander und der Ball kann ungehindert ins Tor wandern." Fazit: Eines der beiden Programme muss wieder runter.

===== Punkt 2 =====

Systemdetails mit RSIT prüfen

• Lade Random's System Information Tool (RSIT) von random/random herunter,
• speichere es auf Deinem Desktop.
• Starte mit Doppelklick die RSIT.exe.
• Klicke auf Continue, um die Nutzungsbedingungen zu akzeptieren.
• Wenn Du HijackThis nicht installiert hast, wird RSIT das für Dich herunterladen und installieren.
• In dem Fall bitte auch die Nutzungsbedingungen von Trend Micro für HJT akzeptieren I accept.
• Wenn Deine Firewall fragt, bitte RSIT erlauben, ins Netz zu gehen.
• Der Scan startet automatisch, RSIT checkt nun einige wichtige System-Bereiche und produziert Logfiles als Analyse-Grundlage.
• Wenn der Scan beendet ist, werden zwei Logfiles erstellt und in Deinem Editor geöffnet.
• Bitte poste den Inhalt von C:\rsit\log.txt und C:\rsit\info.txt (<= minimiert) hier in den Thread.

• Bei nötigen Folgescans das Tool immer wie folgt starten:
• Start => ausführen => "%userprofile%\desktop\rsit.exe" /info (reinkopieren),
  damit die alten Logdateien überschrieben werden.

===== Punkt 3 =====

Dateiliste mit HJTscanlist.bat erstellen

Da ein HJT-Logfile nur bedingt aussagekräftig ist, möchte ich mir den Inhalt einiger kritischer Verzeichnisse auf Deinem System ansehen. Dazu lade folgende Datei herunter HJTscanlist.zip. Entpacke die Datei auf Deinen Desktop. Auf dem Desktop befindet sich nun die Datei HJTscanlist.bat, diese doppelklicken, um sie zu starten. Wähle Dein Betriebssystem aus. Bei Abfrage der Einstellung benutze bitte die Auswahl Nr. 1 (Scanlist). Nun wird die Dateiliste erstellt und in Deinem Editor geöffnet und als hjtscanlist.txt auf Deinem Desktop gespeichert. Poste mir den Inhalt der Dateiliste hier in den Thread.

Falls Du WindowsXP Home oder Windows 2000 hast, bitte zusätzlich tasklist.zip downloaden und nach C:\Windows\system32 respektive C:\WINNT\system32 entpacken, damit die HJTscanlist.bat eine Taskliste erstellen kann. Zur Erklärung: das Tool tasklist.exe ist nur in Windows Professional enthalten und muss bei Windows XP Home nachinstalliert werden.

===== Punkt 4 =====

Berichte, wie der Rechner nun läuft und welche Probleme er macht.

[conte]

halo, Klasse Antowrt!
Ich werd das alles mal amchen, und das dann hier editieren. das mit mcafee und avira ist klar, ich hatte mcafee schon gelöscht, aber iwie lässt es sich nicht löschen. ich hab es unter systemsteuerung, danach unter C:\Programme\...
Weist du eine Lösung?

Code:

Logfile of random's system information tool 1.02 (written by random/random)
Run by Lukas at 2008-09-19 14:10:50
Microsoft® Windows Vista™ Home Premium  Service Pack 1
System drive C: has 64 GB (45%) free of 142 GB
Total RAM: 3069 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:10:56, on 19.09.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Realtek\REALTEK DVB-T USB DEVICE\IR_SERVER.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Program Files\Eraser\Eraser.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Dell Support Center\gs_agent\dsc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Lukas\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Lukas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=4080714
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yodl.de
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=4080714
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer bereitgestellt von Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [IR_SERVER] C:\Program Files\Realtek\REALTEK DVB-T USB DEVICE\IR_SERVER.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P10 /q c:\users\lukas\appdata\local\temp\{10798~1.SH! c:\users\lukas\appdata\local\temp\WLZAC2B.SH! (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P10 /q c:\users\lukas\appdata\local\temp\{10798~1.SH! c:\users\lukas\appdata\local\temp\WLZAC2B.SH! (User 'Default user')
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O4 - Global Startup: TMMonitor.lnk = C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - Extra 'Tools' menuitem: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O13 - Gopher Prefix: 
O15 - Trusted Zone: http://*.mcafee.com
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (file missing)
O23 - Service: McAfee Scanner (McODS) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe (file missing)
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: McAfee Personal Firewall Service (MpfService) - Unknown owner - C:\Program Files\McAfee\MPF\MPFSrv.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - Unknown owner - C:\Program Files\McAfee\MSK\MskSrver.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\Windows\system32\IoctlSvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c204e27d\STacSV.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 8979 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Klick-Wartung.job
C:\Windows\tasks\GoogleUpdateTaskUser.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2007-10-19 817936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
McAfee Phishing Filter

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-09-08 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-08-31 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll [2008-08-27 651760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2007-10-19 817936]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2008-08-13 352256]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-08-31 2403392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2008-03-11 163840]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-03-14 442433]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-10-03 178712]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2008-03-12 3563520]
"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-03-11 202544]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"IR_SERVER"=C:\Program Files\Realtek\REALTEK DVB-T USB DEVICE\IR_SERVER.exe [2007-04-16 139264]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""=C:\Program Files\Mozilla Firefox\
"ICQ"=C:\Program Files\ICQ6\ICQ.exe [2008-08-24 173304]
"Eraser"=C:\Program Files\Eraser\Eraser.exe [2007-12-23 916240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe [2008-07-17 89024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY]
C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-09-08 1235736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-03-11 202544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2008-03-11 16384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]
C:\Program Files\Eraser\Eraser.exe [2007-12-23 916240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-07-14 29744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-04 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\PROGRA~1\ICQ6\ICQ.exe [2008-08-24 173304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe]
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mozilla Thunderbird]
C:\Program Files\Mozilla Thunderbird\thunderbird.exe [2008-08-08 8496752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
C:\Program Files\Dell\MediaDirect\PCMService.exe [2008-01-14 132392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
C:\Program Files\PDFDrucker\PDFPrintBackend.exe [2005-07-03 71080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SightSpeed]
C:\Program Files\Dell Video Chat\DellVideoChat.exe [2008-02-21 4819256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2008-05-30 21718312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-08-27 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2008-07-09 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^IR_SERVER.lnk]
C:\PROGRA~1\PC-TV\WINMAN~1\IR_SER~1.EXE [2007-04-16 139264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinManager.lnk]
C:\PROGRA~1\PC-TV\WINMAN~1\WINMAN~1.EXE [2007-03-30 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lukas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^StarOffice 8.lnk]
C:\PROGRA~1\Sun\STAROF~1\program\QUICKS~1.EXE [2005-06-21 122880]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe
TMMonitor.lnk - C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist]
C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [2008-07-14 10536]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\GoToAssist]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fceda4ca-51b2-11dd-8c02-806e6f6e6963}]
shell\AutoRun\command - E:\setup.exe


======File associations======

.js - open - %SystemRoot%\System32\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\System32\CScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2008-09-19 14:09:16 ----D---- C:\rsit
2008-09-18 21:24:05 ----D---- C:\Users\Lukas\AppData\Roaming\ASCOMP Software
2008-09-18 21:23:58 ----D---- C:\Program Files\ASCOMP Software
2008-09-18 20:55:32 ----D---- C:\Program Files\Trend Micro
2008-09-18 13:40:08 ----D---- C:\Program Files\NeoSmart Technologies
2008-09-17 22:32:24 ----D---- C:\Program Files\Countdown
2008-09-17 22:30:37 ----A---- C:\Windows\system32\Stkit432.dll
2008-09-17 22:30:37 ----A---- C:\Windows\system32\Mfcans32.dll
2008-09-17 22:30:37 ----A---- C:\Windows\system32\Dzip32.dll
2008-09-17 22:30:36 ----A---- C:\Windows\system32\Oc30.dll
2008-09-17 22:30:36 ----A---- C:\Windows\system32\Msvbvm50.dll
2008-09-17 22:30:34 ----D---- C:\Program Files\MinMan
2008-09-17 22:30:29 ----A---- C:\Windows\uninst.exe
2008-09-17 22:30:22 ----D---- C:\WebCD
2008-09-15 20:30:04 ----D---- C:\Program Files\TVAnts
2008-09-15 20:18:23 ----A---- C:\Windows\system32\msimsg.dll
2008-09-15 20:18:23 ----A---- C:\Windows\system32\msihnd.dll
2008-09-15 20:18:23 ----A---- C:\Windows\system32\msiexec.exe
2008-09-15 20:18:22 ----A---- C:\Windows\system32\msi.dll
2008-09-15 20:12:39 ----SHD---- C:\Config.Msi
2008-09-15 19:36:50 ----A---- C:\Windows\system32\XAudio2_1.dll
2008-09-15 19:36:50 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2008-09-15 19:36:49 ----A---- C:\Windows\system32\xactengine3_1.dll
2008-09-15 19:36:49 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2008-09-15 19:36:48 ----A---- C:\Windows\system32\d3dx10_38.dll
2008-09-15 19:36:48 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2008-09-15 19:36:47 ----A---- C:\Windows\system32\XAudio2_0.dll
2008-09-15 19:36:47 ----A---- C:\Windows\system32\D3DX9_38.dll
2008-09-15 19:36:46 ----A---- C:\Windows\system32\xactengine3_0.dll
2008-09-15 19:36:45 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2008-09-15 19:36:45 ----A---- C:\Windows\system32\d3dx10_37.dll
2008-09-15 19:36:45 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2008-09-15 19:36:44 ----A---- C:\Windows\system32\D3DX9_37.dll
2008-09-15 19:36:43 ----A---- C:\Windows\system32\xactengine2_10.dll
2008-09-15 19:36:42 ----A---- C:\Windows\system32\d3dx10_36.dll
2008-09-15 19:36:42 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2008-09-15 19:36:41 ----A---- C:\Windows\system32\d3dx9_36.dll
2008-09-15 19:36:40 ----A---- C:\Windows\system32\xactengine2_9.dll
2008-09-15 19:36:39 ----A---- C:\Windows\system32\d3dx10_35.dll
2008-09-15 19:36:39 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2008-09-15 19:36:38 ----A---- C:\Windows\system32\d3dx9_35.dll
2008-09-15 19:36:37 ----A---- C:\Windows\system32\xactengine2_8.dll
2008-09-15 19:36:37 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2008-09-15 19:36:36 ----A---- C:\Windows\system32\d3dx10_34.dll
2008-09-15 19:36:36 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2008-09-15 19:36:35 ----A---- C:\Windows\system32\xinput1_3.dll
2008-09-15 19:36:35 ----A---- C:\Windows\system32\d3dx9_34.dll
2008-09-15 19:36:34 ----A---- C:\Windows\system32\xactengine2_7.dll
2008-09-15 19:36:33 ----A---- C:\Windows\system32\d3dx10_33.dll
2008-09-15 19:36:33 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2008-09-15 19:36:32 ----A---- C:\Windows\system32\d3dx9_33.dll
2008-09-15 19:36:31 ----A---- C:\Windows\system32\xactengine2_6.dll
2008-09-15 19:36:31 ----A---- C:\Windows\system32\xactengine2_5.dll
2008-09-15 19:36:30 ----A---- C:\Windows\system32\d3dx10.dll
2008-09-15 19:36:29 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-09-15 19:36:28 ----A---- C:\Windows\system32\xactengine2_4.dll
2008-09-15 19:36:28 ----A---- C:\Windows\system32\x3daudio1_1.dll
2008-09-15 19:36:28 ----A---- C:\Windows\system32\d3dx9_31.dll
2008-09-15 19:36:27 ----A---- C:\Windows\system32\xinput1_2.dll
2008-09-15 19:36:27 ----A---- C:\Windows\system32\xactengine2_3.dll
2008-09-15 19:36:26 ----A---- C:\Windows\system32\xactengine2_2.dll
2008-09-15 19:31:03 ----D---- C:\Program Files\Ubisoft
2008-09-13 19:31:10 ----D---- C:\Program Files\ICQ6
2008-09-12 16:47:45 ----D---- C:\Windows\system32\vmm32
2008-09-10 18:37:07 ----D---- C:\Users\Lukas\AppData\Roaming\ArcSoft
2008-09-10 18:36:48 ----D---- C:\Program Files\Common Files\ArcSoft
2008-09-10 18:36:02 ----D---- C:\Program Files\ArcSoft
2008-09-10 18:36:02 ----A---- C:\Windows\system32\unicows.dll
2008-09-10 18:26:18 ----D---- C:\Program Files\Realtek
2008-09-10 18:25:26 ----D---- C:\Users\Lukas\AppData\Roaming\InstallShield
2008-09-10 18:25:03 ----D---- C:\USB_Digital-TV_Receiver
2008-09-10 14:47:58 ----A---- C:\Windows\system32\schedlog.txt
2008-09-10 13:49:15 ----D---- C:\Windows\Cache
2008-09-10 07:41:03 ----HD---- C:\ProgramData\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}
2008-09-10 07:40:53 ----D---- C:\Program Files\Eraser
2008-09-10 03:56:56 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-09-10 03:56:56 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-09-10 03:56:44 ----A---- C:\Windows\system32\wmpeffects.dll
2008-09-10 03:56:43 ----A---- C:\Windows\system32\emdmgmt.dll
2008-09-10 03:56:42 ----A---- C:\Windows\system32\dataclen.dll
2008-09-10 03:56:42 ----A---- C:\Windows\system32\cdd.dll
2008-09-09 21:48:09 ----D---- C:\Program Files\E.M. DVD Copy
2008-09-09 17:33:48 ----D---- C:\Program Files\Common Files\MaierSoft
2008-09-09 17:33:47 ----D---- C:\Program Files\SimilarImages
2008-09-09 16:36:11 ----D---- C:\Program Files\SCi
2008-09-09 13:22:42 ----HD---- C:\$AVG8.VAULT$
2008-09-08 21:35:17 ----A---- C:\Windows\system32\avgrsstx.dll
2008-09-08 18:25:58 ----D---- C:\Users\Lukas\AppData\Roaming\JGoodies
2008-09-08 18:25:32 ----D---- C:\Program Files\JGoodies
2008-09-07 20:52:59 ----D---- C:\Program Files\PDFDrucker
2008-09-07 15:49:44 ----D---- C:\Program Files\FTP Commander
2008-09-07 15:44:23 ----D---- C:\Users\Lukas\AppData\Roaming\ESTsoft
2008-09-07 15:44:23 ----D---- C:\ProgramData\ESTsoft
2008-09-07 15:44:15 ----D---- C:\Program Files\ESTsoft
2008-09-07 15:30:21 ----D---- C:\Program Files\MSA
2008-09-07 15:30:19 ----D---- C:\Program Files\PCHealthCenter
2008-09-07 15:26:01 ----D---- C:\Users\Lukas\AppData\Roaming\SmartFTP
2008-09-07 15:25:27 ----D---- C:\Program Files\SmartFTP Client
2008-09-07 15:24:54 ----D---- C:\Program Files\SmartFTP Client 3.0 Setup Files
2008-09-07 15:20:11 ----D---- C:\Program Files\WinSCP
2008-09-07 14:30:10 ----D---- C:\Users\Lukas\AppData\Roaming\FileZilla
2008-09-07 14:29:50 ----D---- C:\Program Files\FileZilla FTP Client
2008-09-07 12:52:39 ----A---- C:\Windows\system32\MPFServiceFailureCount.txt
2008-09-07 00:59:04 ----D---- C:\ProgramData\Avg8
2008-09-07 00:37:54 ----HD---- C:\Windows\Icons
2008-09-07 00:23:02 ----D---- C:\ProgramData\Avira
2008-09-07 00:23:02 ----D---- C:\Program Files\Avira
2008-09-05 21:15:55 ----D---- C:\Downloads
2008-09-03 14:01:40 ----D---- C:\Program Files\Smart Projects
2008-09-03 13:42:25 ----D---- C:\Users\Lukas\AppData\Roaming\InfraRecorder
2008-09-03 13:42:18 ----D---- C:\Program Files\InfraRecorder
2008-09-03 13:39:43 ----A---- C:\Windows\ODBC.INI
2008-09-03 13:39:35 ----A---- C:\Windows\system32\mdimon.dll
2008-09-03 13:34:35 ----D---- C:\Program Files\Common Files\DESIGNER
2008-09-03 13:33:11 ----D---- C:\Program Files\Microsoft.NET
2008-09-03 13:29:23 ----RHD---- C:\MSOCache
2008-09-02 22:09:49 ----D---- C:\Users\Lukas\AppData\Roaming\StarOffice8
2008-09-02 21:50:28 ----D---- C:\Program Files\MP3Gain
2008-09-02 21:34:10 ----D---- C:\Program Files\Sun
2008-09-02 21:16:51 ----D---- C:\Users\Lukas\AppData\Roaming\PPLive
2008-09-02 21:15:48 ----D---- C:\Program Files\PPLive
2008-09-01 16:34:44 ----A---- C:\Windows\system32\ShellManager310E2D762.dll
2008-09-01 16:14:27 ----D---- C:\ubuntu-backup
2008-08-31 18:27:18 ----D---- C:\Program Files\HWiNFO32
2008-08-31 18:17:59 ----D---- C:\Program Files\Acon Digital Media
2008-08-31 18:02:36 ----D---- C:\Program Files\FolderSize
2008-08-31 16:23:03 ----D---- C:\Program Files\AVG
2008-08-29 21:51:21 ----A---- C:\Bild-de BildschirmschonerTrace.txt
2008-08-29 21:51:05 ----D---- C:\Windows\system32\Bild-de Bildschirmschoner dir
2008-08-28 22:48:59 ----A---- C:\Windows\Carry_It_Easy-v1.6.1.7.INI
2008-08-27 21:26:43 ----D---- C:\ProgramData\Google Updater
2008-08-25 17:07:38 ----D---- C:\Users\Lukas\AppData\Roaming\DivX
2008-08-25 16:21:20 ----D---- C:\Users\Lukas\AppData\Roaming\UseNeXT
2008-08-25 16:21:17 ----D---- C:\Program Files\Usenet.to
2008-08-25 15:09:18 ----D---- C:\Users\Lukas\AppData\Roaming\Verimount
2008-08-25 15:09:06 ----D---- C:\Program Files\Verimount
2008-08-23 23:52:42 ----D---- C:\Program Files\DivX
2008-08-23 23:14:01 ----D---- C:\Program Files\Veoh Networks
2008-08-22 23:44:16 ----D---- C:\Windows\Minidump
2008-08-22 23:43:21 ----A---- C:\Windows\ntbtlog.txt
2008-08-22 20:55:40 ----D---- C:\Program Files\Giant
2008-08-22 13:51:38 ----D---- C:\Program Files\Apple Software Update
2008-08-22 13:51:19 ----D---- C:\Users\Lukas\AppData\Roaming\Apple Computer
2008-08-22 13:50:49 ----D---- C:\Program Files\iPod
2008-08-22 13:50:46 ----D---- C:\Program Files\iTunes
2008-08-22 13:50:34 ----D---- C:\Program Files\Bonjour
2008-08-22 13:49:20 ----D---- C:\Program Files\Common Files\Apple
2008-08-21 21:26:51 ----A---- C:\Windows\system32\bosskey.ini
2008-08-21 10:05:17 ----A---- C:\Windows\system32\wups2.dll
2008-08-21 10:05:17 ----A---- C:\Windows\system32\wucltux.dll
2008-08-21 10:05:17 ----A---- C:\Windows\system32\wuaueng.dll
2008-08-21 10:05:17 ----A---- C:\Windows\system32\wuauclt.exe
2008-08-21 10:04:48 ----A---- C:\Windows\system32\wups.dll
2008-08-21 10:04:48 ----A---- C:\Windows\system32\wudriver.dll
2008-08-21 10:04:48 ----A---- C:\Windows\system32\wuapi.dll
2008-08-21 10:04:37 ----A---- C:\Windows\system32\wuwebv.dll
2008-08-21 10:04:37 ----A---- C:\Windows\system32\wuapp.exe
2008-08-21 07:30:35 ----D---- C:\Program Files\RocketDock
2008-08-20 22:51:53 ----D---- C:\Program Files\MSXML 4.0
2008-08-20 21:26:50 ----D---- C:\Users\Lukas\AppData\Roaming\Printer Info Cache
2008-08-20 21:26:50 ----D---- C:\Users\Lukas\AppData\Roaming\Image Zone Express
2008-08-20 21:12:34 ----D---- C:\Users\Lukas\AppData\Roaming\HP
2008-08-20 21:12:34 ----D---- C:\ProgramData\WEBREG
2008-08-20 21:11:42 ----D---- C:\ProgramData\HPSSUPPLY
2008-08-20 21:09:12 ----D---- C:\Program Files\Hewlett-Packard
2008-08-20 21:09:12 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2008-08-20 21:08:53 ----D---- C:\Program Files\Common Files\HP
2008-08-20 20:52:32 ----D---- C:\Program Files\HP
2008-08-20 20:48:03 ----D---- C:\ProgramData\HP
2008-08-20 20:47:59 ----A---- C:\Windows\system32\hpzids01.dll
2008-08-20 20:47:58 ----A---- C:\Windows\system32\hpovst01.dll
2008-08-20 20:47:58 ----A---- C:\Windows\system32\hpotscl1.dll

======List of files/folders modified in the last 1 months======

2008-09-19 14:10:55 ----D---- C:\Windows\Temp
2008-09-19 13:47:59 ----D---- C:\Program Files\Mozilla Firefox
2008-09-19 05:22:56 ----SHD---- C:\System Volume Information
2008-09-18 22:33:12 ----D---- C:\Windows\System32
2008-09-18 22:33:12 ----D---- C:\Windows\inf
2008-09-18 22:33:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-09-18 21:23:58 ----RD---- C:\Program Files
2008-09-18 00:02:04 ----D---- C:\Windows\system32\catroot2
2008-09-17 22:30:48 ----AD---- C:\Windows
2008-09-16 14:51:59 ----D---- C:\Windows\Prefetch
2008-09-16 07:39:09 ----D---- C:\Windows\registration
2008-09-15 21:43:41 ----D---- C:\Windows\system32\uk-UA
2008-09-15 21:43:41 ----D---- C:\Windows\system32\tr-TR
2008-09-15 21:43:41 ----D---- C:\Windows\system32\th-TH
2008-09-15 21:43:41 ----D---- C:\Windows\system32\sv-SE
2008-09-15 21:43:41 ----D---- C:\Windows\system32\sr-Latn-CS
2008-09-15 21:43:41 ----D---- C:\Windows\system32\sl-SI
2008-09-15 21:43:41 ----D---- C:\Windows\system32\pt-PT
2008-09-15 21:43:41 ----D---- C:\Windows\system32\pt-BR
2008-09-15 21:43:41 ----D---- C:\Windows\system32\pl-PL
2008-09-15 21:43:41 ----D---- C:\Windows\system32\nl-NL
2008-09-15 21:43:41 ----D---- C:\Windows\system32\ko-KR
2008-09-15 21:43:41 ----D---- C:\Windows\system32\it-IT
2008-09-15 21:43:41 ----D---- C:\Windows\system32\hu-HU
2008-09-15 21:43:41 ----D---- C:\Windows\system32\hr-HR
2008-09-15 21:43:41 ----D---- C:\Windows\system32\he-IL
2008-09-15 21:43:41 ----D---- C:\Windows\system32\fr-FR
2008-09-15 21:43:41 ----D---- C:\Windows\system32\fi-FI
2008-09-15 21:43:41 ----D---- C:\Windows\system32\es-ES
2008-09-15 21:43:41 ----D---- C:\Windows\system32\el-GR
2008-09-15 21:43:41 ----D---- C:\Windows\system32\bg-BG
2008-09-15 21:43:40 ----D---- C:\Windows\system32\zh-TW
2008-09-15 21:43:40 ----D---- C:\Windows\system32\zh-CN
2008-09-15 21:43:40 ----D---- C:\Windows\system32\sk-SK
2008-09-15 21:43:40 ----D---- C:\Windows\system32\ru-RU
2008-09-15 21:43:40 ----D---- C:\Windows\system32\ro-RO
2008-09-15 21:43:40 ----D---- C:\Windows\system32\nb-NO
2008-09-15 21:43:40 ----D---- C:\Windows\system32\lv-LV
2008-09-15 21:43:40 ----D---- C:\Windows\system32\lt-LT
2008-09-15 21:43:40 ----D---- C:\Windows\system32\ja-JP
2008-09-15 21:43:40 ----D---- C:\Windows\system32\et-EE
2008-09-15 21:43:40 ----D---- C:\Windows\system32\en-US
2008-09-15 21:43:40 ----D---- C:\Windows\system32\de-DE
2008-09-15 21:43:40 ----D---- C:\Windows\system32\da-DK
2008-09-15 21:43:40 ----D---- C:\Windows\system32\cs-CZ
2008-09-15 21:43:40 ----D---- C:\Windows\system32\ar-SA
2008-09-15 20:20:09 ----D---- C:\Windows\winsxs
2008-09-15 20:19:47 ----D---- C:\Windows\system32\catroot
2008-09-15 20:13:59 ----SHD---- C:\Windows\Installer
2008-09-15 20:13:34 ----D---- C:\Program Files\TuneUp Utilities 2008
2008-09-15 19:36:25 ----RSD---- C:\Windows\assembly
2008-09-15 19:35:00 ----D---- C:\Windows\Logs
2008-09-15 19:32:58 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-09-13 19:05:06 ----D---- C:\Windows\pss
2008-09-13 00:07:58 ----D---- C:\Users\Lukas\AppData\Roaming\skypePM
2008-09-12 23:57:55 ----D---- C:\Users\Lukas\AppData\Roaming\Skype
2008-09-12 18:15:51 ----D---- C:\Windows\Tasks
2008-09-12 18:13:02 ----D---- C:\Windows\system32\Tasks
2008-09-12 16:59:17 ----HD---- C:\ProgramData
2008-09-12 16:52:31 ----D---- C:\Windows\system32\drivers
2008-09-12 16:49:36 ----D---- C:\DELL
2008-09-12 16:47:45 ----D---- C:\Program Files\Dell
2008-09-12 15:53:26 ----D---- C:\Windows\system32\wbem
2008-09-12 15:52:31 ----D---- C:\Windows\system32\config
2008-09-12 15:52:21 ----D---- C:\Windows\system32\spool
2008-09-10 18:36:48 ----D---- C:\Program Files\Common Files
2008-09-10 18:35:56 ----HD---- C:\Program Files\InstallShield Installation Information
2008-09-10 07:01:19 ----D---- C:\Windows\AppPatch
2008-09-09 16:50:12 ----D---- C:\Program Files\Microsoft Games
2008-09-09 14:37:27 ----SD---- C:\ProgramData\Microsoft
2008-09-08 21:35:41 ----RD---- C:\Users
2008-09-08 21:34:30 ----SD---- C:\Users\Lukas\AppData\Roaming\Microsoft
2008-09-08 16:22:52 ----D---- C:\Users\Lukas\AppData\Roaming\ICQ
2008-09-07 15:35:34 ----HD---- C:\Windows\system32\GroupPolicy
2008-09-07 12:54:22 ----D---- C:\Program Files\sfg
2008-09-05 23:19:00 ----RSD---- C:\Windows\Fonts
2008-09-05 03:02:15 ----D---- C:\Program Files\Common Files\microsoft shared
2008-09-04 21:26:19 ----A---- C:\Windows\ulead32.ini
2008-09-03 13:36:30 ----D---- C:\Windows\ShellNew
2008-09-03 13:34:42 ----D---- C:\Program Files\Microsoft Office
2008-09-03 13:29:34 ----D---- C:\Windows\system
2008-09-01 16:36:28 ----D---- C:\Program Files\Common Files\Nero
2008-09-01 16:36:26 ----D---- C:\ProgramData\Nero
2008-09-01 16:33:56 ----A---- C:\Windows\system32\MsiExec.exe.log
2008-09-01 16:16:33 ----D---- C:\Program Files\EA Sports
2008-08-31 20:02:52 ----A---- C:\Windows\NeroDigital.ini
2008-08-31 18:02:04 ----D---- C:\Program Files\Google
2008-08-31 17:22:00 ----D---- C:\Users\Lukas\AppData\Roaming\OpenOffice.org2
2008-08-27 22:34:24 ----A---- C:\Windows\win.ini
2008-08-27 22:33:18 ----D---- C:\Windows\twain_32
2008-08-27 21:29:39 ----D---- C:\Users\Lukas\AppData\Roaming\Google
2008-08-26 22:28:12 ----A---- C:\Windows\system32\mrt.exe
2008-08-25 19:49:12 ----D---- C:\Users\Lukas\AppData\Roaming\BitTorrent
2008-08-23 23:53:06 ----D---- C:\Program Files\Common Files\PX Storage Engine
2008-08-23 23:13:36 ----D---- C:\Windows\Downloaded Installations
2008-08-23 11:19:22 ----H---- C:\Windows\sysmf4.dll
2008-08-22 22:38:33 ----D---- C:\Windows\rescache
2008-08-22 20:54:54 ----D---- C:\Program Files\Common Files\InstallShield
2008-08-22 13:50:46 ----D---- C:\ProgramData\Apple Computer
2008-08-22 03:05:47 ----SHD---- C:\Boot
2008-08-21 18:03:12 ----A---- C:\crashAddress.txt
2008-08-20 20:54:11 ----D---- C:\Program Files\Ulead Systems

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2008-09-08 97928]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2008-09-08 26824]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-06-27 75072]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2008-07-16 24392]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2007-11-22 201320]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2007-07-13 125728]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R2 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files\HWiNFO32\HWiNFO32.SYS [2008-07-22 15976]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-03-11 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2008-03-11 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2008-03-11 38400]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2008-07-16 99648]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-03-11 164400]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-05-04 3548672]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2008-03-12 18424]
R3 BCM43XX;Treiber für Dell Wireless WLAN Karte; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-03-12 1205240]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 Dot4;MS IEEE-1284.4-Treiber; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
R3 Dot4Print;Druckerklassentreiber für IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2008-03-11 203264]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-03-14 374784]
R3 StillCam;Treiber für serielle Digitalkamera; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
R3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 AvgWfpX;AVG8 Firewall Driver x86; C:\Windows\System32\Drivers\avgwfpx.sys [2008-09-08 69128]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express-Netzwerkverbindungstreiber; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys []
S3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2007-11-22 79304]
S3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2007-11-22 35240]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2007-11-22 33832]
S3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2007-12-02 40488]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-05-04 3548672]
S3 RTL2831UBDA;REALTEK 2831U BDA Driver; C:\Windows\system32\drivers\RTL2831UBDA.sys [2007-04-13 62720]
S3 RTL2831UUSB;REALTEK 2831U USB Driver; C:\Windows\System32\Drivers\RTL2831UUSB.sys [2007-04-13 24064]
S3 usbaudio;USB-Audiotreiber (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-21 73088]
S3 VST_DPV;VST_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 VSTHWBS2;VSTHWBS2; C:\Windows\system32\DRIVERS\VSTBS23.SYS [2008-01-21 251904]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Planer; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-06-12 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-09-07 149761]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-05-04 667648]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-10-03 358936]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c204e27d\STacSV.exe [2008-03-14 221239]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2008-03-12 24064]
S2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe []
S2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe []
S2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe []
S2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe []
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe []
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2008-07-30 532264]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe []
S3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe []
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Messenger USN Journal Reader-Service für freigegebene Ordner; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c204e27d\aestsrv.exe [2008-03-14 73728]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040]
S4 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-09-08 875288]
S4 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-09-08 231704]
S4 Bonjour Service;Bonjour-Dienst; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
S4 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2006-08-11 200704]
S4 FolderSize;Folder Size; C:\Program Files\FolderSize\FolderSizeSvc.exe [2007-11-14 131072]
S4 GoogleDesktopManager-010708-104812;Google Desktop Manager 5.7.801.7324; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-07-14 29744]
S4 GoToAssist;GoToAssist; C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe [2008-07-14 16680]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-27 137200]
S4 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S4 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
S4 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
S4 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]
S4 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-03-11 202544]
S4 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-12-02 74384]
S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-03-13 49152]

-----------------EOF-----------------

Code:

info.txt logfile of random's system information tool 1.02 2008-09-19 14:09:34

======Uninstall list======

-->"C:\Program Files\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
3GP Movie Studio 1.0.1-->"C:\Program Files\Acon Digital Media\3GP Movie Studio\unins000.exe"
50 FREE MP3s +1 Free Audiobook!-->"C:\Program Files\Winamp\eMusic\Uninst-eMusic-promotion.exe"
7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81200000003}
Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log
Age of Empires III Trial-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C83F2952-4678-4F00-AB05-776658A8D0AE} 
ALFTP-->"C:\Program Files\ESTsoft\ALFTP\unins000.exe"
AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
Apple Mobile Device Support-->MsiExec.exe /I{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft TotalMedia 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14172CB3-0AA7-4276-8C74-8C0441336047}\Setup.exe" -l0x7 
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x7 
AVG 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
AVS DVDMenu Editor 1.2.1.19-->"C:\Program Files\Common Files\AVSMedia\AVS DVDMenu Editor\unins000.exe"
AVS Video Tools 5.6-->"C:\Program Files\AVSMedia\VideoTools\unins000.exe"
Bild-de Bildschirmschoner Bildschirmschoner-->C:\Windows\system32\Bild-de Bildschirmschoner.scr /u
Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Browser Address Error Redirector-->MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}
CamStudio-->C:\Program Files\CamStudio\uninstall.exe
Catalyst Control Center - Branding-->MsiExec.exe /I{4CA09BF7-1CFC-44B8-80EA-7B4D15D12DC5}
Cisco EAP-FAST Module-->MsiExec.exe /I{6D3963B0-E13B-4FC3-B0FF-506A304BB043}
Cisco LEAP Module-->MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560}
Cisco PEAP Module-->MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
Compatibility Pack für 2007 Office System-->MsiExec.exe /X{90120000-0020-0407-0000-0000000FF1CE}
Converter-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Converter\ST6UNST.LOG"  
Countdown Anytime-->C:\Programme\Countdown\SXUNINST.EXE
Dell Handbuch zum Einstieg-->MsiExec.exe /I{FD023F61-65E9-465C-B558-7C64EB2B97E6}
Dell Resource CD-->MsiExec.exe /X{42929F0F-CE14-47AF-9FC7-FF297A603021}
Dell Support Center-->MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
Dell Touchpad-->C:\Program Files\DellTPad\Uninstap.exe ADDREMOVE
Dell Video Chat (remove only)-->C:\Program Files\Dell Video Chat\uninst.exe
Desert Storm-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FB2CE8C-E86C-4368-B3C9-F472898F926E}\Setup.exe" -l0x7 
Die Siedler - Aufbruch der Kulturen-->"C:\Program Files\Ubisoft\Die Siedler - Aufbruch der Kulturen\uninstall.exe"
Die Sims - Megastar-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1A7F8DF6-5A3E-4CDF-BC82-BE26B407E21B}\Setup.exe"  -l0007
Dienstprogramm für Dell Wireless WLAN Karte-->"C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\Dell Wireless WLAN Card"
DigitalTV-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C19DBE5E-712E-4F02-8380-ECEDD951B374}\setup.exe" -l0x7 
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
doPDF 6.1  printer-->"C:\Program Files\Softland\doPDF 6\unins000.exe"
DVD-lab 1.3.1-->"C:\Program Files\DVDlab\unins000.exe"
E.M. DVD Copy 2.30-->"C:\Program Files\E.M. DVD Copy\unins000.exe"
EasyBCD 1.7.2-->C:\Program Files\NeoSmart Technologies\EasyBCD\uninstall.exe
EDocs-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}\setup.exe" 
Eraser-->"C:\ProgramData\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}\EraserSetup32.exe" REMOVE=TRUE MODIFY=FALSE
Eraser-->C:\ProgramData\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}\EraserSetup32.exe
FIFA 08-->MsiExec.exe /X{0A2A5039-B37F-489D-B1DC-A5258DF9E697}
Firstload Ikarus-->C:\Program Files\Verimount\FirstloadIkarus\Uninstall.exe
FLV Player 2.0, build 24-->C:\Program Files\FLV Player\uninst.exe
Folder Size for Windows-->MsiExec.exe /I{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}
FoxyTunes for Firefox-->"C:\Program Files\Mozilla Firefox\firefox.exe" -chrome chrome://foxytunes/content/extras/uninstallExtension.xul
FTP Commander-->C:\Program Files\FTP Commander\uninstall.exe
FUSSBALL MANAGER 07-->C:\Program Files\EA SPORTS\FUSSBALL MANAGER 07\EAUninstall.exe
GameShadow-->MsiExec.exe /I{5A2F371F-8B5D-46B4-833C-0612B065BEC7}
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth Pro-->MsiExec.exe /X{14630FF9-172D-4F71-85D2-E565FF92B2A5}
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Gears-->MsiExec.exe /I{552171BC-30F8-3B29-9C4F-E3FE590B7CAC}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
GoToAssist 8.0.0.514-->C:\Program Files\Citrix\GoToAssist\514\G2AUninstaller.exe /uninstall
Grewe Scanner-Interface 3.0-->"C:\Program Files\Grewe\Scanner-Interface\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Customer Participation Program 8.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 8.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 8.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B-->C:\Program Files\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzscr01.exe -datfile hposcr19.dat -onestop -showdisconnect -forcereboot
HP Solution Center 8.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HPSSupply-->MsiExec.exe /X{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
HWiNFO32 Version 2.20-->"C:\Program Files\HWiNFO32\unins000.exe"
HyperCam 2-->"C:\Program Files\HyCam2\UnHyCam2.exe"
ICQ6-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
iDump (Backing up your iPod)-->C:\Program Files\iDump\uninstall.exe
InfraRecorder-->C:\Program Files\InfraRecorder\uninstall.exe
Intel(R) Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
InterVideo DeviceService-->MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
IsoBuster 2.4-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
ITECIR Driver-->C:\Program Files\InstallShield Installation Information\{FCED9B62-34FF-4C15-8A23-F65221F7874D}\setup.exe -runfromtemp -l0x0007 -removeonly
iTunes-->MsiExec.exe /I{3DE0053C-FD9A-483E-B7C9-B06E4392206E}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
JGoodies JDiskReport 1.3.1-->"C:\Program Files\JGoodies\JDiskReport 1.3.1\uninstall.exe"
LEGO Star Wars-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{E914A24F-2412-4374-B420-86D21D6D444A} 
MediaDirect-->C:\Program Files\InstallShield Installation Information\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}\setup.exe -runfromtemp -l0x0007 -cluninstall
Microsoft Office PowerPoint Viewer 2007 (German)-->MsiExec.exe /X{95120000-00AF-0407-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110407-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{39D0E034-1042-4905-BECB-5502909FCB7C}
MinuteMan-->C:\Windows\uninst.exe -f"C:\Program Files\MinMan\DeIsL1.isu"  -c"C:\Program Files\MinMan\_ISREG32.DLL"
Movavi VideoSuite 5-->MsiExec.exe /I{7BE667F1-6643-4469-A830-6C360B1A036F}
Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.16)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OpenOffice.org 2.4-->MsiExec.exe /I{CCD90636-D97D-4130-A44A-3AD4E63B9220}
PDFDrucker sponsored by ebuero-->"C:\Program Files\PDFDrucker\unins000.exe"
phase6_19-->MsiExec.exe /X{65D70656-D248-4C83-B594-E3029C43B37A}
PPLive 1.9-->C:\Program Files\PPLive\uninst.exe
QuickSet-->MsiExec.exe /I{C4972073-2BFE-475D-8441-564EA97DA161}
QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
REALTEK DVB-T USB DEVICE-->C:\Program Files\InstallShield Installation Information\{19EEBA23-580F-442A-9D53-D2B874630EEA}\setup.exe -runfromtemp -l0x0007 -removeonly
Recuva (remove only)-->"G:\Recuva\uninst.exe"
RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
Roxio Creator Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
Roxio Creator Copy-->MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
Roxio Creator Data-->MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693}
Roxio Creator DE-->C:\ProgramData\Uninstall\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}\setup.exe /x {09760D42-E223-42AD-8C3E-55B47D0DDAC3}
Roxio Creator DE-->MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB}
Roxio Creator Tools-->MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Secure Eraser v2.2-->"C:\Program Files\ASCOMP Software\Secure Eraser\unins000.exe"
SimilarImages-->"C:\Program Files\SimilarImages\Uninstall.exe"
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SmartFTP Client 3.0 Setup Files (remove only)-->C:\Program Files\SmartFTP Client 3.0 Setup Files\uninst-sftp.exe
StarOffice 8-->MsiExec.exe /I{9FE15B75-8AD9-4A6F-A57A-7E7C03C4CBEB}
Stronghold Crusader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8C3727F2-8E37-49E4-820C-03B1677F53B6}\Setup.exe" 
Stronghold Legends-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66A405D2-BA14-4594-BF36-B3B544F0754E}\setup.exe" -l0x7  -removeonly
Sumatra PDF reader-->"C:\Program Files\SumatraPDF\uninstall.exe"
The Italian Job-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B58561BB-0425-458C-B9C4-44618814BA70}\Setup.exe" -l0x7 
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
Ulead DVD MovieFactory 6 TBYB-->C:\Program Files\InstallShield Installation Information\{CCC4E428-411E-4605-B515-317D50ABD477}\setup.exe -runfromtemp -l0x0407
Ulead DVD Player 2.0 Trial-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E5C13A44-7C32-4CBB-B318-518B54F834C5}\setup.exe" -l0x7 
Ulead FilmBrennerei 4.0 Deluxe Testversion-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{448AB2CB-C94A-47DE-80B8-9D7824DEFA57}\setup.exe" -l0x7 
Usenet.to-->"C:\Program Files\Usenet.to\unins000.exe"
VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
VideoLAN VLC media player 0.8.6i-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Live installer-->MsiExec.exe /X{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}
Windows Live Messenger-->MsiExec.exe /X{2B091530-69AA-442E-AB09-39ED06B58220}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinSCP 4.1.6-->"C:\Program Files\WinSCP\unins000.exe"
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
ZW Net Send Manager (NSM) 2.0-->"C:\Program Files\ZW Net Send Manager (NSM)\unins000.exe"

======Security center information======

AV: AVG Anti-Virus
AS: AVG Anti-Virus (disabled)

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\10.0\DLLShared\;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Smart Projects\IsoBuster
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

-----------------EOF-----------------

[Petra]

Hast Du McAfee (die Ordner) gelöscht oder ordentlich über Systemsteuerung => Software deinstalliert?

[conte]

Hast Du McAfee (die Ordner) gelöscht oder ordentlich über Systemsteuerung => Software deinstalliert?

erst über software, dann der ordner, der noch bestand

Hier die scanlist von punkt 3

[code]

Code:

 
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
                        º                                    º 
                                    hjtscanlist v2.0              
                        º                                    º 
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 

Microsoft Windows [Version 6.0.6001]
 
 
C:

  19.09.2008 14:09     C:\rsit --------- 0   
  19.09.2008 05:22     C:\System Volume Information --------- 20480   
       C:\hiberfil.sys ---------    
       C:\pagefile.sys ---------    
  18.09.2008 21:23     C:\Program Files --------- 32768   
  17.09.2008 22:30     C:\Windows --------- 32768   
  17.09.2008 22:30     C:\IO.SYS --------- 0   
  17.09.2008 22:30     C:\MSDOS.SYS --------- 0   
  17.09.2008 22:30     C:\WebCD --------- 0   
  15.09.2008 21:44     C:\Config.Msi --------- 0   
  12.09.2008 16:59     C:\ProgramData --------- 8192   
  12.09.2008 16:49     C:\DELL --------- 8192   
  10.09.2008 18:25     C:\USB_Digital-TV_Receiver --------- 4096   
  10.09.2008 13:41     C:\$AVG8.VAULT$ --------- 0   
  08.09.2008 21:35     C:\Users --------- 20480   
  07.09.2008 15:15     C:\Downloads --------- 4096   
  03.09.2008 13:29     C:\MSOCache --------- 0   
  01.09.2008 16:14     C:\config.sys --------- 10   
  01.09.2008 16:14     C:\ubuntu-backup --------- 0   
  29.08.2008 21:52     C:\Bild-de BildschirmschonerTrace.txt --------- 230   
  22.08.2008 03:05     C:\Boot --------- 4096   
  21.08.2008 18:03     C:\crashAddress.txt --------- 10748   
  07.08.2008 22:39     C:\test.log --------- 54178   
  02.08.2008 15:46     C:\$Recycle.Bin --------- 4096   
  17.07.2008 20:00     C:\Programme --------- 0   
  17.07.2008 20:00     C:\Dokumente und Einstellungen --------- 0   
  15.07.2008 00:39     C:\dell.sdr --------- 4190   
  15.07.2008 00:34     C:\Drivers --------- 0   
  15.07.2008 00:33     C:\doctemp --------- 0   
  21.01.2008 04:32     C:\PerfLogs --------- 0   
  21.01.2008 04:24     C:\bootmgr --------- 333203   
  18.09.2006 23:43     C:\autoexec.bat --------- 24   
  10.01.2005 16:44     C:\Launcher.ini --------- 2062   
----------------------------------------

 
C:\Windows

  19.09.2008 13:47     C:\Windows\ntbtlog.txt --------- 895624   
  19.09.2008 08:44     C:\Windows\bootstat.dat --------- 67584   
  19.09.2008 05:23     C:\Windows\WindowsUpdate.log --------- 1620168   
  18.09.2008 19:47     C:\Windows\PFRO.log --------- 8270   
  16.09.2008 21:44     C:\Windows\setupact.log --------- 784   
  16.09.2008 14:51     C:\Windows\comsetup.log --------- 489   
  12.09.2008 16:52     C:\Windows\DPINST.LOG --------- 53944   
  04.09.2008 22:22     C:\Windows\ODBC.INI --------- 400   
  04.09.2008 21:26     C:\Windows\ulead32.ini --------- 196   
  31.08.2008 20:02     C:\Windows\NeroDigital.ini --------- 69   
  31.08.2008 15:02     C:\Windows\Paul_Potts_-_Nessun_Dorma.mp3 --------- 5613696   
  28.08.2008 22:48     C:\Windows\Carry_It_Easy-v1.6.1.7.INI --------- 36   
  27.08.2008 22:34     C:\Windows\win.ini --------- 215   
  23.08.2008 11:19     C:\Windows\sysmf4.dll --------- 25   
  23.08.2008 11:19     C:\Windows\minghon.lai --------- 25   
  22.08.2008 23:44     C:\Windows\MEMORY.DMP --------- 250395765   
  22.08.2008 03:00     C:\Windows\msxml4-KB941833-enu.LOG --------- 267810   
  20.08.2008 22:52     C:\Windows\msxml4-KB936181-enu.LOG --------- 265950   
  20.08.2008 21:13     C:\Windows\hpoins19.dat --------- 164276   
  17.08.2008 18:20     C:\Windows\IniFile1.ini --------- 60   
  17.08.2008 17:16     C:\Windows\Setup1.exe --------- 249856   
  17.08.2008 17:16     C:\Windows\ST6UNST.EXE --------- 73216   
  29.07.2008 17:24     C:\Windows\BGInfo.bmp --------- 4096054   
  25.07.2008 19:15     C:\Windows\eReg.dat --------- 1111   
  17.07.2008 21:36     C:\Windows\nsreg.dat --------- 0   
  15.07.2008 00:39     C:\Windows\csup.txt --------- 12   
  14.07.2008 16:45     C:\Windows\ativpsrm.bin --------- 0   
  14.07.2008 15:56     C:\Windows\ocsetup_install_OEMHelpCustomization.etl --------- 26804224   
  14.07.2008 15:56     C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.perf --------- 196608   
  14.07.2008 15:56     C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.dpx --------- 65536   
  04.05.2008 10:42     C:\Windows\atiogl.xml --------- 12477   
  21.01.2008 04:43     C:\Windows\WindowsShell.Manifest --------- 749   
  21.01.2008 04:24     C:\Windows\regedit.exe --------- 134656   
  21.01.2008 04:24     C:\Windows\bfsvc.exe --------- 58880   
  21.01.2008 04:24     C:\Windows\fveupdate.exe --------- 13312   
  21.01.2008 04:24     C:\Windows\explorer.exe --------- 2927104   
  21.01.2008 04:24     C:\Windows\HelpPane.exe --------- 498176   
  21.01.2008 04:23     C:\Windows\notepad.exe --------- 151040   
  13.03.2007 21:50     C:\Windows\hpomdl19.dat --------- 26952   
  27.02.2007 19:36     C:\Windows\WMSysPr8.prx --------- 156910   
  02.01.2007 17:27     C:\Windows\Twunk_16.dll --------- 12288   
  02.01.2007 17:27     C:\Windows\Twunk_32.dll --------- 12288   
  02.11.2006 14:52     C:\Windows\setuperr.log --------- 0   
  02.11.2006 14:47     C:\Windows\SETUPAPI.LOG --------- 94   
  02.11.2006 14:35     C:\Windows\WMSysPr9.prx --------- 316640   
  02.11.2006 14:34     C:\Windows\twunk_16.exe --------- 49680   
  02.11.2006 14:34     C:\Windows\twain_32.dll --------- 50688   
  02.11.2006 14:34     C:\Windows\twunk_32.exe --------- 31232   
  02.11.2006 14:34     C:\Windows\twain.dll --------- 94784   
  02.11.2006 11:45     C:\Windows\winhlp32.exe --------- 9216   
  02.11.2006 11:45     C:\Windows\hh.exe --------- 14848   
  02.11.2006 09:46     C:\Windows\mib.bin --------- 43131   
  07.10.2006 17:43     C:\Windows\x2.64.exe --------- 502784   
  19.09.2006 13:41     C:\Windows\HomePremium.xml --------- 8328   
  18.09.2006 23:46     C:\Windows\system.ini --------- 219   
  18.09.2006 23:43     C:\Windows\_default.pif --------- 707   
  18.09.2006 23:43     C:\Windows\winhelp.exe --------- 256192   
  18.09.2006 23:30     C:\Windows\msdfmap.ini --------- 1405   
  12.04.2006 09:47     C:\Windows\meta4.exe --------- 217073   
  05.04.2006 08:09     C:\Windows\MOTA113.exe --------- 66560   
  10.07.2003 00:07     C:\Windows\dvdrgn.exe --------- 57344   
  29.08.2002 18:41     C:\Windows\msvcp60.dll --------- 401462   
  17.03.2002 02:00     C:\Windows\amf4gtr --------- 7420   
  07.04.2000 11:10     C:\Windows\msvcrt.dll --------- 278581   
  06.02.1998 22:37     C:\Windows\uninst.exe --------- 299520   
----------------------------------------

 
C:\Windows\System

 02.11.2006 14:34      C:\Windows\System\mciseq.drv --------- 25264 
 02.11.2006 14:34      C:\Windows\System\mciwave.drv --------- 28160 
 02.11.2006 14:34      C:\Windows\System\avifile.dll --------- 109456 
 02.11.2006 14:34      C:\Windows\System\avicap.dll --------- 69584 
 02.11.2006 14:34      C:\Windows\System\mciavi.drv --------- 73376 
 02.11.2006 14:34      C:\Windows\System\msvideo.dll --------- 126912 
 02.11.2006 09:10      C:\Windows\System\OLESVR.DLL --------- 24064 
 02.11.2006 09:10      C:\Windows\System\WFWNET.DRV --------- 12704 
 02.11.2006 09:10      C:\Windows\System\COMMDLG.DLL --------- 32816 
 02.11.2006 09:10      C:\Windows\System\TIMER.DRV --------- 4048 
 02.11.2006 09:10      C:\Windows\System\MMSYSTEM.DLL --------- 68992 
 02.11.2006 09:10      C:\Windows\System\mmtask.tsk --------- 1152 
 02.11.2006 09:10      C:\Windows\System\mouse.drv --------- 2032 
 02.11.2006 09:10      C:\Windows\System\vga.drv --------- 2176 
 02.11.2006 09:10      C:\Windows\System\sound.drv --------- 1744 
 02.11.2006 09:10      C:\Windows\System\keyboard.drv --------- 2000 
 02.11.2006 09:10      C:\Windows\System\SHELL.DLL --------- 5120 
 02.11.2006 09:10      C:\Windows\System\system.drv --------- 3360 
 18.09.2006 23:43      C:\Windows\System\ver.dll --------- 9008 
 18.09.2006 23:43      C:\Windows\System\olecli.dll --------- 82944 
 18.09.2006 23:43      C:\Windows\System\lzexpand.dll --------- 9936 
 18.09.2006 23:35      C:\Windows\System\stdole.tlb --------- 5532 
----------------------------------------

 
C:\Windows\System32

 19.09.2008 12:44     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3616  
 19.09.2008 12:44     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3616  
 18.09.2008 22:33     C:\Windows\system32\perfh009.dat --------- 587178  
 18.09.2008 22:33     C:\Windows\system32\perfc009.dat --------- 101250  
 18.09.2008 22:33     C:\Windows\system32\perfh007.dat --------- 618442  
 18.09.2008 22:33     C:\Windows\system32\perfc007.dat --------- 122842  
 18.09.2008 22:33     C:\Windows\system32\PerfStringBackup.INI --------- 1418806  
 18.09.2008 22:27     C:\Windows\system32\schedlog.txt --------- 1591  
 18.09.2008 22:27     C:\Windows\system32\umstartup.etl --------- 49152  
 18.09.2008 22:13     C:\Windows\system32\umstartup000.etl --------- 70656  
 18.09.2008 00:02     C:\Windows\system32\catroot2 --------- 4096  
 15.09.2008 21:43     C:\Windows\system32\bg-BG --------- 0  
 15.09.2008 21:43     C:\Windows\system32\pt-BR --------- 0  
 15.09.2008 21:43     C:\Windows\system32\it-IT --------- 0  
 15.09.2008 21:43     C:\Windows\system32\he-IL --------- 0  
 15.09.2008 21:43     C:\Windows\system32\pt-PT --------- 0  
 15.09.2008 21:43     C:\Windows\system32\pl-PL --------- 0  
 15.09.2008 21:43     C:\Windows\system32\uk-UA --------- 0  
 15.09.2008 21:43     C:\Windows\system32\ko-KR --------- 0  
 15.09.2008 21:43     C:\Windows\system32\hr-HR --------- 0  
 15.09.2008 21:43     C:\Windows\system32\hu-HU --------- 0  
 15.09.2008 21:43     C:\Windows\system32\sl-SI --------- 0  
 15.09.2008 21:43     C:\Windows\system32\el-GR --------- 0  
 15.09.2008 21:43     C:\Windows\system32\nl-NL --------- 0  
 15.09.2008 21:43     C:\Windows\system32\fr-FR --------- 0  
 15.09.2008 21:43     C:\Windows\system32\fi-FI --------- 0  
 15.09.2008 21:43     C:\Windows\system32\sr-Latn-CS --------- 0  
 15.09.2008 21:43     C:\Windows\system32\tr-TR --------- 0  
 15.09.2008 21:43     C:\Windows\system32\th-TH --------- 0  
 15.09.2008 21:43     C:\Windows\system32\sv-SE --------- 0  
 15.09.2008 21:43     C:\Windows\system32\es-ES --------- 0  
 15.09.2008 21:43     C:\Windows\system32\lv-LV --------- 0  
 15.09.2008 21:43     C:\Windows\system32\lt-LT --------- 0  
 15.09.2008 21:43     C:\Windows\system32\zh-TW --------- 0  
 15.09.2008 21:43     C:\Windows\system32\sk-SK --------- 0  
 15.09.2008 21:43     C:\Windows\system32\et-EE --------- 0  
 15.09.2008 21:43     C:\Windows\system32\de-DE --------- 262144  
 15.09.2008 21:43     C:\Windows\system32\cs-CZ --------- 0  
 15.09.2008 21:43     C:\Windows\system32\zh-CN --------- 0  
 15.09.2008 21:43     C:\Windows\system32\ja-JP --------- 0  
 15.09.2008 21:43     C:\Windows\system32\ar-SA --------- 0  
 15.09.2008 21:43     C:\Windows\system32\ro-RO --------- 0  
 15.09.2008 21:43     C:\Windows\system32\ru-RU --------- 0  
 15.09.2008 21:43     C:\Windows\system32\nb-NO --------- 0  
 15.09.2008 21:43     C:\Windows\system32\da-DK --------- 0  
 15.09.2008 21:43     C:\Windows\system32\en-US --------- 4096  
 15.09.2008 20:19     C:\Windows\system32\catroot --------- 4096  
 12.09.2008 18:13     C:\Windows\system32\Tasks --------- 0  
 12.09.2008 16:52     C:\Windows\system32\drivers --------- 65536  
 12.09.2008 16:47     C:\Windows\system32\vmm32 --------- 0  
 12.09.2008 15:53     C:\Windows\system32\wbem --------- 65536  
 12.09.2008 15:52     C:\Windows\system32\config --------- 16384  
 12.09.2008 15:52     C:\Windows\system32\spool --------- 4096  
 08.09.2008 21:35     C:\Windows\system32\avgrsstx.dll --------- 10520  
 07.09.2008 15:35     C:\Windows\system32\GroupPolicy --------- 0  
 07.09.2008 12:52     C:\Windows\system32\MPFServiceFailureCount.txt --------- 27  
 07.09.2008 12:42     C:\Windows\system32\Config.MPF --------- 9515  
 07.09.2008 00:15     C:\Windows\system32\FNTCACHE.DAT --------- 400928  
 05.09.2008 03:12     C:\Windows\system32\null --------- 0  
 01.09.2008 16:33     C:\Windows\system32\MsiExec.exe.log --------- 188  
 29.08.2008 21:51     C:\Windows\system32\Bild-de Bildschirmschoner dir --------- 0  
 29.08.2008 21:51     C:\Windows\system32\Bild-de Bildschirmschoner.scr --------- 520192  
 26.08.2008 22:28     C:\Windows\system32\mrt.exe --------- 16208504  
 21.08.2008 21:26     C:\Windows\system32\bosskey.ini --------- 177  
 19.08.2008 14:17     C:\Windows\system32\Adobe --------- 0  
 18.08.2008 18:36     C:\Windows\system32\WDI --------- 8192  
 17.08.2008 14:02     C:\Windows\system32\MSWINSCK.OCX --------- 124688  
 13.08.2008 15:40     C:\Windows\system32\migration --------- 4096  
 05.08.2008 12:47     C:\Windows\system32\LogFiles --------- 4096  
 02.08.2008 05:26     C:\Windows\system32\cdd.dll --------- 36864  
 01.08.2008 17:22     C:\Windows\system32\Msdtc --------- 4096  
 31.07.2008 05:32     C:\Windows\system32\Apphlpdm.dll --------- 28160  
 31.07.2008 03:13     C:\Windows\system32\GameUXLegacyGDFs.dll --------- 4240384  
 25.07.2008 10:36     C:\Windows\system32\DivXsm.exe --------- 524288  
 25.07.2008 10:36     C:\Windows\system32\divxsm.tlb --------- 4816  
 25.07.2008 10:34     C:\Windows\system32\dpl100.dll --------- 81920  
 25.07.2008 10:34     C:\Windows\system32\dtu100.dll --------- 196608  
 25.07.2008 10:34     C:\Windows\system32\dpuGUI10.dll --------- 53248  
 25.07.2008 10:34     C:\Windows\system32\dpv11.dll --------- 57344  
 25.07.2008 10:34     C:\Windows\system32\dpu11.dll --------- 294912  
 25.07.2008 10:34     C:\Windows\system32\dpuGUI11.dll --------- 593920  
 25.07.2008 10:34     C:\Windows\system32\dpus11.dll --------- 344064  
 25.07.2008 10:34     C:\Windows\system32\dpu10.dll --------- 294912  
 25.07.2008 10:34     C:\Windows\system32\divx_xx07.dll --------- 823296  
 25.07.2008 10:34     C:\Windows\system32\divx_xx11.dll --------- 802816  
 25.07.2008 10:34     C:\Windows\system32\divx_xx0c.dll --------- 823296  
 25.07.2008 10:34     C:\Windows\system32\divx_xx0a.dll --------- 815104  
 25.07.2008 10:34     C:\Windows\system32\DivX.dll --------- 683520  
 25.07.2008 10:34     C:\Windows\system32\DivXCodecVersionChecker.exe --------- 161096  
 23.07.2008 18:50     C:\Windows\system32\dsm_de.qm --------- 10152  
 23.07.2008 18:50     C:\Windows\system32\qt-dx331.dll --------- 3596288  
 23.07.2008 18:50     C:\Windows\system32\pxmas.dll --------- 187128  
 23.07.2008 18:50     C:\Windows\system32\pxhpinst.exe --------- 72440  
 23.07.2008 18:50     C:\Windows\system32\pxdrv.dll --------- 518904  
 23.07.2008 18:50     C:\Windows\system32\pxsfs.dll --------- 1628920  
 23.07.2008 18:50     C:\Windows\system32\pxwave.dll --------- 379640  
 23.07.2008 18:50     C:\Windows\system32\pxcpya64.exe --------- 66296  
 23.07.2008 18:50     C:\Windows\system32\px.dll --------- 551672  
 23.07.2008 18:50     C:\Windows\system32\vxblock.dll --------- 88824  
 23.07.2008 18:50     C:\Windows\system32\pxinsa64.exe --------- 64760  
----------------------------------------

 
C:\Windows\Prefetch

 19.09.2008 14:01     C:\Windows\Prefetch\AgGlFgAppHistory.db --------- 704431  
 19.09.2008 14:01     C:\Windows\Prefetch\AgGlFaultHistory.db --------- 282493  
 19.09.2008 14:01     C:\Windows\Prefetch\AgGlGlobalHistory.db --------- 2087198  
 19.09.2008 14:01     C:\Windows\Prefetch\AgRobust.db --------- 482984  
 19.09.2008 13:34     C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-1371751344-2137149050-2905294828-1000.db --------- 594597  
 19.09.2008 13:34     C:\Windows\Prefetch\AgGlUAD_S-1-5-21-1371751344-2137149050-2905294828-1000.db --------- 2031354  
 19.09.2008 08:45     C:\Windows\Prefetch\AgCx_SC1.db --------- 573624  
 19.09.2008 08:44     C:\Windows\Prefetch\AgCx_SC1.db.trx --------- 86276  
 18.09.2008 22:28     C:\Windows\Prefetch\ReadyBoot --------- 4096  
 18.09.2008 22:13     C:\Windows\Prefetch\PfSvPerfStats.bin --------- 508  
 18.09.2008 19:59     C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf --------- 3701508  
 18.09.2008 14:22     C:\Windows\Prefetch\LOGONUI.EXE-F639BD7E.pf --------- 38944  
 18.09.2008 14:22     C:\Windows\Prefetch\DLLHOST.EXE-4B6CB38A.pf --------- 17140  
 18.09.2008 14:21     C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-44162447.pf --------- 19246  
 18.09.2008 14:21     C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-69C456C3.pf --------- 23192  
 18.09.2008 14:21     C:\Windows\Prefetch\AVWSC.EXE-8DC31D15.pf --------- 33760  
 18.09.2008 14:20     C:\Windows\Prefetch\DRVINST.EXE-39D9EAC7.pf --------- 144396  
 18.09.2008 14:14     C:\Windows\Prefetch\FIREFOX.EXE-66015FD1.pf --------- 189088  
 18.09.2008 14:13     C:\Windows\Prefetch\MMLOADDRV.EXE-AE8CA911.pf --------- 30756  
 18.09.2008 14:12     C:\Windows\Prefetch\DSC.EXE-1E1AE994.pf --------- 73904  
 18.09.2008 14:12     C:\Windows\Prefetch\WERMGR.EXE-F439C551.pf --------- 21426  
 18.09.2008 14:12     C:\Windows\Prefetch\CCC.EXE-701D85C1.pf --------- 129604  
 18.09.2008 14:12     C:\Windows\Prefetch\WMIPRVSE.EXE-E8B8DD29.pf --------- 54352  
 18.09.2008 14:12     C:\Windows\Prefetch\VERCLSID.EXE-AB0FD091.pf --------- 18094  
 18.09.2008 14:11     C:\Windows\Prefetch\EXPLORER.EXE-D5E97654.pf --------- 447546  
 18.09.2008 14:11     C:\Windows\Prefetch\DWM.EXE-314E93C5.pf --------- 31346  
 18.09.2008 14:11     C:\Windows\Prefetch\USERINIT.EXE-5114915C.pf --------- 15434  
 18.09.2008 14:11     C:\Windows\Prefetch\MPCMDRUN.EXE-2C9109F9.pf --------- 23190  
 18.09.2008 14:11     C:\Windows\Prefetch\DLLHOST.EXE-6389524F.pf --------- 30816  
 18.09.2008 14:11     C:\Windows\Prefetch\ATBROKER.EXE-5CD29207.pf --------- 12532  
 18.09.2008 14:11     C:\Windows\Prefetch\MPNOTIFY.EXE-B290F693.pf --------- 38760  
 18.09.2008 13:55     C:\Windows\Prefetch\WMIADAP.EXE-BB21CD77.pf --------- 18738  
 18.09.2008 13:46     C:\Windows\Prefetch\NOTEPAD.EXE-C5670914.pf --------- 29232  
 18.09.2008 13:43     C:\Windows\Prefetch\CONIME.EXE-7C90FA24.pf --------- 10898  
 18.09.2008 13:40     C:\Windows\Prefetch\MOBSYNC.EXE-B307E1CC.pf --------- 26432  
 18.09.2008 07:39     C:\Windows\Prefetch\THUNDERBIRD.EXE-B44509A1.pf --------- 128302  
 18.09.2008 07:27     C:\Windows\Prefetch\CONTROL.EXE-6EA5489A.pf --------- 28926  
 18.09.2008 07:06     C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-766EFF52.pf --------- 34846  
 17.09.2008 23:24     C:\Windows\Prefetch\TOTALMEDIA.EXE-2DE29648.pf --------- 183190  
 17.09.2008 22:23     C:\Windows\Prefetch\ACRORD32INFO.EXE-881F0182.pf --------- 92204  
 17.09.2008 22:22     C:\Windows\Prefetch\ACRORD32.EXE-3302324E.pf --------- 94504  
 17.09.2008 20:36     C:\Windows\Prefetch\WINWORD.EXE-D0290961.pf --------- 152556  
 17.09.2008 15:13     C:\Windows\Prefetch\PREUPD.EXE-F6823499.pf --------- 32116  
 17.09.2008 06:54     C:\Windows\Prefetch\MPAS-D.EXE-BAAEB6D7.pf --------- 31914  
 17.09.2008 06:54     C:\Windows\Prefetch\WUAUCLT.EXE-5D573F0E.pf --------- 35374  
 17.09.2008 06:54     C:\Windows\Prefetch\SVCHOST.EXE-6A249820.pf --------- 22532  
 17.09.2008 06:54     C:\Windows\Prefetch\VSSVC.EXE-6C8F0C66.pf --------- 132616  
 16.09.2008 22:03     C:\Windows\Prefetch\TMMONITOR.EXE-60165421.pf --------- 48822  
 16.09.2008 16:47     C:\Windows\Prefetch\IEXPLORE.EXE-058FE8F5.pf --------- 165510  
 16.09.2008 15:13     C:\Windows\Prefetch\AVNOTIFY.EXE-9F940929.pf --------- 76922  
 16.09.2008 15:13     C:\Windows\Prefetch\UPDATE.EXE-C05532C8.pf --------- 104788  
 16.09.2008 14:51     C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-1371751344-2137149050-2905294828-1003.db --------- 202930  
 16.09.2008 14:51     C:\Windows\Prefetch\AgGlUAD_S-1-5-21-1371751344-2137149050-2905294828-1003.db --------- 88690  
 16.09.2008 14:51     C:\Windows\Prefetch\AgCx_S2_S-1-5-21-1371751344-2137149050-2905294828-1003.snp.db --------- 3262662  
 16.09.2008 12:07     C:\Windows\Prefetch\WERCON.EXE-C87ACD13.pf --------- 56906  
 16.09.2008 07:33     C:\Windows\Prefetch\MSIEXEC.EXE-8FFB1633.pf --------- 314648  
 16.09.2008 07:28     C:\Windows\Prefetch\APNTEX.EXE-58265C25.pf --------- 1450  
 15.09.2008 22:34     C:\Windows\Prefetch\TASKMGR.EXE-4C8500BA.pf --------- 107212  
 15.09.2008 22:17     C:\Windows\Prefetch\TIJ.EXE-8C3C58DB.pf --------- 177442  
 15.09.2008 22:17     C:\Windows\Prefetch\WERFAULT.EXE-155C56CF.pf --------- 109096  
 15.09.2008 22:17     C:\Windows\Prefetch\INTEGRATOR.EXE-A250DB11.pf --------- 90958  
 15.09.2008 20:09     C:\Windows\Prefetch\SNDVOL.EXE-425BC49B.pf --------- 31462  
 15.09.2008 20:05     C:\Windows\Prefetch\CMD.EXE-0BD30981.pf --------- 8708  
 15.09.2008 15:14     C:\Windows\Prefetch\ICQ.EXE-78BD93AB.pf --------- 388590  
 15.09.2008 15:13     C:\Windows\Prefetch\REGSVR32.EXE-B31EC963.pf --------- 40306  
 14.09.2008 21:59     C:\Windows\Prefetch\STG072.EXE-5D0C9783.pf --------- 182878  
 14.09.2008 21:46     C:\Windows\Prefetch\SOFTWAREUPDATE.EXE-9B2A9FD1.pf --------- 84774  
 14.09.2008 21:46     C:\Windows\Prefetch\DLLHOST.EXE-6BFBE41F.pf --------- 22750  
 14.09.2008 21:41     C:\Windows\Prefetch\ITUNES.EXE-4FE7BA9B.pf --------- 149040  
 14.09.2008 03:43     C:\Windows\Prefetch\AVSCAN.EXE-A07135D5.pf --------- 119072  
 14.09.2008 03:08     C:\Windows\Prefetch\STG030.EXE-A0975D85.pf --------- 111206  
 14.09.2008 02:31     C:\Windows\Prefetch\GOM.EXE-AC638398.pf --------- 161786  
 14.09.2008 02:21     C:\Windows\Prefetch\MPSIGSTUB.EXE-22A21ECB.pf --------- 18464  
 14.09.2008 02:11     C:\Windows\Prefetch\GRLAUNCHER.EXE-79F78E10.pf --------- 31134  
 14.09.2008 02:11     C:\Windows\Prefetch\RUNDLL32.EXE-0775DCA3.pf --------- 50678  
 14.09.2008 02:10     C:\Windows\Prefetch\RUNDLL32.EXE-39B6B5FE.pf --------- 55376  
 14.09.2008 02:10     C:\Windows\Prefetch\RUNDLL32.EXE-B4872C67.pf --------- 107814  
 14.09.2008 02:10     C:\Windows\Prefetch\RUNDLL32.EXE-D74CAFAD.pf --------- 111426  
 14.09.2008 02:09     C:\Windows\Prefetch\RUNDLL32.EXE-28610799.pf --------- 108014  
 14.09.2008 02:08     C:\Windows\Prefetch\RUNDLL32.EXE-15993FF3.pf --------- 36542  
 14.09.2008 02:04     C:\Windows\Prefetch\ADOBEUPDATER.EXE-5BBC3CE8.pf --------- 75218  
 14.09.2008 01:58     C:\Windows\Prefetch\CRASHREPORTER.EXE-918F1BCE.pf --------- 19990  
 14.09.2008 01:58     C:\Windows\Prefetch\DELLTPAD.EXE-FD1A2FFF.pf --------- 21384  
 14.09.2008 01:58     C:\Windows\Prefetch\AVCENTER.EXE-657FE751.pf --------- 159862  
 14.09.2008 01:50     C:\Windows\Prefetch\SETUP.EXE-17D9794D.pf --------- 57032  
 14.09.2008 01:50     C:\Windows\Prefetch\_START.EXE-92795221.pf --------- 20014  
 14.09.2008 01:50     C:\Windows\Prefetch\LAUNCH.EXE-E9F99538.pf --------- 124028  
 14.09.2008 01:47     C:\Windows\Prefetch\AVCONFIG.EXE-82BDAC9A.pf --------- 46228  
 13.09.2008 23:42     C:\Windows\Prefetch\STG018.EXE-70604F33.pf --------- 169544  
 13.09.2008 23:09     C:\Windows\Prefetch\STG073.EXE-70625208.pf --------- 202778  
 13.09.2008 22:59     C:\Windows\Prefetch\STG070.EXE-36612279.pf --------- 192778  
 13.09.2008 22:50     C:\Windows\Prefetch\STG071.EXE-49B6DCFE.pf --------- 196604  
 13.09.2008 22:49     C:\Windows\Prefetch\RUNDLL32.EXE-6C835631.pf --------- 27040  
 13.09.2008 22:38     C:\Windows\Prefetch\STG010.EXE-D5B27B0B.pf --------- 110794  
 13.09.2008 22:33     C:\Windows\Prefetch\STG088.EXE-368167DE.pf --------- 87008  
 13.09.2008 22:01     C:\Windows\Prefetch\STG013.EXE-0FB3AA9A.pf --------- 105850  
 13.09.2008 21:57     C:\Windows\Prefetch\STG020.EXE-3B24EC48.pf --------- 129484  
 13.09.2008 21:53     C:\Windows\Prefetch\STG014.EXE-2309651F.pf --------- 105472  
 13.09.2008 21:42     C:\Windows\Prefetch\STG019.EXE-83B609B8.pf --------- 162920  
 13.09.2008 21:38     C:\Windows\Prefetch\STG067.EXE-5846CADF.pf --------- 188138  
 13.09.2008 21:37     C:\Windows\Prefetch\RUNDLL32.EXE-52229EB7.pf --------- 27040  
 13.09.2008 21:18     C:\Windows\Prefetch\RUNDLL32.EXE-52229E23.pf --------- 29224  
 13.09.2008 20:02     C:\Windows\Prefetch\RUNDLL32.EXE-C52FE3EC.pf --------- 26616  
 13.09.2008 19:37     C:\Windows\Prefetch\IPCONFIG.EXE-BFEC2AD0.pf --------- 19758  
 13.09.2008 19:31     C:\Windows\Prefetch\ATTRIB.EXE-8E9FC84B.pf --------- 11170  
 13.09.2008 19:30     C:\Windows\Prefetch\INSTALL_ICQ6.EXE-8F88F9E6.pf --------- 182550  
 13.09.2008 19:05     C:\Windows\Prefetch\MSCONFIG.EXE-690F60C3.pf --------- 57382  
 13.09.2008 19:03     C:\Windows\Prefetch\MCNASVC.EXE-99DA3D26.pf --------- 26526  
 13.09.2008 19:01     C:\Windows\Prefetch\CLISTART.EXE-9B336A0A.pf --------- 36150  
 13.09.2008 19:01     C:\Windows\Prefetch\TASKENG.EXE-35FA9C06.pf --------- 43092  
 13.09.2008 19:01     C:\Windows\Prefetch\ONECLICKSTARTER.EXE-EB04B287.pf --------- 27534  
 13.09.2008 19:00     C:\Windows\Prefetch\AVGEMC.EXE-2FD62015.pf --------- 42642  
 13.09.2008 19:00     C:\Windows\Prefetch\AVGNSX.EXE-AF891D49.pf --------- 34224  
 13.09.2008 19:00     C:\Windows\Prefetch\SVCHOST.EXE-D8888452.pf --------- 23702  
 13.09.2008 19:00     C:\Windows\Prefetch\AVGUARD.EXE-8DFC8CC3.pf --------- 105404  
 13.09.2008 19:00     C:\Windows\Prefetch\SVCHOST.EXE-EC00EC4D.pf --------- 27464  
 13.09.2008 19:00     C:\Windows\Prefetch\SCHED.EXE-BD08C42C.pf --------- 24796  
 13.09.2008 19:00     C:\Windows\Prefetch\SPOOLSV.EXE-BF1C7233.pf --------- 14312  
 13.09.2008 19:00     C:\Windows\Prefetch\BCMWLTRY.EXE-B349EB79.pf --------- 4098  
 13.09.2008 19:00     C:\Windows\Prefetch\WLTRYSVC.EXE-CAB02D33.pf --------- 13074  
 13.09.2008 19:00     C:\Windows\Prefetch\SVCHOST.EXE-04BA08AD.pf --------- 29358  
 13.09.2008 18:39     C:\Windows\Prefetch\AVGCMGR.EXE-FA901256.pf --------- 16104  
 13.09.2008 17:58     C:\Windows\Prefetch\GOOGLEUPDATER.EXE-FE559EEC.pf --------- 15164  
 13.09.2008 16:54     C:\Windows\Prefetch\FIXCFG.EXE-EBC4469E.pf --------- 20540  
 13.09.2008 16:53     C:\Windows\Prefetch\AVGUPD.EXE-837C21A1.pf --------- 45472  
 13.09.2008 16:12     C:\Windows\Prefetch\SETHC.EXE-1E0D0DA0.pf --------- 20352  
 13.09.2008 13:31     C:\Windows\Prefetch\RCDMENU.EXE-8BF37EBA.pf --------- 48434  
 13.09.2008 13:31     C:\Windows\Prefetch\AUTORCD.EXE-EF1F5146.pf --------- 16988  
 13.09.2008 13:09     C:\Windows\Prefetch\GRLAUNCHER.EXE-CC7DFD36.pf --------- 32392  
 13.09.2008 13:09     C:\Windows\Prefetch\RUNDLL32.EXE-6E093D9F.pf --------- 116698  
 13.09.2008 13:09     C:\Windows\Prefetch\WMPLAYER.EXE-D7C621F8.pf --------- 23920  
 13.09.2008 12:03     C:\Windows\Prefetch\SVCHOST.EXE-CFE81CB7.pf --------- 20888  
 13.09.2008 12:03     C:\Windows\Prefetch\SDCLT.EXE-94EAE077.pf --------- 4858  
 13.09.2008 12:02     C:\Windows\Prefetch\WSQMCONS.EXE-4048402C.pf --------- 18904  
 13.09.2008 12:00     C:\Windows\Prefetch\AVGSCANX.EXE-DB2FDAED.pf --------- 201094  
 13.09.2008 00:02     C:\Windows\Prefetch\GOOGLEUPDATE.EXE-2DEC7F1C.pf --------- 46162  
 12.09.2008 23:57     C:\Windows\Prefetch\AVGDIAG.EXE-97D8FCCA.pf --------- 16348  
 12.09.2008 23:37     C:\Windows\Prefetch\PRESENTATIONSETTINGS.EXE-EF41B35E.pf --------- 20226  
 12.09.2008 22:02     C:\Windows\Prefetch\RUNDLL32.EXE-8EFABE91.pf --------- 28854  
 12.09.2008 22:02     C:\Windows\Prefetch\IEUSER.EXE-1F8A18EE.pf --------- 17878  
 12.09.2008 21:32     C:\Windows\Prefetch\DFRGNTFS.EXE-ACFD6573.pf --------- 21664  
 12.09.2008 21:32     C:\Windows\Prefetch\DEFRAG.EXE-3D9E8D72.pf --------- 15132  
 12.09.2008 21:31     C:\Windows\Prefetch\Layout.ini --------- 1586566  
 12.09.2008 18:15     C:\Windows\Prefetch\AgCx_S1_S-1-5-21-1371751344-2137149050-2905294828-1000.snp.db --------- 3105858  
 12.09.2008 14:58     C:\Windows\Prefetch\AgCx_SC2.db --------- 962539  
 09.09.2008 14:33     C:\Windows\Prefetch\AgCx_SC3_B8B87944.db --------- 764322  
 04.09.2008 22:14     C:\Windows\Prefetch\AgCx_SC3_5271EA75.db --------- 601469  
 21.07.2008 14:52     C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-1371751344-2137149050-2905294828-1002.db --------- 1050382  
 21.07.2008 14:52     C:\Windows\Prefetch\AgGlUAD_S-1-5-21-1371751344-2137149050-2905294828-1002.db --------- 580766  
 17.07.2008 20:00     C:\Windows\Prefetch\AgAppLaunch.db --------- 332116  
----------------------------------------

 
C:\Windows\Tasks

 13.09.2008 19:05     C:\Windows\Tasks\SCHEDLGU.TXT --------- 32526  
 13.09.2008 19:05     C:\Windows\Tasks\SA.DAT --------- 6  
 13.09.2008 19:01     C:\Windows\Tasks\1-Klick-Wartung.job --------- 500  
 12.09.2008 21:41     C:\Windows\Tasks\GoogleUpdateTaskUser.job --------- 1126  
----------------------------------------

 
C:\Windows\Temp

 19.09.2008 05:23     C:\Windows\Temp\MpSigStub.log --------- 42704  
 18.09.2008 20:12     C:\Windows\Temp\389eba2d-6d14-4e72-8da2-619f69ac6a4d.tmp --------- 0  
 18.09.2008 20:12     C:\Windows\Temp\TMP0000000CF072849A8B5B1D42 --------- 524288  
 18.09.2008 15:20     C:\Windows\Temp\MpCmdRun.log --------- 35566  
 13.09.2008 19:01     C:\Windows\Temp\hpqddsvc.log --------- 817179  
 12.09.2008 16:29     C:\Windows\Temp\DMI3E09.tmp --------- 0  
 08.09.2008 21:36     C:\Windows\Temp\avg8info.id --------- 54  
----------------------------------------

 
C:\Users\Lukas\AppData\Local\Temp

 19.09.2008 13:48     C:\Users\Lukas\AppData\Local\Temp\etilqs_3QdmHDoq3eTwu9Aew8bl --------- 28700  
 19.09.2008 13:47     C:\Users\Lukas\AppData\Local\Temp\Lukas.bmp --------- 31832  
 18.09.2008 22:28     C:\Users\Lukas\AppData\Local\Temp\JET403A.tmp --------- 0  
 18.09.2008 22:27     C:\Users\Lukas\AppData\Local\Temp\JET279C.tmp --------- 0  
 18.09.2008 22:27     C:\Users\Lukas\AppData\Local\Temp\WPDNSE --------- 0  
 18.09.2008 22:12     C:\Users\Lukas\AppData\Local\Temp\plugtmp-11 --------- 4096  
 18.09.2008 22:01     C:\Users\Lukas\AppData\Local\Temp\plugtmp-8 --------- 16384  
 18.09.2008 21:25     C:\Users\Lukas\AppData\Local\Temp\etilqs_K3lasgj5xztdblFQMzsP --------- 12304  
 18.09.2008 20:55     C:\Users\Lukas\AppData\Local\Temp\~DFFBFB.tmp --------- 114688  
 18.09.2008 20:20     C:\Users\Lukas\AppData\Local\Temp\JET908B.tmp --------- 0  
 18.09.2008 20:12     C:\Users\Lukas\AppData\Local\Temp\si362C.tmp --------- 0  
 18.09.2008 20:12     C:\Users\Lukas\AppData\Local\Temp\JETAE8.tmp --------- 0  
 18.09.2008 14:20     C:\Users\Lukas\AppData\Local\Temp\plugtmp-7 --------- 0  
 18.09.2008 13:42     C:\Users\Lukas\AppData\Local\Temp\msohtml1 --------- 0  
 18.09.2008 00:01     C:\Users\Lukas\AppData\Local\Temp\plugtmp-6 --------- 0  
 17.09.2008 22:17     C:\Users\Lukas\AppData\Local\Temp\MSV49E3.tmp --------- 1409  
 17.09.2008 22:17     C:\Users\Lukas\AppData\Local\Temp\MSV49E2.tmp --------- 7168  
 17.09.2008 15:42     C:\Users\Lukas\AppData\Local\Temp\etilqs_4XKW03LQgibHTnjEFjgT --------- 12304  
 17.09.2008 15:42     C:\Users\Lukas\AppData\Local\Temp\JET1035.tmp --------- 0  
 17.09.2008 15:42     C:\Users\Lukas\AppData\Local\Temp\JETDA47.tmp --------- 0  
 17.09.2008 13:37     C:\Users\Lukas\AppData\Local\Temp\plugtmp-5 --------- 0  
 16.09.2008 23:29     C:\Users\Lukas\AppData\Local\Temp\plugtmp-4 --------- 0  
 16.09.2008 07:27     C:\Users\Lukas\AppData\Local\Temp\376cc349-cbf7-4bf7-ac4c-a3ae0c6821fc.tmp --------- 124  
 16.09.2008 07:27     C:\Users\Lukas\AppData\Local\Temp\502b68ba-55c1-4949-a22c-78c6f9fe42ed.tmp --------- 294912  
 16.09.2008 07:27     C:\Users\Lukas\AppData\Local\Temp\e78114a5-c1f3-4e66-845a-38b0c019a5aa.tmp --------- 177052  
 16.09.2008 07:26     C:\Users\Lukas\AppData\Local\Temp\Temp2_windowsinstaller45.zip --------- 0  
 15.09.2008 20:53     C:\Users\Lukas\AppData\Local\Temp\~Qil3378.tmp --------- 49152  
 15.09.2008 20:18     C:\Users\Lukas\AppData\Local\Temp\Temp1_windowsinstaller45.zip --------- 0  
 15.09.2008 13:20     C:\Users\Lukas\AppData\Local\Temp\msohtml --------- 0  
 15.09.2008 13:20     C:\Users\Lukas\AppData\Local\Temp\Dok2-1.doc --------- 188928  
 15.09.2008 09:25     C:\Users\Lukas\AppData\Local\Temp\~Qil3401.tmp --------- 16384  
 15.09.2008 09:24     C:\Users\Lukas\AppData\Local\Temp\MSVF612.tmp --------- 1409  
 15.09.2008 09:24     C:\Users\Lukas\AppData\Local\Temp\MSVF611.tmp --------- 7168  
 14.09.2008 15:42     C:\Users\Lukas\AppData\Local\Temp\plugtmp-3 --------- 0  
 14.09.2008 11:36     C:\Users\Lukas\AppData\Local\Temp\mod2A20.tmp --------- 20189  
 14.09.2008 11:36     C:\Users\Lukas\AppData\Local\Temp\mod2703.tmp --------- 393  
 14.09.2008 11:36     C:\Users\Lukas\AppData\Local\Temp\mod2702.tmp --------- 34  
 14.09.2008 11:32     C:\Users\Lukas\AppData\Local\Temp\modF6F3.tmp --------- 20189  
 14.09.2008 11:32     C:\Users\Lukas\AppData\Local\Temp\modF3B8.tmp --------- 391  
 14.09.2008 11:32     C:\Users\Lukas\AppData\Local\Temp\modF3B7.tmp --------- 34  
 14.09.2008 11:25     C:\Users\Lukas\AppData\Local\Temp\plugtmp-2 --------- 0  
 14.09.2008 10:56     C:\Users\Lukas\AppData\Local\Temp\plugtmp-1 --------- 0  
 14.09.2008 03:42     C:\Users\Lukas\AppData\Local\Temp\etilqs_Y4yrWiGPKvdYkL0UB8Qz --------- 12304  
 14.09.2008 03:41     C:\Users\Lukas\AppData\Local\Temp\hsperfdata_Lukas --------- 0  
 14.09.2008 03:31     C:\Users\Lukas\AppData\Local\Temp\~DFE7BA.tmp --------- 16384  
 14.09.2008 01:59     C:\Users\Lukas\AppData\Local\Temp\java_install_reg.log --------- 832  
 14.09.2008 01:57     C:\Users\Lukas\AppData\Local\Temp\JET15B1.tmp --------- 0  
 14.09.2008 01:57     C:\Users\Lukas\AppData\Local\Temp\JETCC53.tmp --------- 0  
 14.09.2008 01:50     C:\Users\Lukas\AppData\Local\Temp\RarSFX0 --------- 0  
 14.09.2008 01:46     C:\Users\Lukas\AppData\Local\Temp\etilqs_VTRJG8BBJZe4s4BdLCQS --------- 12304  
 13.09.2008 19:32     C:\Users\Lukas\AppData\Local\Temp\JET4A77.tmp --------- 0  
 13.09.2008 19:32     C:\Users\Lukas\AppData\Local\Temp\{94D5CDF5-4CEB-4EBD-9DEE-50403FE1D258} --------- 0  
 13.09.2008 19:32     C:\Users\Lukas\AppData\Local\Temp\rb --------- 0  
 13.09.2008 19:16     C:\Users\Lukas\AppData\Local\Temp\JETEA8C.tmp --------- 0  
 13.09.2008 18:55     C:\Users\Lukas\AppData\Local\Temp\plugtmp --------- 0  
 13.09.2008 16:03     C:\Users\Lukas\AppData\Local\Temp\~$Dok2.doc --------- 162  
 13.09.2008 16:03     C:\Users\Lukas\AppData\Local\Temp\~DFA69A.tmp --------- 512  
 13.09.2008 16:03     C:\Users\Lukas\AppData\Local\Temp\~DF9DC6.tmp --------- 512  
 13.09.2008 16:03     C:\Users\Lukas\AppData\Local\Temp\Dok2.doc --------- 188928  
 13.09.2008 15:28     C:\Users\Lukas\AppData\Local\Temp\JETFD65.tmp --------- 0  
 13.09.2008 15:11     C:\Users\Lukas\AppData\Local\Temp\mod9149.tmp --------- 20189  
 13.09.2008 15:11     C:\Users\Lukas\AppData\Local\Temp\mod8E68.tmp --------- 391  
 13.09.2008 15:11     C:\Users\Lukas\AppData\Local\Temp\mod8E67.tmp --------- 34  
 13.09.2008 15:08     C:\Users\Lukas\AppData\Local\Temp\~DF5FD5.tmp --------- 16384  
 13.09.2008 14:52     C:\Users\Lukas\AppData\Local\Temp\flaC15F.tmp --------- 280258770  
 13.09.2008 14:49     C:\Users\Lukas\AppData\Local\Temp\etilqs_z5wi5dNB1bsadcviH1ro --------- 12304  
 13.09.2008 12:50     C:\Users\Lukas\AppData\Local\Temp\JET5BB.tmp --------- 0  
 13.09.2008 12:49     C:\Users\Lukas\AppData\Local\Temp\JETB3E4.tmp --------- 0  
 13.09.2008 11:57     C:\Users\Lukas\AppData\Local\Temp\JET76B5.tmp --------- 0  
 12.09.2008 23:58     C:\Users\Lukas\AppData\Local\Temp\svp4m.tmp --------- 0  
 12.09.2008 21:59     C:\Users\Lukas\AppData\Local\Temp\JET7FE8.tmp --------- 0  
 12.09.2008 21:55     C:\Users\Lukas\AppData\Local\Temp\JETE5BC.tmp --------- 0  
 12.09.2008 21:53     C:\Users\Lukas\AppData\Local\Temp\svhdh.tmp --------- 0  
 12.09.2008 21:53     C:\Users\Lukas\AppData\Local\Temp\JET732C.tmp --------- 0  
 12.09.2008 19:47     C:\Users\Lukas\AppData\Local\Temp\Log --------- 0  
 12.09.2008 18:17     C:\Users\Lukas\AppData\Local\Temp\7zS9146.tmp --------- 0  
 12.09.2008 18:17     C:\Users\Lukas\AppData\Local\Temp\7zSE025.tmp --------- 0  
 12.09.2008 18:17     C:\Users\Lukas\AppData\Local\Temp\7zSFB43.tmp --------- 0  
 12.09.2008 18:17     C:\Users\Lukas\AppData\Local\Temp\Adobe --------- 0  
 12.09.2008 18:17     C:\Users\Lukas\AppData\Local\Temp\ICQ615_27_46 --------- 0  
 12.09.2008 18:17     C:\Users\Lukas\AppData\Local\Temp\ICQ616_27_03 --------- 0  
 12.09.2008 18:15     C:\Users\Lukas\AppData\Local\Temp\ImageDebug --------- 0  
 12.09.2008 18:15     C:\Users\Lukas\AppData\Local\Temp\nro.log --------- 0  
 12.09.2008 18:15     C:\Users\Lukas\AppData\Local\Temp\plugtmp-9 --------- 0  
 12.09.2008 18:15     C:\Users\Lukas\AppData\Local\Temp\svnh9.tmp --------- 0  
 12.09.2008 18:15     C:\Users\Lukas\AppData\Local\Temp\tls_file_42847 --------- 0  
 12.09.2008 18:15     C:\Users\Lukas\AppData\Local\Temp\VBE --------- 0  
 12.09.2008 18:15     C:\Users\Lukas\AppData\Local\Temp\{071C55AD-E281-42C2-B7D7-8881CEA18593} --------- 0  
 12.09.2008 18:15     C:\Users\Lukas\AppData\Local\Temp\{73638F95-5087-4415-A2D1-607AE73D3730} --------- 0  
 12.09.2008 18:12     C:\Users\Lukas\AppData\Local\Temp\JETE3F7.tmp --------- 0  
 12.09.2008 18:12     C:\Users\Lukas\AppData\Local\Temp\JETB163.tmp --------- 0  
 12.09.2008 16:53     C:\Users\Lukas\AppData\Local\Temp\{AFE75BCF-C22E-47E2-ABDC-1A08ACF84ECF} --------- 0  
 12.09.2008 16:50     C:\Users\Lukas\AppData\Local\Temp\trkCCC3.tmp --------- 0  
 12.09.2008 16:47     C:\Users\Lukas\AppData\Local\Temp\isF798.tmp --------- 0  
 12.09.2008 16:47     C:\Users\Lukas\AppData\Local\Temp\is7916.tmp --------- 0  
 12.09.2008 16:26     C:\Users\Lukas\AppData\Local\Temp\wmsetup.log --------- 5721  
 12.09.2008 15:04     C:\Users\Lukas\AppData\Local\Temp\plugtmp-13 --------- 0  
 11.09.2008 23:25     C:\Users\Lukas\AppData\Local\Temp\JETC8E9.tmp --------- 0  
 11.09.2008 23:24     C:\Users\Lukas\AppData\Local\Temp\JET4597.tmp --------- 0  
 10.09.2008 18:40     C:\Users\Lukas\AppData\Local\Temp\JET9491.tmp --------- 0  
 10.09.2008 18:40     C:\Users\Lukas\AppData\Local\Temp\JET7BC3.tmp --------- 0  
 10.09.2008 18:33     C:\Users\Lukas\AppData\Local\Temp\{E42ED774-4522-43C9-B5E8-8F1F8C88260D} --------- 0  
 10.09.2008 18:27     C:\Users\Lukas\AppData\Local\Temp\{F57A8D66-5785-4415-B12F-47684A52F21E} --------- 0  
 10.09.2008 18:26     C:\Users\Lukas\AppData\Local\Temp\plugtmp-12 --------- 0  
 10.09.2008 13:50     C:\Users\Lukas\AppData\Local\Temp\MSI57095.LOG --------- 316  
 10.09.2008 13:46     C:\Users\Lukas\AppData\Local\Temp\Microsoft Office 2003 Setup(0008).txt --------- 10851  
 10.09.2008 13:46     C:\Users\Lukas\AppData\Local\Temp\Microsoft Office 2003 Setup(0008)_Task(0001).txt --------- 4538830  
 10.09.2008 07:42     C:\Users\Lukas\AppData\Local\Temp\mia7F9B.tmp --------- 0  
 10.09.2008 07:32     C:\Users\Lukas\AppData\Local\Temp\LBWZDBLG.htm --------- 33174  
 09.09.2008 21:55     C:\Users\Lukas\AppData\Local\Temp\DRDld --------- 0  
 09.09.2008 18:06     C:\Users\Lukas\AppData\Local\Temp\~DEST --------- 0  
 09.09.2008 18:06     C:\Users\Lukas\AppData\Local\Temp\TWAIN.LOG --------- 8051  
 09.09.2008 18:04     C:\Users\Lukas\AppData\Local\Temp\Twain001.Mtx --------- 4  
 09.09.2008 18:04     C:\Users\Lukas\AppData\Local\Temp\Twunk001.MTX --------- 156  
 09.09.2008 16:47     C:\Users\Lukas\AppData\Local\Temp\ispr8686.rra --------- 1089654  
 09.09.2008 16:47     C:\Users\Lukas\AppData\Local\Temp\84d1.rra --------- 16384  
 09.09.2008 16:37     C:\Users\Lukas\AppData\Local\Temp\Microsoft Office 2003 Setup(0007).txt --------- 8878  
 09.09.2008 16:36     C:\Users\Lukas\AppData\Local\Temp\Microsoft Office 2003 Setup(0006).txt --------- 10851  
 09.09.2008 16:36     C:\Users\Lukas\AppData\Local\Temp\Microsoft Office 2003 Setup(0006)_Task(0001).txt --------- 3724110  
 09.09.2008 16:36     C:\Users\Lukas\AppData\Local\Temp\Setup Log File.Log --------- 521  
 09.09.2008 15:12     C:\Users\Lukas\AppData\Local\Temp\temp.ani --------- 13592  
 09.09.2008 15:12     C:\Users\Lukas\AppData\Local\Temp\drm_dyndata_7330014.dll --------- 212992  
 08.09.2008 21:35     C:\Users\Lukas\AppData\Local\Temp\avg8inst.log --------- 223028  
 08.09.2008 21:20     C:\Users\Lukas\AppData\Local\Temp\UpdateWizard_25980 --------- 0  
 08.09.2008 20:53     C:\Users\Lukas\AppData\Local\Temp\plugtmp-10 --------- 0  
 08.09.2008 16:45     C:\Users\Lukas\AppData\Local\Temp\{FEDFD3D3-C00D-4E9B-9B81-6A9190698976} --------- 0  
 08.09.2008 16:26     C:\Users\Lukas\AppData\Local\Temp\{B1E5B8C0-B6F4-488F-9364-44F214F92F93} --------- 0  
 08.09.2008 15:27     C:\Users\Lukas\AppData\Local\Temp\{D37456FD-E69E-4ED8-9F7A-B3B504F2C79F} --------- 0  
 05.09.2008 17:17     C:\Users\Lukas\AppData\Local\Temp\nero.tmp --------- 0  
 23.08.2008 13:23     C:\Users\Lukas\AppData\Local\Temp\FoxyTunes --------- 0  
----------------------------------------

 
C:\Program Files

 19.09.2008 13:47     C:\Program Files\Mozilla Firefox --------- 12288  
 18.09.2008 21:23     C:\Program Files\ASCOMP Software --------- 0  
 18.09.2008 20:55     C:\Program Files\Trend Micro --------- 0  
 18.09.2008 13:40     C:\Program Files\NeoSmart Technologies --------- 0  
 17.09.2008 22:32     C:\Program Files\Countdown --------- 0  
 17.09.2008 22:30     C:\Program Files\MinMan --------- 8192  
 15.09.2008 22:41     C:\Program Files\DivX --------- 4096  
 15.09.2008 20:30     C:\Program Files\TVAnts --------- 4096  
 15.09.2008 20:13     C:\Program Files\TuneUp Utilities 2008 --------- 40960  
 15.09.2008 19:31     C:\Program Files\Ubisoft --------- 0  
 13.09.2008 19:39     C:\Program Files\ICQ6 --------- 12288  
 12.09.2008 16:47     C:\Program Files\Dell --------- 4096  
 10.09.2008 18:36     C:\Program Files\Common Files --------- 8192  
 10.09.2008 18:36     C:\Program Files\ArcSoft --------- 0  
 10.09.2008 18:35     C:\Program Files\InstallShield Installation Information --------- 8192  
 10.09.2008 18:26     C:\Program Files\Realtek --------- 0  
 10.09.2008 13:46     C:\Program Files\SCi --------- 0  
 10.09.2008 07:40     C:\Program Files\Eraser --------- 4096  
 09.09.2008 21:48     C:\Program Files\E.M. DVD Copy --------- 4096  
 09.09.2008 17:33     C:\Program Files\SimilarImages --------- 4096  
 09.09.2008 16:50     C:\Program Files\Microsoft Games --------- 4096  
 09.09.2008 13:22     C:\Program Files\PCHealthCenter --------- 4096  
 08.09.2008 18:25     C:\Program Files\JGoodies --------- 0  
 07.09.2008 22:01     C:\Program Files\PDFDrucker --------- 4096  
 07.09.2008 16:09     C:\Program Files\FTP Commander --------- 8192  
 07.09.2008 15:44     C:\Program Files\ESTsoft --------- 0  
 07.09.2008 15:30     C:\Program Files\MSA --------- 0  
 07.09.2008 15:25     C:\Program Files\SmartFTP Client --------- 4096  
 07.09.2008 15:24     C:\Program Files\SmartFTP Client 3.0 Setup Files --------- 0  
 07.09.2008 15:20     C:\Program Files\WinSCP --------- 4096  
 07.09.2008 14:29     C:\Program Files\FileZilla FTP Client --------- 4096  
 07.09.2008 12:54     C:\Program Files\sfg --------- 4096  
 07.09.2008 00:23     C:\Program Files\Avira --------- 0  
 03.09.2008 14:01     C:\Program Files\Smart Projects --------- 0  
 03.09.2008 13:42     C:\Program Files\InfraRecorder --------- 4096  
 03.09.2008 13:34     C:\Program Files\Microsoft Office --------- 4096  
 03.09.2008 13:33     C:\Program Files\Microsoft.NET --------- 0  
 02.09.2008 21:50     C:\Program Files\MP3Gain --------- 4096  
 02.09.2008 21:34     C:\Program Files\Sun --------- 0  
 02.09.2008 21:18     C:\Program Files\PPLive --------- 8192  
 01.09.2008 16:16     C:\Program Files\EA Sports --------- 4096  
 31.08.2008 18:27     C:\Program Files\HWiNFO32 --------- 4096  
 31.08.2008 18:17     C:\Program Files\Acon Digital Media --------- 0  
 31.08.2008 18:02     C:\Program Files\FolderSize --------- 4096  
 31.08.2008 18:02     C:\Program Files\Google --------- 4096  
 31.08.2008 16:23     C:\Program Files\AVG --------- 0  
 25.08.2008 16:22     C:\Program Files\Usenet.to --------- 4096  
 25.08.2008 15:09     C:\Program Files\Verimount --------- 0  
 23.08.2008 23:14     C:\Program Files\Veoh Networks --------- 0  
 22.08.2008 20:55     C:\Program Files\Giant --------- 0  
 22.08.2008 13:51     C:\Program Files\Apple Software Update --------- 4096  
 22.08.2008 13:51     C:\Program Files\iTunes --------- 4096  
 22.08.2008 13:50     C:\Program Files\iPod --------- 0  
 22.08.2008 13:50     C:\Program Files\Bonjour --------- 0  
 21.08.2008 07:30     C:\Program Files\RocketDock --------- 4096  
 20.08.2008 22:51     C:\Program Files\MSXML 4.0 --------- 0  
 20.08.2008 21:11     C:\Program Files\HP --------- 4096  
 20.08.2008 21:09     C:\Program Files\Hewlett-Packard --------- 0  
 20.08.2008 20:54     C:\Program Files\Ulead Systems --------- 4096  
 17.08.2008 21:51     C:\Program Files\AVSMedia --------- 0  
 17.08.2008 20:53     C:\Program Files\DVDlab --------- 8192  
 17.08.2008 18:46     C:\Program Files\Nero --------- 0  
 17.08.2008 18:20     C:\Program Files\Movavi VideoSuite 5 --------- 16384  
 17.08.2008 18:11     C:\Program Files\HyCam2 --------- 4096  
 17.08.2008 17:37     C:\Program Files\Internet Explorer --------- 4096  
 17.08.2008 17:37     C:\Program Files\QuickTime --------- 4096  
 17.08.2008 17:20     C:\Program Files\AviSynth 2.5 --------- 0  
 17.08.2008 17:16     C:\Program Files\Converter --------- 0  
 17.08.2008 16:04     C:\Program Files\CamStudio --------- 8192  
 17.08.2008 10:56     C:\Program Files\Windows Live --------- 0  
 14.08.2008 15:16     C:\Program Files\Grewe --------- 0  
 13.08.2008 16:37     C:\Program Files\ZW Net Send Manager (NSM) --------- 4096  
 13.08.2008 15:36     C:\Program Files\Windows Mail --------- 4096  
 10.08.2008 00:14     C:\Program Files\Adobe --------- 4096  
 09.08.2008 22:05     C:\Program Files\OpenOffice.org 2.4 --------- 4096  
 09.08.2008 21:53     C:\Program Files\Softland --------- 0  
 09.08.2008 21:51     C:\Program Files\7-Zip --------- 4096  
 09.08.2008 21:49     C:\Program Files\Recuva --------- 0  
 09.08.2008 21:49     C:\Program Files\SumatraPDF --------- 0  
 08.08.2008 20:31     C:\Program Files\Mozilla Thunderbird --------- 16384  
 08.08.2008 20:16     C:\Program Files\BitTorrent --------- 4096  
 08.08.2008 20:16     C:\Program Files\DNA --------- 0  
 29.07.2008 17:28     C:\Program Files\GRETECH --------- 0  
 29.07.2008 17:28     C:\Program Files\FLV Player --------- 4096  
 29.07.2008 17:28     C:\Program Files\Yahoo --------- 0  
 26.07.2008 14:43     C:\Program Files\GameShadow --------- 4096  
 26.07.2008 14:37     C:\Program Files\Firefly Studios --------- 4096  
 25.07.2008 15:13     C:\Program Files\Maxis --------- 0  
 20.07.2008 17:03     C:\Program Files\Roxio --------- 4096  
 18.07.2008 17:58     C:\Program Files\phase6 --------- 0  
 18.07.2008 12:09     C:\Program Files\Winamp --------- 4096  
 17.07.2008 23:34     C:\Program Files\iDump --------- 0  
 17.07.2008 23:33     C:\Program Files\SlySoft --------- 0  
 17.07.2008 21:50     C:\Program Files\PC-TV --------- 0  
 17.07.2008 21:42     C:\Program Files\Skype --------- 0  
 17.07.2008 20:39     C:\Program Files\VideoLAN --------- 0  
 17.07.2008 20:00     C:\Program Files\Windows NT --------- 4096  
 17.07.2008 20:00     C:\Program Files\Gemeinsame Dateien --------- 0  
 15.07.2008 00:39     C:\Program Files\DellTPad --------- 4096  
 14.07.2008 16:44     C:\Program Files\IDT --------- 0  
 14.07.2008 16:06     C:\Program Files\Citrix --------- 0  
 14.07.2008 16:02     C:\Program Files\CyberLink --------- 0  
 14.07.2008 16:02     C:\Program Files\Dell Video Chat --------- 4096  
 14.07.2008 16:01     C:\Program Files\Microsoft Works --------- 24576  
 14.07.2008 16:00     C:\Program Files\Dell Support Center --------- 4096  
 14.07.2008 15:59     C:\Program Files\Cisco --------- 4096  
 14.07.2008 15:58     C:\Program Files\Intel --------- 0  
 14.07.2008 15:58     C:\Program Files\ATI Technologies --------- 0  
 14.07.2008 15:57     C:\Program Files\Java --------- 4096  
 21.01.2008 04:43     C:\Program Files\desktop.ini --------- 174  
 21.01.2008 04:35     C:\Program Files\Windows Calendar --------- 0  
 21.01.2008 04:35     C:\Program Files\Windows Sidebar --------- 4096  
 21.01.2008 04:35     C:\Program Files\Movie Maker --------- 4096  
 21.01.2008 04:35     C:\Program Files\Windows Media Player --------- 4096  
 21.01.2008 04:35     C:\Program Files\Windows Collaboration --------- 4096  
 21.01.2008 04:35     C:\Program Files\Windows Journal --------- 4096  
 21.01.2008 04:35     C:\Program Files\Windows Photo Gallery --------- 4096  
 21.01.2008 04:35     C:\Program Files\Windows Defender --------- 4096  
 02.11.2006 15:01     C:\Program Files\Uninstall Information --------- 0  
 02.11.2006 14:37     C:\Program Files\Reference Assemblies --------- 0  
 02.11.2006 14:37     C:\Program Files\MSBuild --------- 0  
----------------------------------------

 
C:\ProgramData\.. 

Lukas    
Ersatztadmin.Lukas-PC    
sims{19253c7f-7dda-11dd-83f9-002170717105}.TM.blf    
sims{19253c7f-7dda-11dd-83f9-002170717105}.TMContainer00000000000000000002.regtrans-ms    
sims{19253c7f-7dda-11dd-83f9-002170717105}.TMContainer00000000000000000001.regtrans-ms    
sims    
NETZBE~3.LUK{19253c7b-7dda-11dd-83f9-002170717105}.TMContainer00000000000000000002.regtrans-ms    
NETZBE~3.LUK{19253c7b-7dda-11dd-83f9-002170717105}.TM.blf    
NETZBE~3.LUK{19253c7b-7dda-11dd-83f9-002170717105}.TMContainer00000000000000000001.regtrans-ms    
NETZBE~3.LUK    
sims.LOG1    
NETZBE~3.LUK.LOG1    
NETZBE~3.LUK.LOG2    
sims{2718ee9a-7c61-11dd-8cfc-002170717105}.TM.blf    
sims{2718ee9a-7c61-11dd-8cfc-002170717105}.TMContainer00000000000000000002.regtrans-ms    
sims{2718ee9a-7c61-11dd-8cfc-002170717105}.TMContainer00000000000000000001.regtrans-ms    
NETZBE~2.LUK{2718ee96-7c61-11dd-8cfc-002170717105}.TM.blf    
NETZBE~2.LUK{2718ee96-7c61-11dd-8cfc-002170717105}.TMContainer00000000000000000002.regtrans-ms    
NETZBE~2.LUK{2718ee96-7c61-11dd-8cfc-002170717105}.TMContainer00000000000000000001.regtrans-ms    
NETZBE~2.LUK    
NETZBE~2.LUK.LOG1    
NETZBE~2.LUK.LOG2    
sims{2718ee89-7c61-11dd-8cfc-002170717105}.TM.blf    
sims{2718ee89-7c61-11dd-8cfc-002170717105}.TMContainer00000000000000000002.regtrans-ms    
sims{2718ee89-7c61-11dd-8cfc-002170717105}.TMContainer00000000000000000001.regtrans-ms    
NETZBE~1.LUK{2718ee85-7c61-11dd-8cfc-002170717105}.TM.blf    
NETZBE~1.LUK{2718ee85-7c61-11dd-8cfc-002170717105}.TMContainer00000000000000000002.regtrans-ms    
NETZBE~1.LUK{2718ee85-7c61-11dd-8cfc-002170717105}.TMContainer00000000000000000001.regtrans-ms    
sims.LOG2    
NETZBE~1.LUK    
NETZBE~1.LUK.LOG1    
NETZBE~1.LUK.LOG2    
Public    
All Users    
Default User    
Default    
desktop.ini    
----------------------------------------

 
C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost
::1             localhost

----------------------------------------

 

Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process              0 Services                   0            24 K
System                           4 Services                   0         5.876 K
smss.exe                       548 Services                   0           728 K
csrss.exe                      612 Services                   0         5.916 K
wininit.exe                    648 Services                   0         4.204 K
csrss.exe                      656 Console                    1        11.248 K
avgrsx.exe                     668 Services                   0        63.720 K
services.exe                   732 Services                   0         5.416 K
lsass.exe                      744 Services                   0         1.932 K
lsm.exe                        752 Services                   0         4.396 K
winlogon.exe                   872 Console                    1         5.588 K
svchost.exe                    960 Services                   0         6.428 K
svchost.exe                   1020 Services                   0         6.864 K
svchost.exe                   1060 Services                   0        26.704 K
Ati2evxx.exe                  1164 Services                   0         4.064 K
svchost.exe                   1184 Services                   0        68.840 K
svchost.exe                   1200 Services                   0        55.992 K
stacsv.exe                    1236 Services                   0         6.488 K
svchost.exe                   1332 Services                   0         9.812 K
audiodg.exe                   1356 Services                   0        15.732 K
SLsvc.exe                     1444 Services                   0        10.664 K
svchost.exe                   1472 Services                   0        12.812 K
Ati2evxx.exe                  1596 Console                    1         6.564 K
svchost.exe                   1620 Services                   0        19.312 K
WLTRYSVC.EXE                  1836 Services                   0         2.968 K
BCMWLTRY.EXE                  1852 Services                   0        19.828 K
spoolsv.exe                   1912 Services                   0        10.748 K
sched.exe                     1944 Services                   0         1.516 K
svchost.exe                   1964 Services                   0        11.280 K
avguard.exe                    724 Services                   0        11.768 K
IAANTmon.exe                  1316 Services                   0         5.964 K
svchost.exe                   1716 Services                   0         5.196 K
svchost.exe                   1736 Services                   0         8.144 K
svchost.exe                    592 Services                   0         2.312 K
SearchIndexer.exe             2124 Services                   0        18.900 K
dwm.exe                       2652 Console                    1         5.588 K
explorer.exe                  2684 Console                    1        47.340 K
Apoint.exe                    2792 Console                    1         5.840 K
sttray.exe                    2820 Console                    1        11.560 K
IAAnotif.exe                  2840 Console                    1         5.732 K
WLTRAY.EXE                    2848 Console                    1        19.748 K
sprtcmd.exe                   2856 Console                    1           848 K
MOM.exe                       2868 Console                    1         4.440 K
avgnt.exe                     2892 Console                    1         1.852 K
IR_SERVER.exe                 2904 Console                    1         5.220 K
ICQ.exe                       2912 Console                    1        32.152 K
Eraser.exe                    3268 Console                    1         8.316 K
quickset.exe                  3328 Console                    1        10.544 K
TMMonitor.exe                 3372 Console                    1        16.408 K
ApMsgFwd.exe                  3464 Console                    1         2.932 K
hidfind.exe                   3636 Console                    1         3.396 K
ApntEx.exe                    3656 Console                    1         3.748 K
WmiPrvSE.exe                  3776 Services                   0         6.372 K
CCC.exe                       1292 Console                    1         5.400 K
dsc.exe                       3620 Console                    1        10.444 K
firefox.exe                   3336 Console                    1       100.256 K
SearchProtocolHost.exe        2516 Services                   0         8.436 K
cmd.exe                        300 Console                    1         2.160 K
cmd.exe                       2496 Console                    1         2.904 K
tasklist.exe                  1804 Console                    1         4.804 K
SearchFilterHost.exe           728 Services                   0         4.700 K
WmiPrvSE.exe                  2336 Services                   0         6.036 K

 
***** Ende des Scans 19.09.2008 um 14:17:11,07 ***

[Petra]

Bitte die Logfiles immer in Code-Tags setzen.

===== Punkt 1 =====

Ich gehe jetzt mal davon aus, dass Du Antivir behalten möchtest (zumindest würde ich das empfehlen). Neben McAfee (was wir jetzt mal komplett vom System entfernen) ist auch noch AVG vorhanden, das geht nicht.

AVG 8.0 über Systemsteuerung => Software ordentlich deinstallieren.

===== Punkt 2 =====

Dann müssen wir erstmal ein paar Einträge fixen:

Einträge mit HijackThis fixen

Bitte alle Anwendungen inkl. Browser schließen und folgende Einträge mit HJT fixen (falls noch vorhanden):
Starte HijackThis (bei Vista mit Rechtsklick als Adminstrator) => Do a system scan only => mache vor folgenden Zeilen einen Haken klicke und dann "Fix checked":

Code:

  
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKUS\S-1-5-18\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P10 /q c:\users\lukas\appdata\local\temp\{10798~1.SH! c:\users\lukas\appdata\local\temp\WLZAC2B.SH! (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P10 /q c:\users\lukas\appdata\local\temp\{10798~1.SH! c:\users\lukas\appdata\local\temp\WLZAC2B.SH! (User 'Default user')
O15 - Trusted Zone: http://*.mcafee.com
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

Den Rechner neu starten.

===== Punkt 3 =====

Dienst beenden/löschen:

Für Vista => Im Suchfeld cmd eingeben,
STRG+Shift gedrückt halten und Enter drücken -
dadurch wird das DOS-Fenster im Admin-Modus gestartet.
Nach dem Prompt nacheinander die folgenden Befehle ausführen:
(je eine Zeile aus der Codebox eintippen und Enter drücken).

Code:

sc stop mcmscsvc
sc delete mcmscsvc
sc stop McODS
sc delete McODS
sc stop McShield
sc delete McShield
sc stop McSysmon
sc delete McSysmon
sc stop MpfService
sc delete MpfService
sc stop MSK80Service
sc delete MSK80Service
exit

Wenn nach dem sc stop-Befehl eine Fehlermeldung kommt, ignorieren und den sc delete-Befehl eingeben.
Rechner neu starten.

===== Punkt 4 =====

RSIT erneut das System scannen lassen

• Schließe alle Fenster und Programme inkl. Browser.
• Start
• ausführen
• "%userprofile%\desktop\rsit.exe" /info (reinkopieren),
  damit die alten Logdateien von RSIT überschrieben werden.
• Bitte poste den Inhalt folgender Logs hier in den Thread:
  C:\rsit\log.txt und C:\rsit\info.txt (<= minimiert)

===== Punkt 5 =====

Berichte mir, was der Anlass war, so wild mit Anti-Virus-Programmen um Dich zu schlagen

[conte]

Hallo, hat alles geklappt, bis auf mcshield. 1. fehlermeldung: nicht genug Zugriff
2. bei delete ebenfalls zugriff.

Das mit den antivir tools war so: McAfee vorinstaliert, testversion, Dell... Avira ist halt mein lieblingstool. AVG wollte ich ausprobieren, dann ausm autostart raus, dachte damit seis gegessen.

ich reboot jetzt eben

Code:

Logfile of random's system information tool 1.02 (written by random/random)
Run by Lukas at 2008-09-19 14:59:05
Microsoft® Windows Vista™ Home Premium  Service Pack 1
System drive C: has 64 GB (45%) free of 142 GB
Total RAM: 3069 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:59:21, on 19.09.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Realtek\REALTEK DVB-T USB DEVICE\IR_SERVER.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Eraser\Eraser.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Dell Support Center\gs_agent\dsc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Lukas\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Lukas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=4080714
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yodl.de
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=4080714
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer bereitgestellt von Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [IR_SERVER] C:\Program Files\Realtek\REALTEK DVB-T USB DEVICE\IR_SERVER.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O4 - Global Startup: TMMonitor.lnk = C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - Extra 'Tools' menuitem: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O13 - Gopher Prefix: 
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\Windows\system32\IoctlSvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c204e27d\STacSV.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 7513 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Klick-Wartung.job
C:\Windows\tasks\GoogleUpdateTaskUser.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2007-10-19 817936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-08-31 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll [2008-08-27 651760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2007-10-19 817936]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2008-08-13 352256]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-08-31 2403392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2008-03-11 163840]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-03-14 442433]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-10-03 178712]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2008-03-12 3563520]
"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-03-11 202544]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"IR_SERVER"=C:\Program Files\Realtek\REALTEK DVB-T USB DEVICE\IR_SERVER.exe [2007-04-16 139264]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""=C:\Program Files\Mozilla Firefox\
"ICQ"=C:\Program Files\ICQ6\ICQ.exe [2008-08-24 173304]
"Eraser"=C:\Program Files\Eraser\Eraser.exe [2007-12-23 916240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe [2008-07-17 89024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY]
C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-09-08 1235736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-03-11 202544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2008-03-11 16384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]
C:\Program Files\Eraser\Eraser.exe [2007-12-23 916240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-07-14 29744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-04 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\PROGRA~1\ICQ6\ICQ.exe [2008-08-24 173304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe]
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mozilla Thunderbird]
C:\Program Files\Mozilla Thunderbird\thunderbird.exe [2008-08-08 8496752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
C:\Program Files\Dell\MediaDirect\PCMService.exe [2008-01-14 132392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
C:\Program Files\PDFDrucker\PDFPrintBackend.exe [2005-07-03 71080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SightSpeed]
C:\Program Files\Dell Video Chat\DellVideoChat.exe [2008-02-21 4819256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2008-05-30 21718312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-08-27 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2008-07-09 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^IR_SERVER.lnk]
C:\PROGRA~1\PC-TV\WINMAN~1\IR_SER~1.EXE [2007-04-16 139264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinManager.lnk]
C:\PROGRA~1\PC-TV\WINMAN~1\WINMAN~1.EXE [2007-03-30 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lukas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^StarOffice 8.lnk]
C:\PROGRA~1\Sun\STAROF~1\program\QUICKS~1.EXE [2005-06-21 122880]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe
TMMonitor.lnk - C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist]
C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [2008-07-14 10536]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\GoToAssist]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fceda4ca-51b2-11dd-8c02-806e6f6e6963}]
shell\AutoRun\command - E:\setup.exe


======File associations======

.js - open - %SystemRoot%\System32\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\System32\CScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2008-09-19 14:59:05 ----D---- C:\rsit
2008-09-18 21:24:05 ----D---- C:\Users\Lukas\AppData\Roaming\ASCOMP Software
2008-09-18 21:23:58 ----D---- C:\Program Files\ASCOMP Software
2008-09-18 20:55:32 ----D---- C:\Program Files\Trend Micro
2008-09-18 13:40:08 ----D---- C:\Program Files\NeoSmart Technologies
2008-09-17 22:32:24 ----D---- C:\Program Files\Countdown
2008-09-17 22:30:37 ----A---- C:\Windows\system32\Stkit432.dll
2008-09-17 22:30:37 ----A---- C:\Windows\system32\Mfcans32.dll
2008-09-17 22:30:37 ----A---- C:\Windows\system32\Dzip32.dll
2008-09-17 22:30:36 ----A---- C:\Windows\system32\Oc30.dll
2008-09-17 22:30:36 ----A---- C:\Windows\system32\Msvbvm50.dll
2008-09-17 22:30:34 ----D---- C:\Program Files\MinMan
2008-09-17 22:30:29 ----A---- C:\Windows\uninst.exe
2008-09-17 22:30:22 ----D---- C:\WebCD
2008-09-15 20:30:04 ----D---- C:\Program Files\TVAnts
2008-09-15 20:18:23 ----A---- C:\Windows\system32\msimsg.dll
2008-09-15 20:18:23 ----A---- C:\Windows\system32\msihnd.dll
2008-09-15 20:18:23 ----A---- C:\Windows\system32\msiexec.exe
2008-09-15 20:18:22 ----A---- C:\Windows\system32\msi.dll
2008-09-15 20:12:39 ----SHD---- C:\Config.Msi
2008-09-15 19:36:50 ----A---- C:\Windows\system32\XAudio2_1.dll
2008-09-15 19:36:50 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2008-09-15 19:36:49 ----A---- C:\Windows\system32\xactengine3_1.dll
2008-09-15 19:36:49 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2008-09-15 19:36:48 ----A---- C:\Windows\system32\d3dx10_38.dll
2008-09-15 19:36:48 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2008-09-15 19:36:47 ----A---- C:\Windows\system32\XAudio2_0.dll
2008-09-15 19:36:47 ----A---- C:\Windows\system32\D3DX9_38.dll
2008-09-15 19:36:46 ----A---- C:\Windows\system32\xactengine3_0.dll
2008-09-15 19:36:45 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2008-09-15 19:36:45 ----A---- C:\Windows\system32\d3dx10_37.dll
2008-09-15 19:36:45 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2008-09-15 19:36:44 ----A---- C:\Windows\system32\D3DX9_37.dll
2008-09-15 19:36:43 ----A---- C:\Windows\system32\xactengine2_10.dll
2008-09-15 19:36:42 ----A---- C:\Windows\system32\d3dx10_36.dll
2008-09-15 19:36:42 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2008-09-15 19:36:41 ----A---- C:\Windows\system32\d3dx9_36.dll
2008-09-15 19:36:40 ----A---- C:\Windows\system32\xactengine2_9.dll
2008-09-15 19:36:39 ----A---- C:\Windows\system32\d3dx10_35.dll
2008-09-15 19:36:39 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2008-09-15 19:36:38 ----A---- C:\Windows\system32\d3dx9_35.dll
2008-09-15 19:36:37 ----A---- C:\Windows\system32\xactengine2_8.dll
2008-09-15 19:36:37 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2008-09-15 19:36:36 ----A---- C:\Windows\system32\d3dx10_34.dll
2008-09-15 19:36:36 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2008-09-15 19:36:35 ----A---- C:\Windows\system32\xinput1_3.dll
2008-09-15 19:36:35 ----A---- C:\Windows\system32\d3dx9_34.dll
2008-09-15 19:36:34 ----A---- C:\Windows\system32\xactengine2_7.dll
2008-09-15 19:36:33 ----A---- C:\Windows\system32\d3dx10_33.dll
2008-09-15 19:36:33 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2008-09-15 19:36:32 ----A---- C:\Windows\system32\d3dx9_33.dll
2008-09-15 19:36:31 ----A---- C:\Windows\system32\xactengine2_6.dll
2008-09-15 19:36:31 ----A---- C:\Windows\system32\xactengine2_5.dll
2008-09-15 19:36:30 ----A---- C:\Windows\system32\d3dx10.dll
2008-09-15 19:36:29 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-09-15 19:36:28 ----A---- C:\Windows\system32\xactengine2_4.dll
2008-09-15 19:36:28 ----A---- C:\Windows\system32\x3daudio1_1.dll
2008-09-15 19:36:28 ----A---- C:\Windows\system32\d3dx9_31.dll
2008-09-15 19:36:27 ----A---- C:\Windows\system32\xinput1_2.dll
2008-09-15 19:36:27 ----A---- C:\Windows\system32\xactengine2_3.dll
2008-09-15 19:36:26 ----A---- C:\Windows\system32\xactengine2_2.dll
2008-09-15 19:31:03 ----D---- C:\Program Files\Ubisoft
2008-09-13 19:31:10 ----D---- C:\Program Files\ICQ6
2008-09-12 16:47:45 ----D---- C:\Windows\system32\vmm32
2008-09-10 18:37:07 ----D---- C:\Users\Lukas\AppData\Roaming\ArcSoft
2008-09-10 18:36:48 ----D---- C:\Program Files\Common Files\ArcSoft
2008-09-10 18:36:02 ----D---- C:\Program Files\ArcSoft
2008-09-10 18:36:02 ----A---- C:\Windows\system32\unicows.dll
2008-09-10 18:26:18 ----D---- C:\Program Files\Realtek
2008-09-10 18:25:26 ----D---- C:\Users\Lukas\AppData\Roaming\InstallShield
2008-09-10 18:25:03 ----D---- C:\USB_Digital-TV_Receiver
2008-09-10 14:47:58 ----A---- C:\Windows\system32\schedlog.txt
2008-09-10 13:49:15 ----D---- C:\Windows\Cache
2008-09-10 07:41:03 ----HD---- C:\ProgramData\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}
2008-09-10 07:40:53 ----D---- C:\Program Files\Eraser
2008-09-10 03:56:56 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-09-10 03:56:56 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-09-10 03:56:44 ----A---- C:\Windows\system32\wmpeffects.dll
2008-09-10 03:56:43 ----A---- C:\Windows\system32\emdmgmt.dll
2008-09-10 03:56:42 ----A---- C:\Windows\system32\dataclen.dll
2008-09-10 03:56:42 ----A---- C:\Windows\system32\cdd.dll
2008-09-09 21:48:09 ----D---- C:\Program Files\E.M. DVD Copy
2008-09-09 17:33:48 ----D---- C:\Program Files\Common Files\MaierSoft
2008-09-09 17:33:47 ----D---- C:\Program Files\SimilarImages
2008-09-09 16:36:11 ----D---- C:\Program Files\SCi
2008-09-09 13:22:42 ----HD---- C:\$AVG8.VAULT$
2008-09-08 21:35:17 ----A---- C:\Windows\system32\avgrsstx.dll
2008-09-08 18:25:58 ----D---- C:\Users\Lukas\AppData\Roaming\JGoodies
2008-09-08 18:25:32 ----D---- C:\Program Files\JGoodies
2008-09-07 20:52:59 ----D---- C:\Program Files\PDFDrucker
2008-09-07 15:49:44 ----D---- C:\Program Files\FTP Commander
2008-09-07 15:44:23 ----D---- C:\Users\Lukas\AppData\Roaming\ESTsoft
2008-09-07 15:44:23 ----D---- C:\ProgramData\ESTsoft
2008-09-07 15:44:15 ----D---- C:\Program Files\ESTsoft
2008-09-07 15:30:21 ----D---- C:\Program Files\MSA
2008-09-07 15:30:19 ----D---- C:\Program Files\PCHealthCenter
2008-09-07 15:26:01 ----D---- C:\Users\Lukas\AppData\Roaming\SmartFTP
2008-09-07 15:25:27 ----D---- C:\Program Files\SmartFTP Client
2008-09-07 15:24:54 ----D---- C:\Program Files\SmartFTP Client 3.0 Setup Files
2008-09-07 15:20:11 ----D---- C:\Program Files\WinSCP
2008-09-07 14:30:10 ----D---- C:\Users\Lukas\AppData\Roaming\FileZilla
2008-09-07 14:29:50 ----D---- C:\Program Files\FileZilla FTP Client
2008-09-07 12:52:39 ----A---- C:\Windows\system32\MPFServiceFailureCount.txt
2008-09-07 00:59:04 ----D---- C:\ProgramData\Avg8
2008-09-07 00:37:54 ----HD---- C:\Windows\Icons
2008-09-07 00:23:02 ----D---- C:\ProgramData\Avira
2008-09-07 00:23:02 ----D---- C:\Program Files\Avira
2008-09-05 21:15:55 ----D---- C:\Downloads
2008-09-03 14:01:40 ----D---- C:\Program Files\Smart Projects
2008-09-03 13:42:25 ----D---- C:\Users\Lukas\AppData\Roaming\InfraRecorder
2008-09-03 13:42:18 ----D---- C:\Program Files\InfraRecorder
2008-09-03 13:39:43 ----A---- C:\Windows\ODBC.INI
2008-09-03 13:39:35 ----A---- C:\Windows\system32\mdimon.dll
2008-09-03 13:34:35 ----D---- C:\Program Files\Common Files\DESIGNER
2008-09-03 13:33:11 ----D---- C:\Program Files\Microsoft.NET
2008-09-03 13:29:23 ----RHD---- C:\MSOCache
2008-09-02 22:09:49 ----D---- C:\Users\Lukas\AppData\Roaming\StarOffice8
2008-09-02 21:50:28 ----D---- C:\Program Files\MP3Gain
2008-09-02 21:34:10 ----D---- C:\Program Files\Sun
2008-09-02 21:16:51 ----D---- C:\Users\Lukas\AppData\Roaming\PPLive
2008-09-02 21:15:48 ----D---- C:\Program Files\PPLive
2008-09-01 16:34:44 ----A---- C:\Windows\system32\ShellManager310E2D762.dll
2008-09-01 16:14:27 ----D---- C:\ubuntu-backup
2008-08-31 18:27:18 ----D---- C:\Program Files\HWiNFO32
2008-08-31 18:17:59 ----D---- C:\Program Files\Acon Digital Media
2008-08-31 18:02:36 ----D---- C:\Program Files\FolderSize
2008-08-31 16:23:03 ----D---- C:\Program Files\AVG
2008-08-29 21:51:21 ----A---- C:\Bild-de BildschirmschonerTrace.txt
2008-08-29 21:51:05 ----D---- C:\Windows\system32\Bild-de Bildschirmschoner dir
2008-08-28 22:48:59 ----A---- C:\Windows\Carry_It_Easy-v1.6.1.7.INI
2008-08-27 21:26:43 ----D---- C:\ProgramData\Google Updater
2008-08-25 17:07:38 ----D---- C:\Users\Lukas\AppData\Roaming\DivX
2008-08-25 16:21:20 ----D---- C:\Users\Lukas\AppData\Roaming\UseNeXT
2008-08-25 16:21:17 ----D---- C:\Program Files\Usenet.to
2008-08-25 15:09:18 ----D---- C:\Users\Lukas\AppData\Roaming\Verimount
2008-08-25 15:09:06 ----D---- C:\Program Files\Verimount
2008-08-23 23:52:42 ----D---- C:\Program Files\DivX
2008-08-23 23:14:01 ----D---- C:\Program Files\Veoh Networks
2008-08-22 23:44:16 ----D---- C:\Windows\Minidump
2008-08-22 23:43:21 ----A---- C:\Windows\ntbtlog.txt
2008-08-22 20:55:40 ----D---- C:\Program Files\Giant
2008-08-22 13:51:38 ----D---- C:\Program Files\Apple Software Update
2008-08-22 13:51:19 ----D---- C:\Users\Lukas\AppData\Roaming\Apple Computer
2008-08-22 13:50:49 ----D---- C:\Program Files\iPod
2008-08-22 13:50:46 ----D---- C:\Program Files\iTunes
2008-08-22 13:50:34 ----D---- C:\Program Files\Bonjour
2008-08-22 13:49:20 ----D---- C:\Program Files\Common Files\Apple
2008-08-21 21:26:51 ----A---- C:\Windows\system32\bosskey.ini
2008-08-21 10:05:17 ----A---- C:\Windows\system32\wups2.dll
2008-08-21 10:05:17 ----A---- C:\Windows\system32\wucltux.dll
2008-08-21 10:05:17 ----A---- C:\Windows\system32\wuaueng.dll
2008-08-21 10:05:17 ----A---- C:\Windows\system32\wuauclt.exe
2008-08-21 10:04:48 ----A---- C:\Windows\system32\wups.dll
2008-08-21 10:04:48 ----A---- C:\Windows\system32\wudriver.dll
2008-08-21 10:04:48 ----A---- C:\Windows\system32\wuapi.dll
2008-08-21 10:04:37 ----A---- C:\Windows\system32\wuwebv.dll
2008-08-21 10:04:37 ----A---- C:\Windows\system32\wuapp.exe
2008-08-21 07:30:35 ----D---- C:\Program Files\RocketDock
2008-08-20 22:51:53 ----D---- C:\Program Files\MSXML 4.0
2008-08-20 21:26:50 ----D---- C:\Users\Lukas\AppData\Roaming\Printer Info Cache
2008-08-20 21:26:50 ----D---- C:\Users\Lukas\AppData\Roaming\Image Zone Express
2008-08-20 21:12:34 ----D---- C:\Users\Lukas\AppData\Roaming\HP
2008-08-20 21:12:34 ----D---- C:\ProgramData\WEBREG
2008-08-20 21:11:42 ----D---- C:\ProgramData\HPSSUPPLY
2008-08-20 21:09:12 ----D---- C:\Program Files\Hewlett-Packard
2008-08-20 21:09:12 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2008-08-20 21:08:53 ----D---- C:\Program Files\Common Files\HP
2008-08-20 20:52:32 ----D---- C:\Program Files\HP
2008-08-20 20:48:03 ----D---- C:\ProgramData\HP
2008-08-20 20:47:59 ----A---- C:\Windows\system32\hpzids01.dll
2008-08-20 20:47:58 ----A---- C:\Windows\system32\hpovst01.dll
2008-08-20 20:47:58 ----A---- C:\Windows\system32\hpotscl1.dll

======List of files/folders modified in the last 1 months======

2008-09-19 14:59:21 ----D---- C:\Windows\Temp
2008-09-19 14:57:09 ----D---- C:\Windows\System32
2008-09-19 14:57:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-09-19 14:57:08 ----D---- C:\Windows\inf
2008-09-19 14:56:37 ----D---- C:\Program Files\Mozilla Firefox
2008-09-19 14:47:54 ----SHD---- C:\System Volume Information
2008-09-19 14:35:11 ----SD---- C:\Users\Lukas\AppData\Roaming\Microsoft
2008-09-19 14:35:10 ----D---- C:\Windows\system32\drivers
2008-09-19 14:35:10 ----AD---- C:\Windows
2008-09-19 14:35:00 ----RD---- C:\Users
2008-09-19 14:35:00 ----HD---- C:\ProgramData
2008-09-18 21:23:58 ----RD---- C:\Program Files
2008-09-18 00:02:04 ----D---- C:\Windows\system32\catroot2
2008-09-16 14:51:59 ----D---- C:\Windows\Prefetch
2008-09-16 07:39:09 ----D---- C:\Windows\registration
2008-09-15 21:43:41 ----D---- C:\Windows\system32\uk-UA
2008-09-15 21:43:41 ----D---- C:\Windows\system32\tr-TR
2008-09-15 21:43:41 ----D---- C:\Windows\system32\th-TH
2008-09-15 21:43:41 ----D---- C:\Windows\system32\sv-SE
2008-09-15 21:43:41 ----D---- C:\Windows\system32\sr-Latn-CS
2008-09-15 21:43:41 ----D---- C:\Windows\system32\sl-SI
2008-09-15 21:43:41 ----D---- C:\Windows\system32\pt-PT
2008-09-15 21:43:41 ----D---- C:\Windows\system32\pt-BR
2008-09-15 21:43:41 ----D---- C:\Windows\system32\pl-PL
2008-09-15 21:43:41 ----D---- C:\Windows\system32\nl-NL
2008-09-15 21:43:41 ----D---- C:\Windows\system32\ko-KR
2008-09-15 21:43:41 ----D---- C:\Windows\system32\it-IT
2008-09-15 21:43:41 ----D---- C:\Windows\system32\hu-HU
2008-09-15 21:43:41 ----D---- C:\Windows\system32\hr-HR
2008-09-15 21:43:41 ----D---- C:\Windows\system32\he-IL
2008-09-15 21:43:41 ----D---- C:\Windows\system32\fr-FR
2008-09-15 21:43:41 ----D---- C:\Windows\system32\fi-FI
2008-09-15 21:43:41 ----D---- C:\Windows\system32\es-ES
2008-09-15 21:43:41 ----D---- C:\Windows\system32\el-GR
2008-09-15 21:43:41 ----D---- C:\Windows\system32\bg-BG
2008-09-15 21:43:40 ----D---- C:\Windows\system32\zh-TW
2008-09-15 21:43:40 ----D---- C:\Windows\system32\zh-CN
2008-09-15 21:43:40 ----D---- C:\Windows\system32\sk-SK
2008-09-15 21:43:40 ----D---- C:\Windows\system32\ru-RU
2008-09-15 21:43:40 ----D---- C:\Windows\system32\ro-RO
2008-09-15 21:43:40 ----D---- C:\Windows\system32\nb-NO
2008-09-15 21:43:40 ----D---- C:\Windows\system32\lv-LV
2008-09-15 21:43:40 ----D---- C:\Windows\system32\lt-LT
2008-09-15 21:43:40 ----D---- C:\Windows\system32\ja-JP
2008-09-15 21:43:40 ----D---- C:\Windows\system32\et-EE
2008-09-15 21:43:40 ----D---- C:\Windows\system32\en-US
2008-09-15 21:43:40 ----D---- C:\Windows\system32\de-DE
2008-09-15 21:43:40 ----D---- C:\Windows\system32\da-DK
2008-09-15 21:43:40 ----D---- C:\Windows\system32\cs-CZ
2008-09-15 21:43:40 ----D---- C:\Windows\system32\ar-SA
2008-09-15 20:20:09 ----D---- C:\Windows\winsxs
2008-09-15 20:19:47 ----D---- C:\Windows\system32\catroot
2008-09-15 20:13:59 ----SHD---- C:\Windows\Installer
2008-09-15 20:13:34 ----D---- C:\Program Files\TuneUp Utilities 2008
2008-09-15 19:36:25 ----RSD---- C:\Windows\assembly
2008-09-15 19:35:00 ----D---- C:\Windows\Logs
2008-09-15 19:32:58 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-09-13 19:05:06 ----D---- C:\Windows\pss
2008-09-13 00:07:58 ----D---- C:\Users\Lukas\AppData\Roaming\skypePM
2008-09-12 23:57:55 ----D---- C:\Users\Lukas\AppData\Roaming\Skype
2008-09-12 18:15:51 ----D---- C:\Windows\Tasks
2008-09-12 18:13:02 ----D---- C:\Windows\system32\Tasks
2008-09-12 16:49:36 ----D---- C:\DELL
2008-09-12 16:47:45 ----D---- C:\Program Files\Dell
2008-09-12 15:53:26 ----D---- C:\Windows\system32\wbem
2008-09-12 15:52:31 ----D---- C:\Windows\system32\config
2008-09-12 15:52:21 ----D---- C:\Windows\system32\spool
2008-09-10 18:36:48 ----D---- C:\Program Files\Common Files
2008-09-10 18:35:56 ----HD---- C:\Program Files\InstallShield Installation Information
2008-09-10 07:01:19 ----D---- C:\Windows\AppPatch
2008-09-09 16:50:12 ----D---- C:\Program Files\Microsoft Games
2008-09-09 14:37:27 ----SD---- C:\ProgramData\Microsoft
2008-09-08 16:22:52 ----D---- C:\Users\Lukas\AppData\Roaming\ICQ
2008-09-07 15:35:34 ----HD---- C:\Windows\system32\GroupPolicy
2008-09-07 12:54:22 ----D---- C:\Program Files\sfg
2008-09-05 23:19:00 ----RSD---- C:\Windows\Fonts
2008-09-05 03:02:15 ----D---- C:\Program Files\Common Files\microsoft shared
2008-09-04 21:26:19 ----A---- C:\Windows\ulead32.ini
2008-09-03 13:36:30 ----D---- C:\Windows\ShellNew
2008-09-03 13:34:42 ----D---- C:\Program Files\Microsoft Office
2008-09-03 13:29:34 ----D---- C:\Windows\system
2008-09-01 16:36:28 ----D---- C:\Program Files\Common Files\Nero
2008-09-01 16:36:26 ----D---- C:\ProgramData\Nero
2008-09-01 16:33:56 ----A---- C:\Windows\system32\MsiExec.exe.log
2008-09-01 16:16:33 ----D---- C:\Program Files\EA Sports
2008-08-31 20:02:52 ----A---- C:\Windows\NeroDigital.ini
2008-08-31 18:02:04 ----D---- C:\Program Files\Google
2008-08-31 17:22:00 ----D---- C:\Users\Lukas\AppData\Roaming\OpenOffice.org2
2008-08-27 22:34:24 ----A---- C:\Windows\win.ini
2008-08-27 22:33:18 ----D---- C:\Windows\twain_32
2008-08-27 21:29:39 ----D---- C:\Users\Lukas\AppData\Roaming\Google
2008-08-26 22:28:12 ----A---- C:\Windows\system32\mrt.exe
2008-08-25 19:49:12 ----D---- C:\Users\Lukas\AppData\Roaming\BitTorrent
2008-08-23 23:53:06 ----D---- C:\Program Files\Common Files\PX Storage Engine
2008-08-23 23:13:36 ----D---- C:\Windows\Downloaded Installations
2008-08-23 11:19:22 ----H---- C:\Windows\sysmf4.dll
2008-08-22 22:38:33 ----D---- C:\Windows\rescache
2008-08-22 20:54:54 ----D---- C:\Program Files\Common Files\InstallShield
2008-08-22 13:50:46 ----D---- C:\ProgramData\Apple Computer
2008-08-22 03:05:47 ----SHD---- C:\Boot
2008-08-21 18:03:12 ----A---- C:\crashAddress.txt
2008-08-20 20:54:11 ----D---- C:\Program Files\Ulead Systems

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2008-09-08 97928]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2008-09-08 26824]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-06-27 75072]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2008-07-16 24392]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2007-11-22 201320]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2007-07-13 125728]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R2 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files\HWiNFO32\HWiNFO32.SYS [2008-07-22 15976]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-03-11 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2008-03-11 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2008-03-11 38400]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2008-07-16 99648]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-03-11 164400]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-05-04 3548672]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2008-03-12 18424]
R3 BCM43XX;Treiber für Dell Wireless WLAN Karte; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-03-12 1205240]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 Dot4;MS IEEE-1284.4-Treiber; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
R3 Dot4Print;Druckerklassentreiber für IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2008-03-11 203264]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-03-14 374784]
R3 StillCam;Treiber für serielle Digitalkamera; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
R3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 AvgWfpX;AVG8 Firewall Driver x86; C:\Windows\System32\Drivers\avgwfpx.sys [2008-09-08 69128]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express-Netzwerkverbindungstreiber; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys []
S3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2007-11-22 79304]
S3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2007-11-22 35240]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2007-11-22 33832]
S3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2007-12-02 40488]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-05-04 3548672]
S3 RTL2831UBDA;REALTEK 2831U BDA Driver; C:\Windows\system32\drivers\RTL2831UBDA.sys [2007-04-13 62720]
S3 RTL2831UUSB;REALTEK 2831U USB Driver; C:\Windows\System32\Drivers\RTL2831UUSB.sys [2007-04-13 24064]
S3 usbaudio;USB-Audiotreiber (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-21 73088]
S3 VST_DPV;VST_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 VSTHWBS2;VSTHWBS2; C:\Windows\system32\DRIVERS\VSTBS23.SYS [2008-01-21 251904]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Planer; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-06-12 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-09-07 149761]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-05-04 667648]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-10-03 358936]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c204e27d\STacSV.exe [2008-03-14 221239]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2008-03-12 24064]
S2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe []
S2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe []
S3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2008-07-30 532264]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Messenger USN Journal Reader-Service für freigegebene Ordner; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c204e27d\aestsrv.exe [2008-03-14 73728]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040]
S4 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-09-08 875288]
S4 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-09-08 231704]
S4 Bonjour Service;Bonjour-Dienst; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
S4 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2006-08-11 200704]
S4 FolderSize;Folder Size; C:\Program Files\FolderSize\FolderSizeSvc.exe [2007-11-14 131072]
S4 GoogleDesktopManager-010708-104812;Google Desktop Manager 5.7.801.7324; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-07-14 29744]
S4 GoToAssist;GoToAssist; C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe [2008-07-14 16680]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-27 137200]
S4 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S4 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
S4 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
S4 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]
S4 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-03-11 202544]
S4 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-12-02 74384]
S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-03-13 49152]

-----------------EOF-----------------

Code:

info.txt logfile of random's system information tool 1.02 2008-09-19 14:59:27

======Uninstall list======

-->"C:\Program Files\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
3GP Movie Studio 1.0.1-->"C:\Program Files\Acon Digital Media\3GP Movie Studio\unins000.exe"
50 FREE MP3s +1 Free Audiobook!-->"C:\Program Files\Winamp\eMusic\Uninst-eMusic-promotion.exe"
7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81200000003}
Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log
Age of Empires III Trial-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C83F2952-4678-4F00-AB05-776658A8D0AE} 
ALFTP-->"C:\Program Files\ESTsoft\ALFTP\unins000.exe"
AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
Apple Mobile Device Support-->MsiExec.exe /I{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft TotalMedia 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14172CB3-0AA7-4276-8C74-8C0441336047}\Setup.exe" -l0x7 
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x7 
AVG 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
AVS DVDMenu Editor 1.2.1.19-->"C:\Program Files\Common Files\AVSMedia\AVS DVDMenu Editor\unins000.exe"
AVS Video Tools 5.6-->"C:\Program Files\AVSMedia\VideoTools\unins000.exe"
Bild-de Bildschirmschoner Bildschirmschoner-->C:\Windows\system32\Bild-de Bildschirmschoner.scr /u
Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Browser Address Error Redirector-->MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}
CamStudio-->C:\Program Files\CamStudio\uninstall.exe
Catalyst Control Center - Branding-->MsiExec.exe /I{4CA09BF7-1CFC-44B8-80EA-7B4D15D12DC5}
Cisco EAP-FAST Module-->MsiExec.exe /I{6D3963B0-E13B-4FC3-B0FF-506A304BB043}
Cisco LEAP Module-->MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560}
Cisco PEAP Module-->MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
Compatibility Pack für 2007 Office System-->MsiExec.exe /X{90120000-0020-0407-0000-0000000FF1CE}
Converter-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Converter\ST6UNST.LOG"  
Countdown Anytime-->C:\Programme\Countdown\SXUNINST.EXE
Dell Handbuch zum Einstieg-->MsiExec.exe /I{FD023F61-65E9-465C-B558-7C64EB2B97E6}
Dell Resource CD-->MsiExec.exe /X{42929F0F-CE14-47AF-9FC7-FF297A603021}
Dell Support Center-->MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
Dell Touchpad-->C:\Program Files\DellTPad\Uninstap.exe ADDREMOVE
Dell Video Chat (remove only)-->C:\Program Files\Dell Video Chat\uninst.exe
Desert Storm-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FB2CE8C-E86C-4368-B3C9-F472898F926E}\Setup.exe" -l0x7 
Die Siedler - Aufbruch der Kulturen-->"C:\Program Files\Ubisoft\Die Siedler - Aufbruch der Kulturen\uninstall.exe"
Die Sims - Megastar-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1A7F8DF6-5A3E-4CDF-BC82-BE26B407E21B}\Setup.exe"  -l0007
Dienstprogramm für Dell Wireless WLAN Karte-->"C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\Dell Wireless WLAN Card"
DigitalTV-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C19DBE5E-712E-4F02-8380-ECEDD951B374}\setup.exe" -l0x7 
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
doPDF 6.1  printer-->"C:\Program Files\Softland\doPDF 6\unins000.exe"
DVD-lab 1.3.1-->"C:\Program Files\DVDlab\unins000.exe"
E.M. DVD Copy 2.30-->"C:\Program Files\E.M. DVD Copy\unins000.exe"
EasyBCD 1.7.2-->C:\Program Files\NeoSmart Technologies\EasyBCD\uninstall.exe
EDocs-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}\setup.exe" 
Eraser-->"C:\ProgramData\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}\EraserSetup32.exe" REMOVE=TRUE MODIFY=FALSE
Eraser-->C:\ProgramData\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}\EraserSetup32.exe
FIFA 08-->MsiExec.exe /X{0A2A5039-B37F-489D-B1DC-A5258DF9E697}
Firstload Ikarus-->C:\Program Files\Verimount\FirstloadIkarus\Uninstall.exe
FLV Player 2.0, build 24-->C:\Program Files\FLV Player\uninst.exe
Folder Size for Windows-->MsiExec.exe /I{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}
FoxyTunes for Firefox-->"C:\Program Files\Mozilla Firefox\firefox.exe" -chrome chrome://foxytunes/content/extras/uninstallExtension.xul
FTP Commander-->C:\Program Files\FTP Commander\uninstall.exe
FUSSBALL MANAGER 07-->C:\Program Files\EA SPORTS\FUSSBALL MANAGER 07\EAUninstall.exe
GameShadow-->MsiExec.exe /I{5A2F371F-8B5D-46B4-833C-0612B065BEC7}
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth Pro-->MsiExec.exe /X{14630FF9-172D-4F71-85D2-E565FF92B2A5}
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Gears-->MsiExec.exe /I{552171BC-30F8-3B29-9C4F-E3FE590B7CAC}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
GoToAssist 8.0.0.514-->C:\Program Files\Citrix\GoToAssist\514\G2AUninstaller.exe /uninstall
Grewe Scanner-Interface 3.0-->"C:\Program Files\Grewe\Scanner-Interface\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Customer Participation Program 8.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 8.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 8.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B-->C:\Program Files\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzscr01.exe -datfile hposcr19.dat -onestop -showdisconnect -forcereboot
HP Solution Center 8.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HPSSupply-->MsiExec.exe /X{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
HWiNFO32 Version 2.20-->"C:\Program Files\HWiNFO32\unins000.exe"
HyperCam 2-->"C:\Program Files\HyCam2\UnHyCam2.exe"
ICQ6-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
iDump (Backing up your iPod)-->C:\Program Files\iDump\uninstall.exe
InfraRecorder-->C:\Program Files\InfraRecorder\uninstall.exe
Intel(R) Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
InterVideo DeviceService-->MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
IsoBuster 2.4-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
ITECIR Driver-->C:\Program Files\InstallShield Installation Information\{FCED9B62-34FF-4C15-8A23-F65221F7874D}\setup.exe -runfromtemp -l0x0007 -removeonly
iTunes-->MsiExec.exe /I{3DE0053C-FD9A-483E-B7C9-B06E4392206E}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
JGoodies JDiskReport 1.3.1-->"C:\Program Files\JGoodies\JDiskReport 1.3.1\uninstall.exe"
LEGO Star Wars-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{E914A24F-2412-4374-B420-86D21D6D444A} 
MediaDirect-->C:\Program Files\InstallShield Installation Information\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}\setup.exe -runfromtemp -l0x0007 -cluninstall
Microsoft Office PowerPoint Viewer 2007 (German)-->MsiExec.exe /X{95120000-00AF-0407-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110407-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{39D0E034-1042-4905-BECB-5502909FCB7C}
MinuteMan-->C:\Windows\uninst.exe -f"C:\Program Files\MinMan\DeIsL1.isu"  -c"C:\Program Files\MinMan\_ISREG32.DLL"
Movavi VideoSuite 5-->MsiExec.exe /I{7BE667F1-6643-4469-A830-6C360B1A036F}
Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.16)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OpenOffice.org 2.4-->MsiExec.exe /I{CCD90636-D97D-4130-A44A-3AD4E63B9220}
PDFDrucker sponsored by ebuero-->"C:\Program Files\PDFDrucker\unins000.exe"
phase6_19-->MsiExec.exe /X{65D70656-D248-4C83-B594-E3029C43B37A}
PPLive 1.9-->C:\Program Files\PPLive\uninst.exe
QuickSet-->MsiExec.exe /I{C4972073-2BFE-475D-8441-564EA97DA161}
QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
REALTEK DVB-T USB DEVICE-->C:\Program Files\InstallShield Installation Information\{19EEBA23-580F-442A-9D53-D2B874630EEA}\setup.exe -runfromtemp -l0x0007 -removeonly
Recuva (remove only)-->"G:\Recuva\uninst.exe"
RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
Roxio Creator Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
Roxio Creator Copy-->MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
Roxio Creator Data-->MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693}
Roxio Creator DE-->C:\ProgramData\Uninstall\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}\setup.exe /x {09760D42-E223-42AD-8C3E-55B47D0DDAC3}
Roxio Creator DE-->MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB}
Roxio Creator Tools-->MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Secure Eraser v2.2-->"C:\Program Files\ASCOMP Software\Secure Eraser\unins000.exe"
SimilarImages-->"C:\Program Files\SimilarImages\Uninstall.exe"
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SmartFTP Client 3.0 Setup Files (remove only)-->C:\Program Files\SmartFTP Client 3.0 Setup Files\uninst-sftp.exe
StarOffice 8-->MsiExec.exe /I{9FE15B75-8AD9-4A6F-A57A-7E7C03C4CBEB}
Stronghold Crusader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8C3727F2-8E37-49E4-820C-03B1677F53B6}\Setup.exe" 
Stronghold Legends-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66A405D2-BA14-4594-BF36-B3B544F0754E}\setup.exe" -l0x7  -removeonly
Sumatra PDF reader-->"C:\Program Files\SumatraPDF\uninstall.exe"
The Italian Job-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B58561BB-0425-458C-B9C4-44618814BA70}\Setup.exe" -l0x7 
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
Ulead DVD MovieFactory 6 TBYB-->C:\Program Files\InstallShield Installation Information\{CCC4E428-411E-4605-B515-317D50ABD477}\setup.exe -runfromtemp -l0x0407
Ulead DVD Player 2.0 Trial-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E5C13A44-7C32-4CBB-B318-518B54F834C5}\setup.exe" -l0x7 
Ulead FilmBrennerei 4.0 Deluxe Testversion-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{448AB2CB-C94A-47DE-80B8-9D7824DEFA57}\setup.exe" -l0x7 
Usenet.to-->"C:\Program Files\Usenet.to\unins000.exe"
VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
VideoLAN VLC media player 0.8.6i-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Live installer-->MsiExec.exe /X{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}
Windows Live Messenger-->MsiExec.exe /X{2B091530-69AA-442E-AB09-39ED06B58220}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinSCP 4.1.6-->"C:\Program Files\WinSCP\unins000.exe"
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
ZW Net Send Manager (NSM) 2.0-->"C:\Program Files\ZW Net Send Manager (NSM)\unins000.exe"

======Security center information======

AV: AVG Anti-Virus
AS: AVG Anti-Virus (disabled)

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\10.0\DLLShared\;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Smart Projects\IsoBuster
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

-----------------EOF-----------------

[Petra]

Hallo Conte,

===== Punkt 1 =====

AVG 8.0 steht immer noch in der Uninstall-Liste, hast Du es nicht deinstalliert?

===== Punkt 2 =====

Da sind noch einige Dienste und Treiber mehr, die wir beenden und löschen müssen, versuche es nochmal so:

Dienst beenden/löschen:

Für Vista => Im Suchfeld cmd eingeben,
STRG+Shift gedrückt halten und Enter drücken -
dadurch wird das DOS-Fenster im Admin-Modus gestartet.
Nach dem Prompt nacheinander die folgenden Befehle ausführen:
(je eine Zeile aus der Codebox eintippen und Enter drücken).

Code:

sc stop mfehidk
sc delete mfehidk
sc stop mfeavfk
sc delete mfeavfk
sc stop mfebopk
sc delete mfebopk
sc stop mferkdk
sc delete mferkdk
sc stop mfesmfk
sc delete mfesmfk
sc stop avg8emc
sc delete avg8emc
sc stop avg8wd
sc delete avg8wd
sc stop McShield
sc delete McShield
sc stop McNASvc
sc delete McNASvc
sc stop McProxy
sc delete McProxy
exit

Wenn nach dem sc stop-Befehl eine Fehlermeldung kommt, ignorieren und den sc delete-Befehl eingeben.
Rechner neu starten. Sage Bescheid, wenn das so nicht klappt, dann benutzen wir ein Tool dafür.

===== Punkt 3 =====

Dann noch eine Frage, Du hast jede Menge Prozesse über msconfig oder ein ähnliches Tool aus dem Systemstart genommen, sollen wir die mal ganz rausnehmen?

[conte]

Ja, die deinste hab ich runtergeworfen, und das andere mitr msconfig auch, kannst du mir empfehlen, welche runter können, da ich sie nur auf gut glück rausgenommen hab.

grüßle

P.S. beim McShield kommt immer Fehler5 Zugriff verweigert trotz adminrechte und als admin ausgeführt

[Petra]

ok, dann nehmen wir den Avenger.

Avenger

Lade den Avenger herunter und entzippe ihn auf den Desktop. Nicht gezippt direkt als EXE ist der Avenger hier erhältlich.

Starte die avenger.exe durch Doppelklick (Vista-User per Rechtsklick und "als Administrator starten") und akzeptiere mit OK die Nutzungsbedingungen. Mache einen Haken bei "Scan for rootkits". Füge den Inhalt der folgenden Codebox vollständig und unverändert bei "Input script here" ein und klicke auf "Execute". Beantworte die Frage, ob Du sicher bist, dass das Skript ausgeführt werden soll mit "Ja".

Code:

Drivers to delete:
mfehidk
mfeavfk
mfebopk
mferkdk
mfesmfk
avg8emc
avg8wd
McShield
McNASvc
McProxy

Registry keys to delete:
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mozilla Thunderbird
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SightSpeed
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^IR_SERVER.lnk
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinManager.lnk
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lukas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^StarOffice 8.lnk

Beantworte die Frage zum Neustart des Rechners (Reboot now?) ebenfalls mit "Ja". Nachdem der Rechner neu gestartet ist und das DOS-Fenster, das der Avenger geöffnet hat, wieder geschlossen ist, öffnet Avenger Deinen Editor mit dem Avengerlog, zu finden auch unter C:\avenger.txt. Den Inhalt bitte posten. Ein Backup der entfernten Objekte wurde als C:\avenger\backup.zip angelegt.