Rootkit vs. AVG/Antivir

Dieses Thema im Forum "Viren, Würmer, Spyware" wurde erstellt von Cpt. Puff, 20.01.2010.

  1. #1 Cpt. Puff, 20.01.2010
    Cpt. Puff

    Cpt. Puff Neuer Benutzer

    Dabei seit:
    20.01.2010
    Beiträge:
    7
    Zustimmungen:
    0
    Hallo:)

    Ich habe ein Problem mit einem Rootkit,wäre nett wenn ihr mir helfen könntet:)

    Also folgendes Problem,ich scanne meinen laptop mit avira-->keine Meldungen

    dann hab ich ihn mit AVG 8.5 gescannt und dann kam folgendes Ergebnis:

    AVG hat nen versteckten Treiber gefunden der heißt "a9ht46mm.sys"

    und befindet sich im Pfad "C:\windows\system32\drivers"

    Beim Versuch es zu löschen wurde mir gesagt das der Treiber mit einer Rootkit-Technik versteckt wurde und zu löschen ginge er nicht.

    Nun meine Fragen,ist es ein Rootkit?Wenn ja, wie werde ich es wieder los?

    Ich habe meinen Hijackthis-file angefügt,ich hoffe er hilft euch ;)



    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:07:09, on 20.01.2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v7.00 (7.00.6002.18005)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
    C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Sony\ISB Utility\ISBMgr.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\AVG\AVG8\avgtray.exe
    C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSUI.exe
    C:\Windows\ehome\ehtray.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSMonitor.exe
    C:\Bennis\GRISOFT\AVG Anti-Rootkit Free\avgarkt.exe
    C:\Bennis\GRISOFT\AVG Anti-Rootkit Free\jVSe.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Windows\system32\sdclt.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\AVG\AVG8\avgscanx.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\Bennis\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Club VAIO | Choose your country
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Club VAIO | Choose your country
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Club VAIO | Choose your country
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [AppMon Utility] "C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" @@@Start
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe"
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Bennis\ICQ6.5\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Bennis\ICQ6.5\ICQ.exe
    O13 - Gopher Prefix:
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,avgrsstx.dll
    O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    O23 - Service: AVGIDSAgent - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe
    O23 - Service: AVGIDSWatcher - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
    O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
    O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
    O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
    O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
    O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
    O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
    O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
    O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
    O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
    O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
    O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
    O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 10520 bytes

    Ich danke euch jetz schonmal für eure Bemühungen :)
     
  2. AdMan

    schau mal hier: Windows-Wartungs-Tool. Viele Probleme lassen sich damit einfach beheben. Oftmals ist der PC dann auch schneller!
    Registrieren bzw. einloggen, um diese und auch andere Anzeigen zu deaktivieren.
  3. #2 Leonixx, 21.01.2010
    Leonixx

    Leonixx
    Moderator

    Dabei seit:
    17.10.2007
    Beiträge:
    18.903
    Zustimmungen:
    0
    Ort:
    NIX DO
    Hi und Willkommen,

    komisch finde ich dies hier.

    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe

    AVG scannt nach Rootkits. Diese können aber auch u.U. Microsoft Original Dateien sein, die ein Rootkitverhalten aufzeigen und deshalb als Rootkit erkannt werden.

    Um sicherer zu gehen solltest du RSIT anwenden. Bitte beide Logfiles als Dateianhang in deiner Antwort posten. RSIT mit Anleitung findest du in meiner Signatur.
     
  4. #3 Cpt. Puff, 21.01.2010
    Cpt. Puff

    Cpt. Puff Neuer Benutzer

    Dabei seit:
    20.01.2010
    Beiträge:
    7
    Zustimmungen:
    0
    So also der 1.Teil meines Logfiles:

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Benni at 2010-01-21 17:22:46
    Microsoft® Windows Vista™ Home Premium Service Pack 2
    System drive C: has 117 GB (65%) free of 180 GB
    Total RAM: 3070 MB (52% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:23:43, on 21.01.2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v7.00 (7.00.6002.18005)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
    C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Sony\ISB Utility\ISBMgr.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\AVG\AVG8\avgtray.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSUI.exe
    C:\Windows\ehome\ehtray.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSMonitor.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Users\Benni\Desktop\RSIT.exe
    C:\Bennis\Trend Micro\HijackThis\Benni.exe
    C:\Windows\system32\sdclt.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Club VAIO | Choose your country
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Club VAIO | Choose your country
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Club VAIO | Choose your country
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [AppMon Utility] "C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" @@@Start
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe"
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Bennis\ICQ6.5\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Bennis\ICQ6.5\ICQ.exe
    O13 - Gopher Prefix:
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,avgrsstx.dll
    O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    O23 - Service: AVGIDSAgent - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe
    O23 - Service: AVGIDSWatcher - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
    O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
    O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
    O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
    O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
    O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
    O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
    O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
    O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
    O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
    O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
    O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
    O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 10417 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2010-01-20 1111320]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
    CBrowserHelperObject Object - C:\PROGRA~1\GOOGLE~1\BAE.dll [2006-06-23 98304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-31 41760]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-08-25 4669440]
    "ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2007-09-19 311296]
    "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-02-12 174872]
    "AppMon Utility"=C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe [2007-09-20 542560]
    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
    "NvSvc"=C:\Windows\system32\nvsvc.dll [2009-05-26 92704]
    "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-05-26 8530464]
    "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-05-26 88608]
    "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2010-01-20 2043160]
    "AVGIDS"=C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe [2009-07-22 1600008]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-11-21 1838592]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MarketingTools]
    C:\Program Files\Sony\Marketing Tools\MarketingTools.exe [2007-11-21 36864]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhonostarTimer]
    C:\bennis\phonostar\ps_timer.exe [2009-05-13 126976]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
    C:\Program Files\Picasa2\PicasaMediaDetector.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
    C:\Windows\Skytel.exe [2007-08-25 1826816]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-31 149280]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
    C:\Program Files\SweetIM\Messenger\SweetIM.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-03-10 835584]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2007-08-28 739880]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,avgrsstx.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
    C:\Windows\system32\VESWinlogon.dll [2007-08-14 98304]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "BindDirectlyToPropertySetStorage"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{02c63272-d440-11dd-ad0f-001a80f9ba2d}]
    shell\AutoRun\command - H:\Setup\rsrc\autorun.exe
    shell\dinstall\command - H:\Directx\dxsetup.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19886047-37b5-11de-8b7b-001a80f9ba2d}]
    shell\AutoRun\command - Run.exe
    shell\open\command - Run.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5192640b-b297-11dd-930b-001a80f9ba2d}]
    shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe VERMEULEN.vbs

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c237e0b3-c3c6-11dd-b592-001a80f9ba2d}]
    shell\AutoRun\command - G:\FalloutLauncher.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d17d2774-31c9-11de-8b33-001a80f9ba2d}]
    shell\AutoRun\command - H:\autorun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f0745d63-9138-11dd-ab44-001a80f9ba2d}]
    shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MAXXX.vbs


    ======List of files/folders created in the last 2 months======

    2010-01-21 17:22:46 ----D---- C:\rsit
    2010-01-20 20:41:27 ----HD---- C:\$AVG8.VAULT$
    2010-01-20 16:49:24 ----D---- C:\ProgramData\Downloaded Installations
    2010-01-20 16:48:31 ----A---- C:\Windows\system32\avgrsstx.dll
    2010-01-20 16:47:40 ----D---- C:\Program Files\AVG
    2010-01-20 16:47:38 ----D---- C:\ProgramData\avg8
    2010-01-20 16:38:05 ----D---- C:\ProgramData\Panda Security
    2010-01-19 20:15:45 ----A---- C:\installer_debug.txt
    2010-01-19 20:09:32 ----HD---- C:\Program Files\Zero G Registry
    2010-01-19 20:05:41 ----D---- C:\IA_Installers
    2010-01-13 17:18:18 ----A---- C:\Windows\system32\t2embed.dll
    2010-01-13 17:18:18 ----A---- C:\Windows\system32\fontsub.dll
    2009-12-11 15:52:44 ----A---- C:\Windows\system32\nshhttp.dll
    2009-12-11 15:52:42 ----A---- C:\Windows\system32\httpapi.dll
    2009-12-09 17:19:21 ----A---- C:\Windows\system32\wininet.dll
    2009-12-09 17:19:20 ----A---- C:\Windows\system32\mshtml.dll
    2009-12-09 17:19:19 ----A---- C:\Windows\system32\urlmon.dll
    2009-12-09 17:19:16 ----A---- C:\Windows\system32\ieframe.dll
    2009-12-09 17:19:14 ----A---- C:\Windows\system32\ieui.dll
    2009-12-09 17:19:13 ----A---- C:\Windows\system32\ieencode.dll
    2009-12-09 17:19:12 ----A---- C:\Windows\system32\ieapfltr.dll
    2009-12-09 17:19:07 ----A---- C:\Windows\system32\winhttp.dll
    2009-12-09 17:18:06 ----A---- C:\Windows\system32\rastls.dll
    2009-12-05 14:02:17 ----D---- C:\Users\Benni\AppData\Roaming\dvdcss
    2009-12-05 11:58:18 ----D---- C:\ProgramData\SlySoft
    2009-11-25 21:45:41 ----A---- C:\Windows\system32\tzres.dll
    2009-11-25 20:13:54 ----A---- C:\Windows\system32\msxml6.dll
    2009-11-25 20:13:53 ----A---- C:\Windows\system32\msxml3.dll
     
  5. #4 Cpt. Puff, 21.01.2010
    Cpt. Puff

    Cpt. Puff Neuer Benutzer

    Dabei seit:
    20.01.2010
    Beiträge:
    7
    Zustimmungen:
    0
    Der 2.Teil des Logfiles:

    ======List of files/folders modified in the last 2 months======

    2010-01-21 17:23:43 ----D---- C:\Windows\Temp
    2010-01-21 17:19:31 ----SHD---- C:\System Volume Information
    2010-01-21 17:16:17 ----D---- C:\Windows\system32\Tasks
    2010-01-21 17:14:52 ----D---- C:\Windows\system32\catroot2
    2010-01-21 17:14:21 ----D---- C:\Windows\System32
    2010-01-20 22:25:20 ----D---- C:\Windows\Tasks
    2010-01-20 22:20:44 ----D---- C:\Windows\system32\drivers
    2010-01-20 22:20:42 ----D---- C:\Bennis
    2010-01-20 20:01:11 ----AD---- C:\Windows
    2010-01-20 16:50:53 ----SHD---- C:\Windows\Installer
    2010-01-20 16:49:24 ----HD---- C:\ProgramData
    2010-01-20 16:48:07 ----D---- C:\Windows\system32\catroot
    2010-01-20 16:48:06 ----D---- C:\Windows\inf
    2010-01-20 16:47:40 ----RD---- C:\Program Files
    2010-01-20 16:42:45 ----SD---- C:\Users\Benni\AppData\Roaming\Microsoft
    2010-01-20 16:39:32 ----D---- C:\Program Files\Mozilla Firefox
    2010-01-16 18:01:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2010-01-15 19:25:45 ----D---- C:\Windows\winsxs
    2010-01-15 17:58:54 ----D---- C:\Program Files\Windows Mail
    2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe
    2010-01-09 19:59:16 ----D---- C:\Users\Benni\AppData\Roaming\phonostar-Player
    2010-01-05 01:17:46 ----A---- C:\Windows\system32\mrt.exe
    2009-12-18 13:37:27 ----D---- C:\Windows\Prefetch
    2009-12-12 11:36:36 ----D---- C:\Windows\rescache
    2009-12-11 15:56:15 ----D---- C:\Windows\system32\de-DE
    2009-12-06 18:25:19 ----RSD---- C:\Windows\assembly
    2009-12-06 18:20:21 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-11-25 20:25:36 ----D---- C:\Update

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\Windows\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
    R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2010-01-20 23832]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
    R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-01-20 335240]
    R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-01-20 27784]
    R1 AvgTdiX;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-01-20 108552]
    R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
    R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2007-09-19 10216]
    R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-06-13 28520]
    R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-09 56816]
    R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-09-27 12672]
    R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 11032]
    R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-09-27 8192]
    R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2007-10-29 17920]
    R3 AVGIDSDriver;AVGIDSDriver; \??\C:\Program Files\AVG\AVG8\IdentityProtection\agent\driver\platform_VISTA\AVGIDSDriver.sys [2009-07-22 121352]
    R3 AVGIDSFilter;AVGIDSFilter; \??\C:\Program Files\AVG\AVG8\IdentityProtection\agent\driver\platform_VISTA\AVGIDSFilter.sys [2009-07-22 30216]
    R3 AVGIDSShim;AVGIDSShim; \??\C:\Program Files\AVG\AVG8\IdentityProtection\agent\driver\platform_VISTA\AVGIDSShim.sys [2009-07-22 29136]
    R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
    R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
    R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-06-02 25280]
    R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-09-27 985600]
    R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-09-27 207360]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-08-25 1841312]
    R3 NETw4v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-19 2222080]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-05-26 8235648]
    R3 R5U870FLx86;R5U870 UVC Lower Filter ; C:\Windows\System32\Drivers\R5U870FLx86.sys [2007-11-08 73472]
    R3 R5U870FUx86;R5U870 UVC Upper Filter ; C:\Windows\System32\Drivers\R5U870FUx86.sys [2007-11-08 43904]
    R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-08-29 9344]
    R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-10-27 330240]
    R3 StillCam;Treiber für serielle Digitalkamera; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-19 9216]
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-03-10 181560]
    R3 ti21sony;ti21sony; C:\Windows\system32\drivers\ti21sony.sys [2007-06-06 812544]
    R3 usbvideo;R5U870 (UVC) ; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
    R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-09-27 659968]
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
    R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-09-27 246784]
    S3 a1jlfxbm;a1jlfxbm; C:\Windows\system32\drivers\a1jlfxbm.sys []
    S3 BthEnum;Bluetooth-Anforderungsblocktreiber; C:\Windows\system32\DRIVERS\BthEnum.sys [2007-11-21 19456]
    S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
    S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys [2007-11-21 220160]
    S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys [2007-11-21 29184]
    S3 btwaudio;Bluetooth-Audiogerät; C:\Windows\system32\drivers\btwaudio.sys [2007-10-10 81448]
    S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-10-10 99880]
    S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2007-10-10 28464]
    S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-10-10 17448]
    S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
    S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
    S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
    S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
    S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
    S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG-Adaptertreiber für Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
    S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
    S3 usbaudio;USB-Audiotreiber (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
    S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-05-26 128104]
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
    S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-13 108289]
    R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-06 185089]
    R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2010-01-20 908056]
    R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2010-01-20 297752]
    R2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2010-01-20 1370488]
    R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe [2009-07-22 5641736]
    R2 AVGIDSWatcher;AVGIDSWatcher; C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe [2009-07-22 571912]
    R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-02-12 355096]
    R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-12-22 1181328]
    R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-05-03 66872]
    R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\stacsv.exe [2007-10-27 102400]
    R2 uCamMonitor;CamMonitor; C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe [2007-10-31 125440]
    R2 VAIO Event Service;VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2007-08-14 182392]
    R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2007-08-28 192512]
    R2 VzFw;VAIO Entertainment File Import Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [2007-08-28 131072]
    R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-09-27 386560]
    R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2007-06-28 274432]
    S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
    S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-12 137200]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
    S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
    S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [2007-06-28 73728]
    S3 VAIOMediaPlatform-IntegratedServer-AppServer;VAIO Media Integrated Server; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2007-06-20 2523136]
    S3 VAIOMediaPlatform-IntegratedServer-HTTP;VAIO Media Integrated Server (HTTP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-06-20 397312]
    S3 VAIOMediaPlatform-IntegratedServer-UPnP;VAIO Media Integrated Server (UPnP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 1089536]
    S3 VAIOMediaPlatform-Mobile-Gateway;VAIO Media Gateway Server; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [2007-06-20 499712]
    S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection; C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 745472]
    S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-06-20 397312]
    S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 1089536]
    S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2007-09-28 292128]
    S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-03-17 87328]
    S4 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-11-21 1838592]

    -----------------EOF-----------------
     
  6. #5 Cpt. Puff, 21.01.2010
    Cpt. Puff

    Cpt. Puff Neuer Benutzer

    Dabei seit:
    20.01.2010
    Beiträge:
    7
    Zustimmungen:
    0
    Der 1. Teil des Info.txt-Textes:

    info.txt logfile of random's system information tool 1.06 2010-01-21 17:23:46

    ======Uninstall list======

    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->MsiExec /X{5DB65884-C963-4454-AABA-4CA3089281FA}
    -->MsiExec.exe /I{0394CDC8-FABD-4ED8-B104-03393876DFDF}
    -->MsiExec.exe /I{0D397393-9B50-4C52-84D5-77E344289F87}
    -->MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
    -->MsiExec.exe /I{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}
    -->MsiExec.exe /I{83FFCFC7-88C6-41C6-8752-958A45325C82}
    -->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
    Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
    Ad-Aware-->"C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe" REMOVE=TRUE MODIFY=FALSE
    Ad-Aware-->C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
    Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 8.1.4 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81300000003}
    AppMon Utility-->"C:\Program Files\InstallShield Installation Information\{09A84598-E18A-4E7B-A49A-E19BB8D5C648}\setup.exe" -runfromtemp -l0x0007 -removeonly
    ArcSoft Magic-i Visual Effects-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56345504-DE57-4528-A18B-A567D1E52928}\Setup.exe" -l0x7
    AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
    AVG Anti-Rootkit Free-->C:\bennis\GRISOFT\AVG Anti-Rootkit Free\Uninstall.exe
    AVG Identity Protection-->MsiExec.exe /X{F314EA69-9590-4876-8E2B-44CBEE7FFAA1}
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
    Battle.net-->C:\Windows\bnetunin.exe
    Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC37A846-53AC-4DA7-98FA-76A4E74AA900}\setup.exe" -l0x7 -removeonly
    Browser Address Error Redirector-->regsvr32 /u /s "C:\PROGRA~1\GOOGLE~1\BAE.dll"
    Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
    Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
    Click to Disc Editor-->C:\Program Files\InstallShield Installation Information\{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}\setup.exe -runfromtemp -l0x0407
    Click to Disc-->C:\Program Files\InstallShield Installation Information\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}\setup.exe -runfromtemp -l0x0007 -removeonly
    DSD Direct-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}\setup.exe" -l0x7 -removeonly
    DSD Playback Plug-in-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{009E7FB7-1775-4D89-8956-F5C9A1C019FC}\setup.exe" -l0x7 -removeonly
    Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x0007 -removeonly
    Festo FluidSIM-->MsiExec.exe /I{98F8A617-1C3C-447C-ADD5-4FAFC84EDA72}
    GearDrvs-->MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23}
    Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
    Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
    HDAUDIO SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200\UIU32m.exe -U -ISnSZIRXz.inf
    HijackThis 2.0.2-->"C:\bennis\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
    IDT Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{07D8511D-C9FE-4A93-933F-EAA5C8F20095}\setup.exe" -l0x7 -remove -removeonly
    Intel(R) Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
    Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    LOGOSoft Comfort V4.0-->"C:\bennis\Siemens\LOGOComfort_V4\UninstallerData\Deinstallieren.exe"
    Media Converter SA Edition 0.8-->C:\Bennis\Media Converter SA Edition\uninst.exe
    Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe
    Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929}
    Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
    Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
    Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
    Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
    Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
    Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft Works-->MsiExec.exe /I{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}
    Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
    NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
    NVIDIA PhysX-->MsiExec.exe /X{5DB65884-C963-4454-AABA-4CA3089281FA}
    OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
    OpenMG Limited Patch 4.7-07-15-19-01-->C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.7-07-15-19-01\HotFixSetup\setup.exe /u
    OpenMG Secure Module 4.7.00-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL
    Panda USB Vaccine 1.0.1.4-->"C:\bennis\Panda USB Vaccine\unins000.exe"
    phonostar-Player Version 2.01.2-->"C:\bennis\phonostar\unins000.exe"
    PhotoFiltre-->"C:\bennis\PhotoFiltre\Uninst.exe"
    Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
    PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
    Revo Uninstaller 1.83-->C:\bennis\VS Revo Group\Revo Uninstaller\uninst.exe
    Roxio Activation Module-->MsiExec.exe /I{07159635-9DFE-4105-BFC0-2817DB540C68}
    Roxio Easy Media Creator Home-->MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912C462042A0}
    RTP for RM2K (Png, Wav, Midi, Fonts)-->C:\Windows\UnGins.exe "C:\bennis\ASCII\RPG2000\RTP\install.log"
    Setting Utility Series-->"C:\Program Files\InstallShield Installation Information\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}\setup.exe" -runfromtemp -l0x0007 -removeonly
    SevenSeconds Screen Saver-->C:\Windows\system32\SevenSeconds.scr /u
    SonicStage Mastering Studio Audio Filter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}\setup.exe" -l0x7 -removeonly
    SonicStage Mastering Studio Plugins-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}\setup.exe" -l0x7 -removeonly
    SonicStage Mastering Studio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6332AFF1-9D9A-429C-AA03-F82749FA4F49}\setup.exe" -l0x7 -removeonly
    Sony Video Shared Library-->C:\Program Files\InstallShield Installation Information\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}\setup.exe -runfromtemp -l0x0007 -removeonly
    Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
    sPlan 6.0-->"C:\bennis\sPlan60\unins000.exe"
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
    TV-Browser 2.7.3-->C:\bennis\TV-Browser\Uninstall.exe
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    Update for Office 2007 (KB934528)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {2B939677-2FFD-48F6-9075-7BF48CB87C80}
    Update for Office System 2007 Setup (KB929722)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {D8E9BEBD-655F-467D-8176-CA9959C140A3}
    VAIO Camera Capture Utility-->"C:\Program Files\InstallShield Installation Information\{6D2576EC-A0E9-418A-A09A-409933A3B6F4}\setup.exe" -runfromtemp -l0x0007 -removeonly
    VAIO Content Folder Setting-->"C:\Program Files\InstallShield Installation Information\{23825B69-36DF-4DAD-9CFD-118D11D80F16}\setup.exe" -runfromtemp -l0x0007 -removeonly
    VAIO Content Metadata Intelligent Analyzing Manager-->C:\Program Files\InstallShield Installation Information\{ABF29EC7-47C1-4C63-8FE7-3824FD66F357}\setup.exe -runfromtemp -l0x0007 -removeonly
    VAIO Content Metadata Manager Setting-->C:\Program Files\InstallShield Installation Information\{69351E9E-23ED-41D5-B146-EDBF83C63B66}\setup.exe -runfromtemp -l0x0007 -removeonly
    VAIO Content Metadata XML Interface Library-->C:\Program Files\InstallShield Installation Information\{AEBB1D78-EB8C-4F8B-B57E-459958979C3B}\setup.exe -runfromtemp -l0x0007 -removeonly
    VAIO Control Center-->"C:\Program Files\InstallShield Installation Information\{72042FA6-5609-489F-A8EA-3C2DD650F667}\setup.exe" -runfromtemp -l0x0007 -removeonly
    VAIO Data Restore Tool-->C:\Program Files\InstallShield Installation Information\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}\setup.exe -runfromtemp -l0x0007 -removeonly
    VAIO DVD Menu Data Basic-->C:\Program Files\InstallShield Installation Information\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}\setup.exe -runfromtemp -l0x0007 -removeonly
    VAIO Entertainment Platform-->C:\Program Files\InstallShield Installation Information\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}\setup.exe -runfromtemp -l0x0007 -removeonly
    VAIO Event Service-->"C:\Program Files\InstallShield Installation Information\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}\setup.exe" -runfromtemp -l0x0007 -removeonly
    VAIO Launcher-->"C:\Program Files\InstallShield Installation Information\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}\setup.exe" -runfromtemp -l0x0007 -removeonly
    Vaio Marketing Tools-->C:\Program Files\Sony\Marketing Tools\Uninstaller.exe /bootstrap
    VAIO Media 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{560F6B2E-F0DF-44E5-8190-A4A161F0E205}\setup.exe" -l0x7 UNINSTALL -removeonly
    VAIO Media AC3 Decoder 1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}\Setup.exe" -l0x7 UNINSTALL
    VAIO Media Content Collection 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{500162A0-4DD5-460A-BAFD-895AAE48C532}\setup.exe" -l0x7 UNINSTALL -removeonly
    VAIO Media Integrated Server 6.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{785EB1D4-ECEC-4195-99B4-73C47E187721}\setup.exe" -l0x7 UNINSTALL -removeonly
    VAIO Media Redistribution 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}\setup.exe" -l0x7 UNINSTALL -removeonly
    VAIO Media Registration Tool 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}\setup.exe" -l0x7 UNINSTALL -removeonly
    VAIO Movie Story Template Data-->C:\Program Files\InstallShield Installation Information\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}\setup.exe -runfromtemp -l0x0007 -removeonly
    VAIO Movie Story-->C:\Program Files\InstallShield Installation Information\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}\setup.exe -runfromtemp -l0x0007 -removeonly
    VAIO MusicBox Sample Music-->"C:\Program Files\InstallShield Installation Information\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}\setup.exe" -runfromtemp -l0x0007 -removeonly
    VAIO MusicBox-->"C:\Program Files\InstallShield Installation Information\{4EA55D20-27FB-45D7-8726-147E8A5F6C62}\setup.exe" -runfromtemp -l0x0007 -removeonly
    VAIO Original Function Setting-->"C:\Program Files\InstallShield Installation Information\{A63E7492-A0BC-4BB9-89A7-352965222380}\setup.exe" -runfromtemp -l0x0007 -removeonly
    VAIO Power Management-->"C:\Program Files\InstallShield Installation Information\{802889F8-6AF5-45A5-9764-CA5B999E50FC}\setup.exe" -runfromtemp -l0x0007 -removeonly
    VAIO Update 4-->"C:\Program Files\InstallShield Installation Information\{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}\setup.exe" -runfromtemp -l0x0007 -removeonly
    VAIO Wallpaper Contents-->"C:\Program Files\InstallShield Installation Information\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}\setup.exe" -runfromtemp -l0x0007 -removeonly
    VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    VideoLAN VLC media player 0.7.2-->C:\bennis\VideoLAN\VLC\uninstall.exe
    WIDCOMM Bluetooth Software 6.1.0.2000-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    WinDVD for VAIO-->C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x0407
    WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Wireless Switch Setting Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}\setup.exe" -l0x7 -removeonly

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 008k.com
    127.0.0.1 008k.com
    127.0.0.1 00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: AntiVir Desktop
    AS: AntiVir Desktop
    AS: Windows-Defender

    ======System event log======

    Computer Name: Flachmann
    Event Code: 104
    Message: Der Dienst veröffentlicht in das Netzwerk.
    Record Number: 204962
    Source Name: Microsoft-Windows-ResourcePublication
    Time Written: 20090925223441.628200-000
    Event Type: Informationen
    User: NT-AUTORITÄT\LOKALER DIENST

    Computer Name: Flachmann
    Event Code: 1103
    Message: Dem Computer wurde erfolgreich eine Netzwerkadresse zugeteilt. Eine Verbindung mit anderen Computern kann nun hergestellt werden.
    Record Number: 204961
    Source Name: Microsoft-Windows-Dhcp-Client
    Time Written: 20090925223434.000000-000
    Event Type: Informationen
    User:

    Computer Name: Flachmann
    Event Code: 4201
    Message: Netzwerkadapter "Drahtlosnetzwerkverbindung" wurde mit dem Netzwerk verbunden, und das System im normalen Zustand gestartet.
    Record Number: 204960
    Source Name: Tcpip
    Time Written: 20090925223430.700200-000
    Event Type: Informationen
    User:

    Computer Name: Flachmann
    Event Code: 4201
    Message: Netzwerkadapter "Drahtlosnetzwerkverbindung" wurde mit dem Netzwerk verbunden, und das System im normalen Zustand gestartet.
    Record Number: 204959
    Source Name: Tcpip
    Time Written: 20090925223430.700200-000
    Event Type: Informationen
    User:

    Computer Name: Flachmann
    Event Code: 15016
    Message: Das Sicherheitspaket Kerberos für die serverseitige Authentifizierung konnte nicht initialisiert werden. Das Datenfeld enthält die Fehlernummer.
    Record Number: 204958
    Source Name: Microsoft-Windows-HttpEvent
    Time Written: 20090925223429.982595-000
    Event Type: Fehler
    User:

    =====Application event log=====

    Computer Name: LH-JAU77JEK513E
    Event Code: 36
    Message:
    Record Number: 1160
    Source Name: ccSvcHst
    Time Written: 20080328015135.000000-000
    Event Type: Informationen
    User: NT-AUTORITÄT\SYSTEM

    Computer Name: LH-JAU77JEK513E
    Event Code: 1532
    Message: Das Benutzerprofil wurde angehalten


    Record Number: 1159
    Source Name: Microsoft-Windows-User Profiles Service
    Time Written: 20080328015134.000000-000
    Event Type: Informationen
    User: NT-AUTORITÄT\SYSTEM

    Computer Name: LH-JAU77JEK513E
    Event Code: 36
    Message:
    Record Number: 1158
    Source Name: ccSvcHst
    Time Written: 20080328015134.000000-000
    Event Type: Informationen
    User: NT-AUTORITÄT\SYSTEM

    Computer Name: LH-JAU77JEK513E
    Event Code: 901
    Message: Der Softwarelizenzierungsdienst wird beendet.

    Record Number: 1157
    Source Name: Microsoft-Windows-Security-Licensing-SLC
    Time Written: 20080328015134.000000-000
    Event Type: Informationen
    User:

    Computer Name: LH-JAU77JEK513E
    Event Code: 1013
    Message: Der Windows-Suchdienst wurde normal beendet.

    Record Number: 1156
    Source Name: Microsoft-Windows-Search
    Time Written: 20080328015129.000000-000
    Event Type: Informationen
    User:
     
  7. #6 Cpt. Puff, 21.01.2010
    Cpt. Puff

    Cpt. Puff Neuer Benutzer

    Dabei seit:
    20.01.2010
    Beiträge:
    7
    Zustimmungen:
    0
    Und der 2 Teil des Info-textes:

    =====Security event log=====

    Computer Name: Flachmann
    Event Code: 4648
    Message: Anmeldeversuch mit expliziten Anmeldeinformationen.

    Antragsteller:
    Sicherheits-ID: S-1-5-18
    Kontoname: FLACHMANN$
    Kontodomäne: WORKGROUP
    Anmelde-ID: 0x3e7
    Anmelde-GUID: {00000000-0000-0000-0000-000000000000}

    Konto, dessen Anmeldeinformationen verwendet wurden:
    Kontoname: SYSTEM
    Kontodomäne: NT-AUTORITÄT
    Anmelde-GUID: {00000000-0000-0000-0000-000000000000}

    Zielserver:
    Zielservername: localhost
    Weitere Informationen: localhost

    Prozessinformationen:
    Prozess-ID: 0x2a0
    Prozessname: C:\Windows\System32\services.exe

    Netzwerkinformationen:
    Netzwerkadresse: -
    Port: -

    Dieses Ereignis wird bei einem Anmeldeversuch durch einen Prozess generiert, wenn ausdrücklich die Anmeldeinformationen des Kontos angegeben werden. Dies ist normalerweise der

    Fall in Batch-Konfigurationen, z. B. bei geplanten Aufgaben oder wenn der Befehl "runas" verwendet wird.
    Record Number: 25625
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090308121330.169774-000
    Event Type: Überwachung erfolgreich
    User:

    Computer Name: Flachmann
    Event Code: 4672
    Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen.

    Antragsteller:
    Sicherheits-ID: S-1-5-18
    Kontoname: SYSTEM
    Kontodomäne: NT-AUTORITÄT
    Anmelde-ID: 0x3e7

    Berechtigungen: SeAssignPrimaryTokenPrivilege
    SeTcbPrivilege
    SeSecurityPrivilege
    SeTakeOwnershipPrivilege
    SeLoadDriverPrivilege
    SeBackupPrivilege
    SeRestorePrivilege
    SeDebugPrivilege
    SeAuditPrivilege
    SeSystemEnvironmentPrivilege
    SeImpersonatePrivilege
    Record Number: 25624
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090308121330.060574-000
    Event Type: Überwachung erfolgreich
    User:

    Computer Name: Flachmann
    Event Code: 4624
    Message: Ein Konto wurde erfolgreich angemeldet.

    Antragsteller:
    Sicherheits-ID: S-1-5-18
    Kontoname: FLACHMANN$
    Kontodomäne: WORKGROUP
    Anmelde-ID: 0x3e7

    Anmeldetyp: 5

    Neue Anmeldung:
    Sicherheits-ID: S-1-5-18
    Kontoname: SYSTEM
    Kontodomäne: NT-AUTORITÄT
    Anmelde-ID: 0x3e7
    Anmelde-GUID: {00000000-0000-0000-0000-000000000000}

    Prozessinformationen:
    Prozess-ID: 0x2a0
    Prozessname: C:\Windows\System32\services.exe

    Netzwerkinformationen:
    Arbeitsstationsname:
    Quellnetzwerkadresse: -
    Quellport: -

    Detaillierte Authentifizierungsinformationen:
    Anmeldeprozess: Advapi
    Authentifizierungspaket: Negotiate
    Übertragene Dienste: -
    Paketname (nur NTLM): -
    Schlüssellänge: 0

    Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.

    Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler

    Prozess wie "Winlogon.exe" oder "Services.exe".

    Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).

    Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.

    Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.

    Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
    - Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
    - Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
    - Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
    - Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
    Record Number: 25623
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090308121330.060574-000
    Event Type: Überwachung erfolgreich
    User:

    Computer Name: Flachmann
    Event Code: 4648
    Message: Anmeldeversuch mit expliziten Anmeldeinformationen.

    Antragsteller:
    Sicherheits-ID: S-1-5-18
    Kontoname: FLACHMANN$
    Kontodomäne: WORKGROUP
    Anmelde-ID: 0x3e7
    Anmelde-GUID: {00000000-0000-0000-0000-000000000000}

    Konto, dessen Anmeldeinformationen verwendet wurden:
    Kontoname: SYSTEM
    Kontodomäne: NT-AUTORITÄT
    Anmelde-GUID: {00000000-0000-0000-0000-000000000000}

    Zielserver:
    Zielservername: localhost
    Weitere Informationen: localhost

    Prozessinformationen:
    Prozess-ID: 0x2a0
    Prozessname: C:\Windows\System32\services.exe

    Netzwerkinformationen:
    Netzwerkadresse: -
    Port: -

    Dieses Ereignis wird bei einem Anmeldeversuch durch einen Prozess generiert, wenn ausdrücklich die Anmeldeinformationen des Kontos angegeben werden. Dies ist normalerweise der

    Fall in Batch-Konfigurationen, z. B. bei geplanten Aufgaben oder wenn der Befehl "runas" verwendet wird.
    Record Number: 25622
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090308121330.060574-000
    Event Type: Überwachung erfolgreich
    User:

    Computer Name: Flachmann
    Event Code: 5038
    Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt.

    Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.

    Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\regi.sys
    Record Number: 25621
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090308121327.455374-000
    Event Type: Überwachung gescheitert
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio

    Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\Common Files\DivX Shared\
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=x86
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
    "PROCESSOR_REVISION"=0f0d
    "NUMBER_OF_PROCESSORS"=2
    "configsetroot"=%SystemRoot%\ConfigSetRoot
    "RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\

    -----------------EOF-----------------
     
  8. #7 Cpt. Puff, 21.01.2010
    Cpt. Puff

    Cpt. Puff Neuer Benutzer

    Dabei seit:
    20.01.2010
    Beiträge:
    7
    Zustimmungen:
    0
    Das ist voll nett von dir das du dich meinem Problem annimst:)

    danke nochmal:)
     
  9. AdMan

    Es ist generell erstmal empfehlenswert alle ggf. veralteten oder fehlerhaften Treiber zu scannen und auf neue zu aktualisieren. Hier kannst du einen Treiber-Scanner downloaden. Das erspart oftmals viel Ärger und hilft gegen diverse Probleme.
    Registrieren bzw. einloggen, um diese und auch andere Anzeigen zu deaktivieren.
  10. #8 Leonixx, 21.01.2010
    Leonixx

    Leonixx
    Moderator

    Dabei seit:
    17.10.2007
    Beiträge:
    18.903
    Zustimmungen:
    0
    Ort:
    NIX DO
    Hi,

    kein Problem. Im Logfile ist nichts schädliches zu erkennen. Ich vermute eher einen Fehlalarm von AVG. Keine Anzeichen einer Infizierung zu erkennen.

    Kannst ruhig weiterschlafen. ;)

    Gruss
     
  11. #9 Cpt. Puff, 21.01.2010
    Cpt. Puff

    Cpt. Puff Neuer Benutzer

    Dabei seit:
    20.01.2010
    Beiträge:
    7
    Zustimmungen:
    0
    Puh da bin beruigt^^ danke für deine Hilfe^^
     
Thema:

Rootkit vs. AVG/Antivir

Die Seite wird geladen...

Rootkit vs. AVG/Antivir - Ähnliche Themen

  1. Avira AntiVir Tray Symbol

    Avira AntiVir Tray Symbol: Hey Leute, Nachdem kein Avira Schirmchen mehr in der Taskleiste angezeigt wurde, habe ich es neu installiert. Selbes Resultat wie zuvor, kein...
  2. Grafikkarte GTX 1070 vs GTX 1080

    Grafikkarte GTX 1070 vs GTX 1080: Hallo Liebes Forum Ich möchte mir eine neu Grafikkarte gönnen da mein beiden GTX 770 Zwar noch genug power haben für die Spiele die Ich momentan...
  3. Geforce GTX 970 vs. Sapphire Radeon R9 390 Nitro

    Geforce GTX 970 vs. Sapphire Radeon R9 390 Nitro: Liebe Alle, ich stehe vor der Frage, die der Titel schon indiziert: Welche der beiden Grafikkarten solls werden? Für Full HD sollte die 970er...
  4. Scannerproblem scansnap vs. Brother mfc

    Scannerproblem scansnap vs. Brother mfc: Irgendwie fehlt hier noch ein Unterpunkt für Pheripherieprobleme ^^ Folgendes Problem : Rechner (AMD Athlon x2 , 4Gb ,nix besondere) mit Win 7...
  5. S6 vs. Iphone 6?

    S6 vs. Iphone 6?: Hallo Leute. :-) Ihr seht ja eigentlich schon in der Überschrift worum es geht. Ich bin nämlich auf der Suche nach einem neuen Handy und schwanke...