Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Viren problem

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.01.2010, 19:09   #1
MasterSMG
 
Viren problem - Standard

Viren problem



moin,
ich habe ein riesen problem ich habe vor kurzem die fehler meldung bekommen das ich einen virus habe und habe den einfach in Karantäne verschoben/gelöscht und ich dachte es wäre gut.

doch dann kam das riesen problem ich habe das nächste mal meinen rechner hochgefahren und mein antivieren programm fährt nciht mehr hoch ich habe versucht mit Add-Aware und Spybot da gewallt ran zu bekommen nachdem ich das neuinstallieren versucht habe. Add-aware ging durch hat 6 gefunden die er jetzt nciht mehr findet und spybot lässt sich nciht starten drauf klicken sanduhr kommt und NIX passiert weiter. ich hab versucht durch HJT das problem zu finden , lässt sich nciht installieren denn hab ich versucht Kaspersky zu installieren erstmal die internet seite wird mir gesperrt bzs. angezeigt das diese seite nciht existiert. habe das hintenrum mir besorgt versucht zu installieren geht nicht "windows fehler" musste abgebrochen werden habe versucht einen ordner mit nur text dateien zu sichern hab den an meinen anderen rechner angeschlossen gleich viren warnung "sofort entfernt" nix passiert.

was braucht ihr noch als infos? HILFE!!! habe Avira AntiVir

MFG MasterSMG

Alt 08.01.2010, 19:47   #2
undoreal
/// AVZ-Toolkit Guru
 
Viren problem - Standard

Viren problem



Halli hallo.

Wir brauchen:
  • Einen ordentlichen Satzbau.
  • Alle logfiles/Berichte die anfallen und alle wortwörtlichen Meldungen der AntiViren Programme.

Was brauchst du:
  • Ruhe und keine Panik.




Poste bittte zwei AVZ logs. Lies dir die Anleitung in aller Ruhe gründlich durch und arbeite sie Schritt für Schritt ab.

Ach ja, installiere keine anderen Anti irgendwas Programme mehr! Wir sagen dir was installiert wird und was nicht.
__________________

__________________

Alt 08.01.2010, 19:48   #3
MasterSMG
 
Viren problem - Standard

Viren problem



Ich kann im grunde garnix mehr. Bei "Systemwiederherstellung" kann ich keinen anderen monat wählen. Meine Antivirenprogramme haben komplett den geist aufgegeben, sprich nicht aktiv und lassen sich nicht installieren.

ich kann kein MAM oder HJT starten bzw. installieren. Ich kann auch nicht auf die seite von AVZ und somit das machen.

Außerdem wird mir auch w*w.kaspersky.de nicht angezeigt. fehlermeldung( seite existiert nicht)

ICH weiß nicht was los ist. Helft mir!
__________________

Geändert von MasterSMG (08.01.2010 um 19:54 Uhr)

Alt 08.01.2010, 20:12   #4
MasterSMG
 
Viren problem - Standard

Viren problem



habe mir mal versucht durch andere threads zu helfen, da habe ich was gefunden was geht^^

weitere schritte wie ComboFix alleine durzuführen sind ja nciht ratsam also warte ich mal drauf das mir ein fachkundiger bitte hilft

OTL logfile created on: 08.01.2010 20:09:30 - Run 1
OTL by OldTimer - Version 3.1.21.2 Folder = C:\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 298,09 Gb Total Space | 154,45 Gb Free Space | 51,81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ASUS
Current User Name: Winkler
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Downloads\mbam-setup.exe (Malwarebytes Corporation )
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\WINDOWS\system32\PnkBstrA.exe ()
PRC - C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.)
PRC - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
PRC - C:\Programme\TuneUp Utilities 2008\MemOptimizer.exe (TuneUp Software GmbH)
PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\RivaTuner v2.06\RivaTuner.exe ()
PRC - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Programme\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\G-series Software\Applets\LCDClock.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\G-series Software\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\G-series Software\LCDMon.exe (Logitech Inc.)
PRC - C:\Programme\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
PRC - C:\WINDOWS\system32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\X10\Common\X10NETS.EXE (X10)


========== Modules (SafeList) ==========

MOD - C:\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll (Microsoft Corporation)
MOD - C:\Programme\Logitech\SetPoint\lgscroll.dll (Logitech, Inc.)
MOD - C:\Programme\Logitech\SetPoint\GameHook.dll (Logitech, Inc.)


========== Win32 Services (SafeList) ==========

SRV - (Lavasoft Ad-Aware Service) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (PnkBstrA) -- C:\WINDOWS\system32\PnkBstrA.exe ()
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Ati HotKey Poller) -- C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
SRV - (ATI Smart) -- C:\WINDOWS\system32\ati2sgag.exe ()
SRV - (TuneUp.Defrag) -- C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software GmbH)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
SRV - (LBTServ) -- C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10NETS.EXE (X10)


========== Driver Services (SafeList) ==========

DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (acedrv11) -- C:\WINDOWS\system32\drivers\ACEDRV11.sys (Protect Software GmbH)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (s3017unic) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM) -- C:\WINDOWS\system32\drivers\s3017unic.sys (MCCI Corporation)
DRV - (s3017obex) -- C:\WINDOWS\system32\drivers\s3017obex.sys (MCCI Corporation)
DRV - (s3017mgmt) Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s3017mgmt.sys (MCCI Corporation)
DRV - (s3017nd5) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS) -- C:\WINDOWS\system32\drivers\s3017nd5.sys (MCCI Corporation)
DRV - (s3017mdm) -- C:\WINDOWS\system32\drivers\s3017mdm.sys (MCCI Corporation)
DRV - (s3017mdfl) -- C:\WINDOWS\system32\drivers\s3017mdfl.sys (MCCI Corporation)
DRV - (s3017bus) Sony Ericsson Device 3017 driver (WDM) -- C:\WINDOWS\system32\drivers\s3017bus.sys (MCCI Corporation)
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (RivaTuner32) -- C:\Programme\RivaTuner v2.06\RivaTuner32.sys ()
DRV - (s117obex) -- C:\WINDOWS\system32\drivers\s117obex.sys (MCCI Corporation)
DRV - (s117mdm) -- C:\WINDOWS\system32\drivers\s117mdm.sys (MCCI Corporation)
DRV - (s117mgmt) Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s117mgmt.sys (MCCI Corporation)
DRV - (s117unic) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM) -- C:\WINDOWS\system32\drivers\s117unic.sys (MCCI Corporation)
DRV - (s117nd5) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS) -- C:\WINDOWS\system32\drivers\s117nd5.sys (MCCI Corporation)
DRV - (s117mdfl) -- C:\WINDOWS\system32\drivers\s117mdfl.sys (MCCI Corporation)
DRV - (s117bus) Sony Ericsson Device 117 driver (WDM) -- C:\WINDOWS\system32\drivers\s117bus.sys (MCCI Corporation)
DRV - (P17) -- C:\WINDOWS\system32\drivers\P17.sys (Creative Technology Ltd.)
DRV - (LUsbFilt) -- C:\WINDOWS\system32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (PxHelp20) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (TarFltr) -- C:\WINDOWS\system32\drivers\UsbFltr.sys (Waytech Development, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (SE26bus) Sony Ericsson Device 038 Driver driver (WDM) -- C:\WINDOWS\system32\drivers\SE26bus.sys (MCCI)
DRV - (SE26obex) -- C:\WINDOWS\system32\drivers\SE26obex.sys (MCCI)
DRV - (3xHybrid) -- C:\WINDOWS\system32\drivers\3xHybrid.sys (Philips Semiconductors GmbH)
DRV - (p17filt) -- C:\WINDOWS\system32\drivers\p17filt.sys (Sensaura)
DRV - (sfsync03) StarForce Protection Synchronization Driver (version 3.x) -- C:\WINDOWS\System32\drivers\sfsync03.sys (Protection Technology)
DRV - (X10Hid) -- C:\WINDOWS\system32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (XUIF) -- C:\WINDOWS\system32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (ROOTMODEM) -- C:\WINDOWS\system32\drivers\rootmdm.sys (Microsoft Corporation)
DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (prohlp02) -- C:\WINDOWS\System32\drivers\prohlp02.sys (Protection Technology)
DRV - (prodrv06) -- C:\WINDOWS\System32\drivers\prodrv06.sys (Protection Technology)
DRV - (sfhlp01) -- C:\WINDOWS\System32\drivers\sfhlp01.sys (Protection Technology)
DRV - (prosync1) -- C:\WINDOWS\System32\drivers\prosync1.sys (Protection Technology)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {b66bc4c3-6d25-4a10-8c59-01daa9063051}:1.5.1
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="


FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Components: C:\Programme\Mozilla Firefox\components [2009.12.21 02:01:08 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2009.12.18 18:25:25 | 00,000,000 | ---D | M]

[2008.12.05 13:57:06 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Extensions
[2009.12.31 03:26:25 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\extensions
[2009.02.01 19:30:13 | 00,000,000 | ---D | M] (FoxGame) -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\extensions\{b66bc4c3-6d25-4a10-8c59-01daa9063051}
[2010.01.05 15:50:40 | 00,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin-1.xml
[2008.04.03 20:50:02 | 00,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin-2.xml
[2008.04.19 15:22:44 | 00,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin-3.xml
[2008.07.02 21:58:27 | 00,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin-4.xml
[2008.07.17 11:07:02 | 00,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin-5.xml
[2008.09.26 08:15:40 | 00,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin-6.xml
[2008.11.13 15:04:01 | 00,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin-7.xml
[2009.03.11 07:25:49 | 00,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin-8.xml
[2008.03.31 21:56:08 | 00,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\Mozilla\Firefox\Profiles\dpbrge8c.default\searchplugins\icqplugin.xml
[2009.12.31 03:26:25 | 00,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2006.07.31 15:07:16 | 00,098,304 | ---- | M] (Zylom) -- C:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll
[2008.12.05 13:56:57 | 00,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2008.12.05 13:56:57 | 00,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2008.12.05 13:56:57 | 00,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2008.12.05 13:56:57 | 00,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2008.12.05 13:56:57 | 00,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: (290879 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10016 more lines...
O2 - BHO: (no name) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CTSysVol] C:\Programme\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Launch LCDMon] C:\Programme\Logitech\G-series Software\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Programme\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RivaTuner] C:\Programme\RivaTuner v2.06\RivaTuner.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [TuneUp MemOptimizer] C:\Programme\TuneUp Utilities 2008\MemOptimizer.exe (TuneUp Software GmbH)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Games\PartyPoker\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Games\PartyPoker\PartyPoker\RunApp.exe File not found
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1212652453843 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative.com/su2/CTL_V02002/ocx/15031/CTPID.cab (Creative Software AutoUpdate Support Package)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll - c:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.10.09 21:32:54 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{58c4e030-d330-11db-947c-0017316ea66d}\Shell - "" = AutoRun
O33 - MountPoints2\{58c4e030-d330-11db-947c-0017316ea66d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c4ec04e5-fb4f-11dc-9bc8-0017316ea66d}\Shell - "" = AutoRun
O33 - MountPoints2\{c4ec04e5-fb4f-11dc-9bc8-0017316ea66d}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.01.08 19:50:25 | 00,000,000 | ---D | C] -- C:\AVZ
[2010.01.08 18:51:44 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files
[2010.01.08 16:41:18 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.01.08 16:41:18 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010.01.08 16:41:17 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010.01.08 16:41:16 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010.01.08 16:41:16 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2009.12.31 15:00:09 | 00,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2009.12.31 14:59:07 | 00,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
[2009.12.31 14:58:51 | 00,000,000 | ---D | C] -- C:\Programme\Lavasoft
[2009.12.22 13:27:48 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Winkler\Desktop\Geschenk Oma Opa
[2009.09.25 20:56:54 | 00,417,792 | ---- | C] (Blizzard Entertainment) -- C:\Programme\BNUpdate.exe
[2008.09.26 16:46:01 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Apple
[2008.07.28 12:35:02 | 00,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Microsoft
[2008.07.28 12:29:14 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Adobe
[2008.07.28 12:28:49 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
[2008.03.07 05:05:47 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Xfire
[2007.01.12 19:02:11 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2006.10.09 22:33:19 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\X10 Commander
[2006.10.09 21:35:02 | 00,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Microsoft
[2006.10.09 21:35:02 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2002.04.11 08:41:06 | 00,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[33 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.01.08 20:00:00 | 00,000,496 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job
[2010.01.08 19:37:03 | 00,000,600 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.01.08 19:37:03 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.01.08 19:37:03 | 00,000,222 | RHS- | M] () -- C:\boot.ini
[2010.01.08 19:21:35 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.01.08 19:19:25 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.01.08 19:19:22 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.01.08 19:18:12 | 16,252,928 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\NTUSER.DAT
[2010.01.08 19:18:12 | 00,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Winkler\ntuser.ini
[2010.01.08 16:41:29 | 00,001,682 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira AntiVir Control Center.lnk
[2010.01.08 16:27:06 | 16,515,072 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\NTUSER.DAT_BAK_14196
[2010.01.08 15:22:10 | 00,000,871 | ---- | M] () -- C:\WINDOWS\System32\krl32mainweq.dll
[2010.01.03 15:14:13 | 00,000,202 | ---- | M] () -- C:\WINDOWS\System32\srcr.dat
[2009.12.31 15:59:36 | 00,000,916 | ---- | M] () -- C:\Dokumente und Einstellungen\Winkler\Desktop\Spybot - Search & Destroy.lnk
[2009.12.31 15:01:47 | 00,000,456 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009.12.31 15:01:47 | 00,000,456 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2009.12.31 15:01:47 | 00,000,456 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2009.12.31 15:01:47 | 00,000,456 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2009.12.31 15:01:47 | 00,000,456 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2009.12.31 14:59:06 | 00,000,858 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Ad-Aware.lnk
[2009.12.31 03:22:11 | 00,000,008 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sysReserve.ini
[2009.12.29 15:58:32 | 00,000,765 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\World of Warcraft.lnk
[2009.12.11 19:34:11 | 01,074,560 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009.12.11 19:34:11 | 00,460,608 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2009.12.11 19:34:11 | 00,442,602 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009.12.11 19:34:11 | 00,085,350 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2009.12.11 19:34:11 | 00,071,868 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009.12.11 19:33:03 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[33 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.01.08 16:41:29 | 00,001,682 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira AntiVir Control Center.lnk
[2009.12.31 15:59:36 | 00,000,916 | ---- | C] () -- C:\Dokumente und Einstellungen\Winkler\Desktop\Spybot - Search & Destroy.lnk
[2009.12.31 15:51:37 | 00,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009.12.31 15:00:52 | 00,000,456 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009.12.31 15:00:52 | 00,000,456 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2009.12.31 15:00:52 | 00,000,456 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2009.12.31 15:00:52 | 00,000,456 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2009.12.31 15:00:52 | 00,000,456 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2009.12.31 14:59:06 | 00,000,858 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Ad-Aware.lnk
[2009.12.31 03:24:30 | 00,000,871 | ---- | C] () -- C:\WINDOWS\System32\krl32mainweq.dll
[2009.12.31 03:23:28 | 00,000,202 | ---- | C] () -- C:\WINDOWS\System32\srcr.dat
[2009.12.31 03:22:11 | 00,000,008 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sysReserve.ini
[2009.12.04 17:30:19 | 00,000,258 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009.10.25 18:48:45 | 00,028,177 | ---- | C] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\OFMissionEditorConfig.xml
[2009.09.25 20:57:26 | 00,000,229 | ---- | C] () -- C:\Programme\bnupdate.log
[2009.09.25 20:56:54 | 00,145,455 | ---- | C] () -- C:\Programme\Patch.txt
[2009.08.16 16:47:57 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009.08.16 15:12:39 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.08.16 15:12:31 | 00,051,712 | ---- | C] () -- C:\WINDOWS\System32\coodest.dll
[2009.06.19 20:06:22 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009.06.19 20:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 20:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009.06.19 20:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009.06.19 20:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 20:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009.06.19 20:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009.06.19 20:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009.06.19 20:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009.06.19 20:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.07.13 17:17:22 | 00,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2008.04.10 15:32:46 | 00,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.04.04 12:15:04 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008.04.04 12:11:34 | 00,000,027 | ---- | C] () -- C:\WINDOWS\CDE DX4400DEFGIPS.ini
[2008.02.28 21:35:04 | 00,000,023 | ---- | C] () -- C:\WINDOWS\MixBKS.INI
[2008.02.27 18:31:24 | 00,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008.02.11 20:16:16 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2008.02.11 20:16:16 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2008.02.11 20:16:16 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2007.12.23 23:53:00 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2007.10.01 00:51:37 | 00,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2007.10.01 00:51:37 | 00,022,328 | ---- | C] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\PnkBstrK.sys
[2007.06.23 02:49:07 | 00,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007.04.28 17:43:17 | 00,005,663 | ---- | C] () -- C:\WINDOWS\System32\Ludap17.ini
[2007.04.28 17:43:17 | 00,000,075 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2007.03.18 16:28:15 | 00,001,606 | ---- | C] () -- C:\Dokumente und Einstellungen\Winkler\Anwendungsdaten\wklnhst.dat
[2007.03.14 22:51:11 | 00,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2007.03.09 21:31:37 | 00,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2007.02.17 00:55:36 | 00,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2007.02.17 00:55:36 | 00,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2007.02.16 23:22:42 | 00,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2007.02.16 22:56:22 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007.01.19 19:54:44 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006.12.30 15:56:33 | 00,065,536 | ---- | C] () -- C:\Dokumente und Einstellungen\Winkler\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.12.30 15:56:33 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.12.27 16:10:41 | 00,000,140 | ---- | C] () -- C:\Dokumente und Einstellungen\Winkler\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006.10.09 23:01:44 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.10.09 22:27:33 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2006.10.09 22:25:44 | 00,002,856 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2006.10.09 22:25:05 | 00,000,180 | ---- | C] () -- C:\WINDOWS\Option.ini
[2006.10.09 21:35:47 | 00,000,816 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006.10.09 21:29:40 | 00,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006.10.09 17:24:50 | 00,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2006.10.09 17:17:25 | 01,208,340 | RHS- | C] () -- C:\WINDOWS\System32\pcjnp.dll
[2005.08.05 13:26:04 | 00,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005.05.03 12:38:42 | 00,064,512 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[2003.10.02 17:48:18 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll
< End of report >

OTL Extras logfile created on: 08.01.2010 20:09:30 - Run 1
OTL by OldTimer - Version 3.1.21.2 Folder = C:\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 298,09 Gb Total Space | 154,45 Gb Free Space | 51,81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ASUS
Current User Name: Winkler
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome File not found
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 File not found
htmlfile [print] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome File not found
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome File not found
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Programme\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Programme\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"9396:TCP" = 9396:TCP:*:Enabled:umsyhsv

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Games\Quake 3\quake3.exe" = C:\Games\Quake 3\quake3.exe:*:Enabled:quake3 -- File not found
"C:\Games\q3\quake\quake3.exe" = C:\Games\q3\quake\quake3.exe:*:Enabled:quake3 -- File not found
"C:\Games\Valve\Steam\SteamApps\wargod88\counter-strike source\hl2.exe" = C:\Games\Valve\Steam\SteamApps\wargod88\counter-strike source\hl2.exe:*:Enabled:hl2 -- ()
"C:\Programme\Xfire\Xfire.exe" = C:\Programme\Xfire\Xfire.exe:*:Enabled:Xfire -- File not found
"C:\Programme\Counter-Strike Source\hl2.exe" = C:\Programme\Counter-Strike Source\hl2.exe:*:Enabled:hl2 -- File not found
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programme\Electronic Arts\Command & Conquer 3\RetailExe\1.0\cnc3game.dat" = C:\Programme\Electronic Arts\Command & Conquer 3\RetailExe\1.0\cnc3game.dat:*:Enabled:Command & Conquer 3 Tiberium Wars -- File not found
"C:\Programme\Electronic Arts\Command & Conquer 3\RetailExe\1.2\cnc3game.dat" = C:\Programme\Electronic Arts\Command & Conquer 3\RetailExe\1.2\cnc3game.dat:*:Enabled:Command & Conquer 3 Tiberium Wars -- File not found
"C:\Programme\ICQ6\ICQ.exe" = C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Programme\Internet Explorer\IEXPLORE.EXE" = C:\Programme\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Programme\Electronic Arts\Command & Conquer 3\RetailExe\1.8\cnc3game.dat" = C:\Programme\Electronic Arts\Command & Conquer 3\RetailExe\1.8\cnc3game.dat:*:Enabled:Command & Conquer 3 Tiberium Wars -- File not found
"C:\Games\Valve\Steam\Steam.exe" = C:\Games\Valve\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"F:\lan source\hl2.exe" = F:\lan source\hl2.exe:*:Enabled:hl2 -- File not found
"F:\Russen Css\hl2.exe" = F:\Russen Css\hl2.exe:*:Enabled:hl2 -- File not found
"F:\Dungeon Siege2\DungeonSiege2.exe" = F:\Dungeon Siege2\DungeonSiege2.exe:*:Enabled:Spiel-Programmdatei von Dungeon Siege II -- File not found
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Games\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Games\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"C:\Games\Alarmstufe Rot 3\Data\ra3_1.0.game" = C:\Games\Alarmstufe Rot 3\Data\ra3_1.0.game:*:Enabled:Command & Conquer™ Red Alert™ 3 -- File not found
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre1.6.0_05\launch4j-tmp\JDownloader.exe" = C:\Programme\Java\jre1.6.0_05\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Games\Valve\Steam\SteamApps\sebastiangundlack\counter-strike source\hl2.exe" = C:\Games\Valve\Steam\SteamApps\sebastiangundlack\counter-strike source\hl2.exe:*:Enabled:hl2 -- ()
"C:\Games\AirRivalsDe\Launcher.atm" = C:\Games\AirRivalsDe\Launcher.atm:Enabled:GameExe2 -- File not found
"C:\Games\AirRivalsDe\Res-Voip\SCVoIP.exe" = C:\Games\AirRivalsDe\Res-Voip\SCVoIP.exe:Enabled:GameVoIP -- File not found
"C:\Games\SWAT 4\Content\System\Swat4.exe" = C:\Games\SWAT 4\Content\System\Swat4.exe:*:Enabled:SWAT 4 -- (Sierra Entertainment, Inc.)
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Games\World of Warcraft\Launcher.exe" = C:\Games\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Games\HOI2\HoI2.exe" = C:\Games\HOI2\HoI2.exe:*:Enabled:Hearts of Iron 2 -- (Paradox Interactive)
"G:\Spiele\DeadSpace\Dead Space.exe" = G:\Spiele\DeadSpace\Dead Space.exe:*:Enabledead Space ™ -- File not found
"C:\Programme\Java\jre1.6.0_05\bin\javaw.exe" = C:\Programme\Java\jre1.6.0_05\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre1.6.0_05\bin\java.exe" = C:\Programme\Java\jre1.6.0_05\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\EA Games\Command and Conquer Generäle\game.dat" = C:\Programme\EA Games\Command and Conquer Generäle\game.dat:*:Enabled:game -- File not found
"C:\Games\World of Warcraft\BackgroundDownloader.exe" = C:\Games\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Games\40k\Dawn of War - Dark Crusade\DarkCrusade.exe" = C:\Games\40k\Dawn of War - Dark Crusade\DarkCrusade.exe:*:EnabledarkCrusade -- (THQ Canada Inc.)
"C:\Games\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe" = C:\Games\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Games\Hearts of Iron III\hoi3game.exe" = C:\Games\Hearts of Iron III\hoi3game.exe:*:Enabled:hoi3game -- ()
"C:\Games\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe" = C:\Games\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Games\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe" = C:\Games\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Games\OF Dragon Rising\OFDR.exe" = C:\Games\OF Dragon Rising\OFDR.exe:*:Enabled:OF Dragon Rising -- (Codemasters Software Company Limited)
"C:\Programme\Ventrilo\Ventrilo.exe" = C:\Programme\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0819E89D-6214-4B6F-A18D-4633CB4E0E4A}" = Softwareupdate für Webordner
"{08FC7F83-69F9-4A87-9E79-32265E047375}" = Pinnacle PCTV MCE (OEM Europe)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1A4052AB-BA77-44F7-8EE7-9F9131BFD7A6}" = OF Dragon Rising
"{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}" = Sound Blaster Audigy
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4324BC93-C82F-ED16-BA86-5E34B9E05303}" = ccc-core-static
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4ED118EE-785C-CC18-5D2E-D5CA4BAA03F0}" = Catalyst Control Center Graphics Full New
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{539475B7-44B7-8B0A-134C-F01B9C8B7569}" = ccc-core-preinstall
"{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008
"{5A080213-5AEC-4BF2-BB32-796EB0E421EC}" = Logitech G-series Keyboard Software
"{5AC7AE54-55DF-1126-076C-623F008D40B6}" = Catalyst Control Center Graphics Full Existing
"{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{626713B4-F070-4605-9DF6-31783A5AEAAE}" = ENFUNS Updater
"{6351D217-3EE3-1967-29BE-6A77635FE485}" = Skins
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{69464949-AD9C-4C98-933F-C32FFC86F3C8}" = Doomsday
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AB9CD3A-F91F-233B-923B-6C59BA63524D}" = Catalyst Control Center HydraVision Full
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CDBE27D-87EC-434E-AFE4-D0116AE876BB}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{85A91C22-C369-FCFB-5F1F-D59EB21AD0E1}" = CCC Help English
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}" = Camera RAW Plug-In for EPSON Creativity Suite
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6D0140F-E62F-9D1E-2408-9CFF91FF6FC8}" = ccc-utility
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B63321ED-94B1-4933-BC31-AED50BFF5961}" = NavyFIELD Europe (DE)
"{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}" = EPSON Easy Photo Print
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C44A7422-E380-44BE-79FE-1C032D8A03A7}" = Catalyst Control Center Core Implementation
"{C4BEEB8C-B9D2-4CD9-A2AA-1F3A1F57DF21}" = Works Suite-Betriebssystem-Pack
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0106CC2-E34B-4FA3-B6B6-91F0ACEA2CC3}" = Hearts of Iron III
"{D2C7B6D7-A4DA-4447-93C7-65D06A068F27}" = SBK(TM)09 (Demo)
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D6D425D2-803F-40E8-9D65-3DC00D577C11}" = NavyFIELD NorthAmerica
"{DD5B65F7-7CA5-4DE4-AEE7-7E8F26BF78F5}" = OpenOffice.org 2.3
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E5D24929-91A4-B0A1-DE00-AFC453921EF7}" = Catalyst Control Center Graphics Light
"{E6C09BFB-BA75-15C7-5B18-A2CE31C4F42B}" = Catalyst Control Center Graphics Previews Common
"{EDDDC607-91D9-4758-9F57-265FDCD8A772}" = Microsoft Works 7.0
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F6DD0D9E-C9C4-4CB9-91D4-39D665042151}" = German Landmarks FSX
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"259538F9B430E2EFD77FF23BCCEA06F735264EEF" = Windows Driver Package - Pinnacle Systems (3xHybrid) MEDIA (08/30/2005 1.3.3.0)
"2DBC1839DB68F9FDF98712F65581ED4735D4A40A" = Windows Driver Package - Pinnacle Systems (3xHybrid) MEDIA (08/30/2005 1.3.3.0)
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"9BB1E02AD36D0290FD110ACD847027286BC25C29" = Windows Driver Package - Pinnacle Systems (3xHybrid) MEDIA (08/30/2005 1.3.3.0)
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"CX4300_5500_DX4400 Handbuch" = CX4300_5500_DX4400 Handbuch
"Device Control" = Gerätesteuerung
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EAX" = Creative EAX-Konsole
"EAXSet" = Creative EAX-Einstellungen
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Free Studio_is1" = Free Studio version 4.2
"Hamachi" = Hamachi 1.0.3.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.0.0 (Basic)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.16)" = Mozilla Firefox (3.0.16)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Nero BurnRights!UninstallKey" = Nero BurnRights
"NeroVision!UninstallKey" = Nero Digital
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVEContent!UninstallKey" = NeroVision Express Content
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PunkBusterSvc" = PunkBuster Services
"RealAlt_is1" = Real Alternative 1.51
"RivaTuner" = RivaTuner v2.06
"Streamripper" = Streamripper (Remove only)
"SysInfo" = Creative-Systeminformationen
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"The Rosetta Stone" = The Rosetta Stone
"VLC media player" = VLC media player 1.0.1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"WinUHA_is1" = WinUHA 2.0 RC1 (2005.02.27)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2003Setup" = Microsoft Works 2003-Setup-Start
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Zylom Games Player Plugin" = Zylom Games Player Plugin

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 08.01.2010 13:52:24 | Computer Name = ASUS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung msiexec.exe, Version 4.5.6001.22159, fehlgeschlagenes
Modul msihnd.dll, Version 3.1.4001.5512, Fehleradresse 0x00036935.

Error - 08.01.2010 13:53:02 | Computer Name = ASUS | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: The server name or address could not be resolved
.

Error - 08.01.2010 13:53:18 | Computer Name = ASUS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung msiexec.exe, Version 4.5.6001.22159, fehlgeschlagenes
Modul msihnd.dll, Version 3.1.4001.5512, Fehleradresse 0x00036935.

Error - 08.01.2010 13:54:47 | Computer Name = ASUS | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: The server name or address could not be resolved
.

Error - 08.01.2010 13:55:00 | Computer Name = ASUS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung msiexec.exe, Version 4.5.6001.22159, fehlgeschlagenes
Modul msihnd.dll, Version 3.1.4001.5512, Fehleradresse 0x00036935.

Error - 08.01.2010 14:17:13 | Computer Name = ASUS | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: The server name or address could not be resolved
.

Error - 08.01.2010 14:17:16 | Computer Name = ASUS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung msiexec.exe, Version 4.5.6001.22159, fehlgeschlagenes
Modul msihnd.dll, Version 3.1.4001.5512, Fehleradresse 0x00036935.

Error - 08.01.2010 14:18:08 | Computer Name = ASUS | Source = EventSystem | ID = 4618
Description = Das COM+-Ereignissystem hat eine unerwartete Zugriffsverletzung bei
der Adresse 0x7C921129 ausgelöst, während es auf die Adresse 0x04312635 zuzugreifen
versuchte. Wenden Sie sich an den Microsoft-Produktsupport. ntdll!wcsncpy+0xbaa ole32!ComPs_NdrDllCanUnloadNow+0xfa
OLEAUT32!VariantInit+0x1e2
OLEAUT32!SysAllocStringLen+0x31
OLEAUT32!SysAllocString+0x22
es!+0x31bc5
es!+0x3228a
es!+0x25393
es!DllGetClassObject+0x704e
es!DllGetClassObject+0x165f
es!DllGetClassObject+0x1b10
es!+0x12661
es!+0x29d15
es!+0x2b14c
es!+0x2b394
es!+0x2b4d8
kernel32!GetModuleFileNameA+0x1ba

Error - 08.01.2010 14:22:52 | Computer Name = ASUS | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: The server name or address could not be resolved
.

Error - 08.01.2010 14:24:02 | Computer Name = ASUS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung msiexec.exe, Version 4.5.6001.22159, fehlgeschlagenes
Modul msihnd.dll, Version 3.1.4001.5512, Fehleradresse 0x00036935.

[ System Events ]
Error - 08.01.2010 14:20:58 | Computer Name = ASUS | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Avira
AntiVir Planer.

Error - 08.01.2010 14:20:58 | Computer Name = ASUS | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Avira AntiVir Planer" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053

Error - 08.01.2010 14:20:58 | Computer Name = ASUS | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Avira
AntiVir Guard.

Error - 08.01.2010 14:20:58 | Computer Name = ASUS | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Avira AntiVir Guard" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053

Error - 08.01.2010 14:20:58 | Computer Name = ASUS | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Media Center Extender Service" ist vom Dienst "SSDP Discovery
Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058

Error - 08.01.2010 14:20:58 | Computer Name = ASUS | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Microsoft Boot" wurde mit folgendem Fehler beendet: %%1114

Error - 08.01.2010 14:20:58 | Computer Name = ASUS | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Helper Support" wurde mit folgendem Fehler beendet: %%1114

Error - 08.01.2010 14:21:23 | Computer Name = ASUS | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst IMAPI-CD-Brenn-COM-Dienste.

Error - 08.01.2010 14:21:23 | Computer Name = ASUS | Source = Service Control Manager | ID = 7000
Description = Der Dienst "IMAPI-CD-Brenn-COM-Dienste" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053

Error - 08.01.2010 14:21:35 | Computer Name = ASUS | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "wuauserv"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {E60687F7-01A1-40AA-86AC-DB1CBF673334}


< End of report >

Alt 08.01.2010, 20:36   #5
MasterSMG
 
Viren problem - Standard

Viren problem



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:34:39, on 08.01.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\Programme\Logitech\G-series Software\LGDCore.exe
C:\Programme\Logitech\G-series Software\LCDMon.exe
C:\Programme\RivaTuner v2.06\RivaTuner.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programme\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe
C:\Programme\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
C:\Programme\Logitech\G-series Software\Applets\LCDClock.exe
C:\Programme\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Programme\TuneUp Utilities 2008\MemOptimizer.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.EXE
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe
C:\Downloads\ComboFix.exe
C:\Downloads\ComboFix.exe
C:\Downloads\test.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Downloads\test.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/fuji/defaults/su/*http://www.yahoo.com
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Programme\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Programme\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Programme\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [RivaTuner] "C:\Programme\RivaTuner v2.06\RivaTuner.exe" /T
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Programme\TuneUp Utilities 2008\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Games\PartyPoker\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Games\PartyPoker\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1212652453843
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.6.0_03) -
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15031/CTPID.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 9666 bytes


Alt 09.01.2010, 00:00   #6
undoreal
/// AVZ-Toolkit Guru
 
Viren problem - Standard

Viren problem



Schön, dass du versuchst dich selber zu informieren aber dieser Satz war ernst gemeint:
Zitat:
Ach ja, installiere keine anderen Anti irgendwas Programme mehr! Wir sagen dir was installiert wird und was nicht.


Also bitte unternimm ab jetzt nichts mehr auf eigene Faußt! Selber recherchieren ist sehr gut aber bevor du etwas machst sprich das bitte mit uns ab!

So, nun zurück zu deinem Problem:

Downloade dir AVZ auf folgendem Weg. Das sollte funktionieren:

Download:

1. Lege dir einen eigenen Ordner für AVZ unter folgendem Pfad an: C:\AVZ

2. Klicke mit einem rechts Klick auf diesen Link: Toolkit und wähle speichern unter:
  • Dateiname: 1111111.com und wähle als
  • Speicherort: C:\AVZ (den eben von dir erstellten Ordner)



3. Das Programm muss nicht installiert werden sondern ist direkt betriebsbereit.


Gehe danach genau so vor wie es weiter in der Anleitung beschrieben wird.
__________________
--> Viren problem

Geändert von undoreal (09.01.2010 um 00:06 Uhr)

Antwort

Themen zu Viren problem
abgebrochen, avira, dateien, fehler, gesperrt, hilfe!, hilfe!!, hilfe!!!, internet, kaspersky, klicke, mas, meldung, ordner, problem, programm, rechner, rum, sanduhr, seite, spybot, starten, viren, virus, warnung, windows, windows fehler



Ähnliche Themen: Viren problem


  1. Mögliches Viren Problem
    Log-Analyse und Auswertung - 12.06.2012 (1)
  2. Problem mit Viren
    Plagegeister aller Art und deren Bekämpfung - 19.12.2011 (45)
  3. Problem mit Viren vernichtung
    Plagegeister aller Art und deren Bekämpfung - 30.05.2011 (21)
  4. Viren Problem!
    Plagegeister aller Art und deren Bekämpfung - 16.12.2010 (10)
  5. Firefox problem, Anti-banner problem, Flashplayer problem, Viren problem?
    Plagegeister aller Art und deren Bekämpfung - 03.10.2010 (11)
  6. Längeres (Viren)Problem
    Plagegeister aller Art und deren Bekämpfung - 27.05.2010 (3)
  7. reader_s.exe - Problem mit div. Viren...
    Log-Analyse und Auswertung - 12.04.2010 (3)
  8. Hilfe, Viren Problem
    Plagegeister aller Art und deren Bekämpfung - 16.06.2009 (7)
  9. Trojaner/Viren Problem
    Plagegeister aller Art und deren Bekämpfung - 09.06.2009 (0)
  10. Erntes Viren Problem!
    Mülltonne - 12.11.2008 (0)
  11. Viren/Spybot Problem
    Plagegeister aller Art und deren Bekämpfung - 14.06.2008 (3)
  12. Problem mit Viren: Shark.gen, usw...
    Log-Analyse und Auswertung - 16.04.2008 (9)
  13. Viren und Bluescreen Problem
    Plagegeister aller Art und deren Bekämpfung - 26.02.2008 (2)
  14. Viren Problem
    Plagegeister aller Art und deren Bekämpfung - 26.03.2005 (6)
  15. HILFE!!! Viren problem
    Plagegeister aller Art und deren Bekämpfung - 27.11.2004 (2)
  16. Viren Problem
    Plagegeister aller Art und deren Bekämpfung - 16.03.2003 (11)
  17. Problem mit Viren
    Plagegeister aller Art und deren Bekämpfung - 14.02.2003 (26)

Zum Thema Viren problem - moin, ich habe ein riesen problem ich habe vor kurzem die fehler meldung bekommen das ich einen virus habe und habe den einfach in Karantäne verschoben/gelöscht und ich dachte es - Viren problem...
Archiv
Du betrachtest: Viren problem auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.