Trojaner-Board - MBAM Log hat einiges gefunden, löschen oder nicht?

sry, dass ich jetzt erst antworte, hatte viel um die ohren, hier die 2 Logfiles:

Ich habe nicht auf Quickscan gedrückt, sondern auf Scan, da er mir sonst nicht die Extra Logfile erstellt hätte.

Ich habe meinen SD Karten Reader mit der SD Karte angeschlossen ( Drive H: ), die auch mit dem Wurm befallen war (welchen ich aber "angeblich" gelöscht hab)

Code:

OTL logfile created on: 24.06.2010 16:48:13 - Run 5

OTL by OldTimer - Version 3.2.5.3     Folder = D:\Spiele\Movies

Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

512,00 Mb Total Physical Memory | 251,00 Mb Available Physical Memory | 49,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 80,00% Paging File free

Paging file location(s): C:\pagefile.sys 0 0D:\pagefile.sys 0 0 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 28,00 Gb Total Space | 1,24 Gb Free Space | 4,44% Space Free | Partition Type: NTFS

Drive D: | 46,53 Gb Total Space | 1,44 Gb Free Space | 3,10% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

Drive H: | 982,13 Mb Total Space | 93,42 Mb Free Space | 9,51% Space Free | Partition Type: FAT

I: Drive not present or media not loaded

 

Computer Name: Weggemacht

Current User Name: Weggemacht

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 90 Days

Output = Minimal

 
 ========== Processes (SafeList) ==========

 

PRC - D:\Spiele\Movies\OTL.exe (OldTimer Tools)

PRC - D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - D:\Programme\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)

PRC - D:\Programme\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)

PRC - D:\Programme\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)

PRC - D:\Programme\AVG\AVG8\avgam.exe (AVG Technologies CZ, s.r.o.)

PRC - D:\Programme\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

PRC - D:\Programme\Razer\DeathAdder\razerhid.exe ()

PRC - D:\Programme\Razer\DeathAdder\razerofa.exe (Razer Inc.)

PRC - D:\Programme\Razer\DeathAdder\razertra.exe ()

PRC - c:\Programme\Gemeinsame Dateien\Logitech\LVMVFM\LVPrcSrv.exe (Logitech Inc.)

PRC - C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)

PRC - C:\WINDOWS\system32\ElkCtrl.exe (Logitech Inc.)

PRC - C:\Programme\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\WINDOWS\system32\ezSP_Px.exe (Easy Systems Japan Ltd.)

PRC - C:\WINDOWS\LTSMMSG.exe (Lucent Technologies)

PRC - C:\WINDOWS\system32\Crypserv.exe (Kenonic Controls Ltd.)

 

 
 ========== Modules (SafeList) ==========

 

MOD - D:\Spiele\Movies\OTL.exe (OldTimer Tools)

MOD - C:\WINDOWS\system32\nview.dll ()

MOD - C:\WINDOWS\system32\nvwrsde.dll (NVIDIA Corporation)

MOD - C:\WINDOWS\system32\nvwddi.dll (NVIDIA Corporation)

MOD - C:\Programme\Gemeinsame Dateien\Logitech\LVMVFM\LVPrcInj.dll (Logitech Inc.)

MOD - C:\Programme\MarkAny\ContentSafer\MACSMANAGER.dll (MarkAny Cooperation.)

MOD - C:\WINDOWS\system32\SSSensor.dll (Sygate Technologies, Inc.)

MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (Microsoft Corporation)

MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (NMIndexingService) --  File not found

SRV - (MSCamSvc) --  File not found

SRV - (MBAMService) -- D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (avg8wd) -- D:\Programme\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()

SRV - (LVPrcSrv) -- c:\Programme\Gemeinsame Dateien\Logitech\LVMVFM\LVPrcSrv.exe (Logitech Inc.)

SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)

SRV - (SmcService) -- C:\Programme\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)

SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (MSSQL$SONY_MEDIAMGR) -- C:\Programme\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)

SRV - (SQLAgent$SONY_MEDIAMGR) -- C:\Programme\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation)

SRV - (SPTISRV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)

SRV - (Crypkey License) -- C:\WINDOWS\System32\Crypserv.exe (Kenonic Controls Ltd.)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)

DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (AvgRkx86) -- C:\WINDOWS\System32\Drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)

DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)

DRV - (DAdderFltr) -- C:\WINDOWS\system32\drivers\dadder.sys (Razer (Asia-Pacific) Pte Ltd)

DRV - (scramby) -- C:\WINDOWS\system32\drivers\scramby.sys (RapidSolution Software AG)

DRV - (VX1000) -- C:\WINDOWS\system32\drivers\VX1000.sys (Microsoft Corporation)

DRV - (SVKP) -- C:\WINDOWS\system32\SVKP.sys (AntiCracking)

DRV - (lvmvdrv) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys ()

DRV - (LVPrcMon) -- C:\WINDOWS\system32\drivers\LVPrcMon.sys ()

DRV - (Lvckap) -- C:\WINDOWS\system32\drivers\Lvckap.sys ()

DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)

DRV - (LVUVC) Logitech QuickCam Pro 5000(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)

DRV - (lvpopflt) -- C:\WINDOWS\system32\drivers\lvpopflt.sys (Logitech Inc.)

DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)

DRV - (SPCP825K) -- C:\WINDOWS\system32\drivers\SPCP825K.sys (SUNPLUS TECHNOLOGY Co., LTD.)

DRV - (wg6n) -- C:\WINDOWS\SYSTEM32\Drivers\wg6n.sys (Sygate Technologies, Inc.)

DRV - (wg5n) -- C:\WINDOWS\SYSTEM32\Drivers\wg5n.sys (Sygate Technologies, Inc.)

DRV - (wg4n) -- C:\WINDOWS\SYSTEM32\Drivers\wg4n.sys (Sygate Technologies, Inc.)

DRV - (wg3n) -- C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys (Sygate Technologies, Inc.)

DRV - (wpsdrvnt) -- C:\WINDOWS\system32\drivers\wpsdrvnt.sys (Sygate Technologies, Inc.)

DRV - (Teefer) -- C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys (Sygate Technologies, Inc.)

DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation)

DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)

DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)

DRV - (UDTT2BDA) -- C:\WINDOWS\system32\drivers\UDTT2BDA.sys (DTV-DVB)

DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)

DRV - (SONYWBMS) Sony Memory Stick controller(WB) -- C:\WINDOWS\system32\drivers\SonyWBMS.sys (Sony Corporation)

DRV - (sisagp) -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys (Silicon Integrated Systems Corporation)

DRV - (WDM_YAMAHAAC97) -- C:\WINDOWS\system32\drivers\yacxgc.sys (YAMAHA CORPORATION)

DRV - (LucentSoftModem) -- C:\WINDOWS\system32\drivers\ltsm.sys (Lucent Technologies)

DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\R8139n51.sys (Realtek Semiconductor Corporation)

DRV - (camvid20) -- C:\WINDOWS\system32\drivers\camdrv21.sys (Microsoft Corporation)

DRV - (s3m) -- C:\WINDOWS\system32\drivers\s3m.sys (S3 Incorporated)

DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation)

DRV - (NetworkX) -- C:\WINDOWS\system32\ckldrv.sys ()

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.live.com/sphome.aspx

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.live.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found

IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = <local>

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"

FF - prefs.js..browser.search.suggest.enabled: false

FF - prefs.js..browser.search.update: false

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "www.google.de"

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2

FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1.1

FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.9

FF - prefs.js..extensions.enabledItems: {46868735-c3fa-47ce-8ce7-cce51a66aceb}:1.2

FF - prefs.js..extensions.enabledItems: facepad@lazyrussian.com:0.7.3

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {fd2f951f-77ea-4938-9493-0c892c027a13}:0.9.7

FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q="

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: D:\Programme\AVG\AVG8\Firefox [2010.01.07 12:19:04 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.06.24 16:08:02 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.06.24 16:08:02 | 000,000,000 | ---D | M]

 

[2008.08.26 22:43:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions

[2010.06.24 00:14:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\c9kgigm7.default\extensions

[2010.05.22 23:31:37 | 000,000,000 | ---D | M] (Stylish) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\c9kgigm7.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}

[2008.08.27 14:15:40 | 000,000,000 | ---D | M] (oldbar) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\c9kgigm7.default\extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb}

[2010.05.04 10:57:36 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\c9kgigm7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2010.03.24 10:51:48 | 000,000,000 | ---D | M] (BlockSite) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\c9kgigm7.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}

[2010.01.04 14:41:28 | 000,000,000 | ---D | M] (Firefox 2, the theme, reloaded) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\c9kgigm7.default\extensions\{fd2f951f-77ea-4938-9493-0c892c027a13}

[2010.05.29 09:30:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\c9kgigm7.default\extensions\facepad@lazyrussian.com

[2010.01.08 10:45:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\c9kgigm7.default\extensions\piclens@cooliris.com

[2010.01.04 14:41:33 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\c9kgigm7.default\extensions\{fd2f951f-77ea-4938-9493-0c892c027a13}\chrome\mozapps\extensions

[2010.06.24 00:14:02 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions

[2010.06.06 18:28:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll

[2006.02.25 13:50:09 | 000,114,688 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\npmozax.dll

[2010.03.22 16:00:33 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml

[2010.03.22 16:00:33 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml

[2010.03.22 16:00:33 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml

[2010.03.22 16:00:33 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml

[2010.03.22 16:00:33 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2009.05.17 18:59:29 | 000,228,764 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1        localhost

O1 - Hosts: 127.0.0.1        www.iframedollars.biz

O1 - Hosts: 127.0.0.1        iframedollars.biz

O1 - Hosts: 127.0.0.1        www.allforadult.com

O1 - Hosts: 127.0.0.1        allforadult.com

O1 - Hosts: 127.0.0.1        www.vesbiz.biz

O1 - Hosts: 127.0.0.1        vesbiz.biz

O1 - Hosts: 127.0.0.1        www.aaasexypics.com

O1 - Hosts: 127.0.0.1        aaasexypics.com

O1 - Hosts: 127.0.0.1        www.virgin-tgp.net

O1 - Hosts: 127.0.0.1        virgin-tgp.net

O1 - Hosts: 127.0.0.1        www.5sec.biz

O1 - Hosts: 127.0.0.1        5sec.biz

O1 - Hosts: 127.0.0.1        conyc.com

O1 - Hosts: 127.0.0.1        www.007guard.com

O1 - Hosts: 127.0.0.1        007guard.com

O1 - Hosts: 127.0.0.1        008i.com

O1 - Hosts: 127.0.0.1        www.008k.com

O1 - Hosts: 127.0.0.1        008k.com

O1 - Hosts: 127.0.0.1        www.00hq.com

O1 - Hosts: 127.0.0.1        00hq.com

O1 - Hosts: 127.0.0.1        010402.com

O1 - Hosts: 127.0.0.1        www.032439.com

O1 - Hosts: 127.0.0.1        032439.com

O1 - Hosts: 127.0.0.1        www.1001-search.info

O1 - Hosts: 8020 more lines...

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Programme\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)

O3 - HKCU\..\Toolbar\ShellBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)

O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AVG8_TRAY] D:\Programme\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [DeathAdder] D:\Programme\Razer\DeathAdder\razerhid.exe ()

O4 - HKLM..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe (Easy Systems Japan Ltd.)

O4 - HKLM..\Run: [KernelFaultCheck]  File not found

O4 - HKLM..\Run: [LogitechCameraService(E)] C:\WINDOWS\System32\ElkCtrl.exe (Logitech Inc.)

O4 - HKLM..\Run: [LTSMMSG] C:\WINDOWS\LTSMMSG.exe (Lucent Technologies)

O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKLM..\Run: [SmcService] C:\Programme\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre6\bin\jusched.exe File not found

O4 - HKCU..\Run: [MessengerDiscovery] C:\Programme\MessengerDiscovery\MessengerDiscovery.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 16895

O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre6\bin\npjpi160_20.dll (Sun Microsystems, Inc.)

O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Spiele\ICQLite\ICQLite.exe File not found

O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Spiele\ICQLite\ICQLite.exe File not found

O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O15 - HKCU\..Trusted Domains: sony-europe.com ([]* in Trusted sites)

O15 - HKCU\..Trusted Domains: sonystyle-europe.com ([]* in Trusted sites)

O15 - HKCU\..Trusted Domains: vaio-link.com ([]* in Trusted sites)

O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} hxxp://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab (Minesweeper Flags Class)

O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1275846902328 (WUWebControl Class)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1275846892500 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} hxxp://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab (MessengerStatsClient Class)

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} hxxp://messenger.msn.com/download/msnmessengersetupdownloader.cab (MsnMessengerSetupDownloadControl Class)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)

O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Programme\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe) - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe (Microsoft Corporation)

O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {88485281-8b4b-4f8d-9ede-82e29a064277} - C:\Programme\MarkAny\ContentSafer\MACSMANAGER.dll (MarkAny Cooperation.)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2002.11.28 22:22:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{2271acfd-0839-11df-b070-00e018e43330}\Shell - "" = AutoRun

O33 - MountPoints2\{2271acfd-0839-11df-b070-00e018e43330}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{2271acfd-0839-11df-b070-00e018e43330}\Shell\AutoRun\command - "" = H:\Startme.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 -  File not found

NetSvcs: Ias - C:\WINDOWS\system32\ias [2002.11.28 22:22:02 | 000,000,000 | ---D | M]

NetSvcs: Iprip -  File not found

NetSvcs: Irmon -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)

NetSvcs: WmdmPmSp -  File not found

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point (17746478449557504)

 
 ========== Files/Folders - Created Within 90 Days ==========

 

[2010.06.22 18:19:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Adobe Scripts

[2010.06.17 10:03:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Apple

[2010.06.06 22:19:21 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0

[2010.06.06 22:18:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates

[2010.06.06 22:07:06 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft CAPICOM 2.1.0.2

[2010.06.06 22:04:26 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe

[2010.06.06 22:03:48 | 000,454,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys

[2010.06.06 22:03:32 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll

[2010.06.06 22:03:31 | 001,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll

[2010.06.06 22:03:30 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll

[2010.06.06 22:02:41 | 000,352,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys

[2010.06.06 22:01:39 | 000,470,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll

[2010.06.06 21:59:27 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll

[2010.06.06 21:58:21 | 002,060,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe

[2010.06.06 21:58:20 | 002,183,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe

[2010.06.06 21:58:20 | 002,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe

[2010.06.06 21:58:20 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll

[2010.06.06 21:58:19 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll

[2010.06.06 21:58:18 | 002,139,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe

[2010.06.06 21:57:48 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll

[2010.06.06 21:57:44 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll

[2010.06.06 21:57:05 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys

[2010.06.06 19:55:32 | 000,015,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui

[2010.06.06 19:53:32 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\***\PrivacIE

[2010.06.06 19:50:36 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\***\IETldCache

[2010.06.06 19:32:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM

[2010.06.06 19:31:04 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8

[2010.06.06 18:28:55 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll

[2010.06.06 18:28:55 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2010.06.06 18:28:55 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2010.06.06 18:28:55 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2010.06.06 18:14:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun

[2010.06.06 17:35:14 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll

[2010.06.06 16:35:58 | 008,495,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll

[2010.06.06 13:38:34 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\Lfwpg70n.dll

[2010.06.06 13:38:33 | 000,350,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\LTKRN70N.DLL

[2010.06.06 13:38:33 | 000,224,768 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\LFCMP70N.DLL

[2010.06.06 13:38:33 | 000,111,104 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\Lfpng70n.dll

[2010.06.06 13:38:33 | 000,093,184 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\LFTIF70N.DLL

[2010.06.06 13:38:33 | 000,055,808 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\LFFAX70N.DLL

[2010.06.06 13:38:33 | 000,055,296 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\LTFIL70N.DLL

[2010.06.06 13:38:33 | 000,035,328 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\LFFPX70N.DLL

[2010.06.06 13:38:33 | 000,032,768 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\Lfgif70n.dll

[2010.06.06 13:38:33 | 000,028,672 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\LFLMA70N.DLL

[2010.06.06 13:38:33 | 000,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\LFICA70N.DLL

[2010.06.06 13:38:33 | 000,025,088 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\LFLMB70N.DLL

[2010.06.06 13:38:33 | 000,024,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\Lfpcx70n.dll

[2010.06.06 13:38:33 | 000,024,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\LFBMP70N.DLL

[2010.06.06 13:38:33 | 000,024,064 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\LFPCT70N.DLL

[2010.06.06 13:38:33 | 000,024,064 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\Lfeps70n.dll

[2010.06.06 13:38:33 | 000,022,016 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\Lfpsd70n.dll

[2010.06.06 13:38:33 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\Lftga70n.dll

[2010.06.06 13:38:33 | 000,020,480 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\LFIMG70N.DLL

[2010.06.06 13:38:33 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\LFCAL70N.DLL

[2010.06.06 13:38:33 | 000,019,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\Lfras70n.dll

[2010.06.06 13:38:33 | 000,019,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\LFPCD70N.DLL

[2010.06.06 13:38:33 | 000,019,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\Lfmsp70n.dll

[2010.06.06 13:38:33 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\Lfwfx70n.dll

[2010.06.06 13:38:33 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\LFMAC70N.DLL

[2010.06.06 13:38:33 | 000,017,920 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System\LFAVI70N.DLL

[2010.06.06 13:38:32 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\System\Pcdlib32.dll

[2010.06.06 13:38:21 | 000,000,000 | ---D | C] -- C:\Programme\BearPaw 1200CU

[2010.06.05 13:17:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes

[2010.06.05 13:16:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010.06.05 13:16:51 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010.06.05 13:16:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

[2010.05.21 00:28:47 | 000,000,000 | ---D | C] -- C:\Programme\Seagate

[2010.05.21 00:25:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel

[2010.05.06 20:30:35 | 000,000,000 | ---D | C] -- C:\Programme\MSECache

[2010.04.14 12:21:24 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip

[2010.04.13 20:10:34 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DVDVideoSoft

[2010.03.29 20:53:28 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll

[2010.03.29 20:52:03 | 000,000,000 | ---D | C] -- C:\Programme\iPod

[2010.03.29 20:51:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[2010.03.29 20:50:23 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour

[2010.03.29 20:47:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Apple

[2010.03.29 20:47:06 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update

[2010.03.29 20:46:51 | 002,065,696 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll

[2010.03.29 20:45:43 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Apple

[2010.03.29 20:45:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple

[2004.11.24 20:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]

[16 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\Programme\*.tmp files -> C:\Programme\*.tmp -> ]

[1 C:\*.tmp files -> C:\*.tmp -> ]

 
 ========== Files - Modified Within 90 Days ==========

 

[2010.06.24 15:35:21 | 000,192,454 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2010.06.24 15:34:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010.06.24 15:34:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010.06.24 15:34:23 | 536,449,024 | -HS- | M] () -- C:\hiberfil.sys

[2010.06.24 15:34:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs

[2010.06.24 13:45:29 | 018,612,224 | ---- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.dat

[2010.06.24 02:57:35 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.ini

[2010.06.23 23:33:25 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010.06.23 11:27:16 | 061,351,799 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm

[2010.06.22 01:46:58 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2010.06.20 22:13:54 | 000,064,740 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Bild1.jpg

[2010.06.19 15:22:09 | 000,005,112 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Bild2.JPG

[2010.06.19 15:06:52 | 000,045,672 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Joa3.JPG

[2010.06.18 22:32:18 | 000,098,063 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Okay4.JPG

[2010.06.17 10:03:05 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2010.06.16 12:48:03 | 000,174,080 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010.06.13 21:56:09 | 000,426,778 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2010.06.13 21:56:09 | 000,413,166 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010.06.13 21:56:09 | 000,067,260 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010.06.13 21:56:08 | 000,992,322 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010.06.13 21:56:08 | 000,079,480 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2010.06.07 20:49:19 | 000,018,089 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Iphone4.jpg

[2010.06.07 20:48:01 | 000,045,806 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Iphone42.jpg

[2010.06.07 00:28:29 | 000,124,664 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT

[2010.06.06 23:28:10 | 000,024,064 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Ka.doc

[2010.06.06 22:51:25 | 001,678,736 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010.06.06 22:26:40 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2010.06.06 22:12:10 | 000,001,087 | ---- | M] () -- C:\WINDOWS\win.ini

[2010.06.01 23:00:50 | 000,020,480 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Nach.doc

[2010.05.25 22:04:23 | 000,161,479 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Okkk.jpg

[2010.05.22 18:06:18 | 000,230,144 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Okk5.jpg

[2010.05.21 12:51:40 | 002,304,154 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\CIMG6007.JPG

[2010.05.21 12:49:52 | 002,025,875 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\CIMG6004.JPG

[2010.05.21 12:48:08 | 002,288,715 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\CIMG6001.JPG

[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010.04.18 04:07:08 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI

[2010.04.12 17:29:27 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2010.04.12 17:29:26 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2010.04.12 17:29:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll

[2010.04.12 15:19:02 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]

[16 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\Programme\*.tmp files -> C:\Programme\*.tmp -> ]

[1 C:\*.tmp files -> C:\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2010.06.20 22:13:43 | 000,064,740 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Bild1.jpg

[2010.06.19 15:22:09 | 000,005,112 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Bild2.JPG

[2010.06.19 15:06:52 | 000,045,672 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Joa3.JPG

[2010.06.18 22:32:18 | 000,098,063 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Okay4.JPG

[2010.06.07 20:49:18 | 000,018,089 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Iphone4.jpg

[2010.06.07 20:47:49 | 000,045,806 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Iphone42.jpg

[2010.06.06 13:38:33 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System\LFFPX7.DLL

[2010.06.06 13:38:31 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System\BPEnhan.dll

[2010.06.06 13:38:25 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System\Capi2032.dll

[2010.06.06 13:38:23 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System\LFKODAK.DLL

[2010.06.01 14:22:01 | 000,020,480 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Nach.doc

[2010.05.25 22:04:22 | 000,161,479 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\okkk.jpg

[2010.05.23 21:36:39 | 002,304,154 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\CIMG6007.JPG

[2010.05.23 21:36:33 | 002,288,715 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\CIMG6001.JPG

[2010.05.23 21:36:32 | 002,025,875 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\CIMG6004.JPG

[2010.05.22 17:42:24 | 000,230,144 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Hso.jpg

[2010.05.14 15:04:10 | 000,024,064 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Ka.doc

[2010.03.29 20:47:21 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2010.03.26 11:39:06 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI

[2009.06.25 13:45:22 | 000,000,209 | ---- | C] () -- C:\WINDOWS\WINCMD.INI

[2009.01.15 09:19:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll

[2009.01.15 09:19:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll

[2009.01.15 09:19:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll

[2009.01.15 09:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll

[2008.12.19 16:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll

[2008.12.17 18:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll

[2008.12.17 18:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll

[2008.12.17 18:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2008.12.17 18:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll

[2008.12.17 17:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll

[2008.12.11 12:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2008.11.20 16:57:18 | 000,013,126 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini

[2008.11.20 16:38:12 | 000,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini

[2008.08.26 03:26:25 | 000,000,065 | ---- | C] () -- C:\WINDOWS\FISHUI.INI

[2008.08.25 22:04:38 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\LAME_MP3.dll

[2008.07.26 14:06:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PhoneBkExe.INI

[2008.05.26 20:14:00 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll

[2008.05.26 20:14:00 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll

[2008.05.26 20:14:00 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll

[2008.05.26 20:14:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\Ogg.dll

[2007.11.18 03:24:09 | 000,000,051 | ---- | C] () -- C:\WINDOWS\TSetup.INI

[2007.08.13 02:10:48 | 000,000,031 | ---- | C] () -- C:\WINDOWS\custvoic.ini

[2007.06.09 20:51:22 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll

[2007.01.12 01:57:49 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Iedit.INI

[2006.09.11 19:59:34 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX1000.ini

[2006.09.01 17:47:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PanelExe.INI

[2006.09.01 17:47:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EngineExe.INI

[2006.09.01 17:47:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AlbumExe.INI

[2006.09.01 17:42:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VideoExe.INI

[2006.09.01 17:41:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MelodyExe.INI

[2006.09.01 17:36:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\FileMgrExe.INI

[2006.09.01 17:30:03 | 000,000,721 | ---- | C] () -- C:\WINDOWS\Remove.ini

[2006.08.27 01:34:48 | 000,000,089 | ---- | C] () -- C:\WINDOWS\ULead32.ini

[2006.07.07 21:30:22 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\ts.dll

[2006.07.03 08:39:36 | 000,941,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\CAMTHWDM.sys

[2006.05.02 19:56:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI

[2006.04.10 00:16:49 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2005.12.09 16:37:42 | 002,400,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVMVdrv.sys

[2005.12.09 16:37:42 | 000,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys

[2005.12.09 16:35:54 | 002,174,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys

[2005.12.08 21:09:25 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll

[2005.10.16 19:11:35 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys

[2005.08.24 17:09:45 | 000,000,016 | ---- | C] () -- C:\WINDOWS\SCN.ini

[2005.08.22 16:25:13 | 000,308,736 | ---- | C] () -- C:\WINDOWS\System32\fpxlib.dll

[2005.08.22 16:25:13 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System32\jpeglib.dll

[2005.08.22 16:24:58 | 000,000,679 | ---- | C] () -- C:\WINDOWS\videoimp.ini

[2005.08.22 16:24:32 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll

[2005.07.13 15:05:56 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\winxp32.sys

[2005.05.28 17:40:22 | 000,006,852 | ---- | C] () -- C:\WINDOWS\System32\drivers\Vcs.sys

[2005.04.28 06:22:34 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll

[2005.04.28 06:22:34 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll

[2005.04.25 16:14:24 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini

[2005.03.03 16:18:59 | 000,000,684 | ---- | C] () -- C:\WINDOWS\Sof.INI

[2005.02.22 21:12:27 | 000,000,056 | ---- | C] () -- C:\WINDOWS\Crypkey.ini

[2005.02.22 21:12:22 | 000,024,608 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys

[2005.02.22 21:12:22 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll

[2005.01.18 22:45:29 | 000,000,016 | ---- | C] () -- C:\WINDOWS\odbctrp.ini

[2005.01.03 15:23:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\sqlhpif.dll

[2004.12.31 15:37:35 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

[2004.12.20 19:13:39 | 000,001,962 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2004.12.16 19:00:04 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS47.DLL

[2004.12.07 21:31:36 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2004.10.15 19:31:56 | 000,218,264 | ---- | C] () -- C:\WINDOWS\System32\SetAid.dll

[2004.10.08 14:45:12 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll

[2004.10.03 18:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll

[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

[2002.11.29 15:39:08 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2002.11.29 13:57:51 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll

[2002.11.29 13:52:19 | 000,000,040 | ---- | C] () -- C:\WINDOWS\System32\sx5363.ini

[2002.11.29 13:34:16 | 000,262,416 | ---- | C] () -- C:\WINDOWS\System32\ASFV2.DLL

[2002.11.29 13:33:19 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll

[2002.11.29 10:22:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\winio.sys

[2002.11.28 23:11:57 | 000,002,910 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2002.11.28 22:26:01 | 000,000,857 | ---- | C] () -- C:\WINDOWS\orun32.ini

[2002.05.18 00:18:30 | 000,124,928 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll

[2000.07.27 02:13:02 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll

[1999.01.27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll

 
 ========== LOP Check ==========

 

[2008.03.02 01:15:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Grisoft

[2008.07.14 13:06:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ

[2007.06.15 22:25:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Messenger Plus!

[2007.06.04 20:08:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Screaming Bee

[2009.07.16 14:40:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan

[2007.02.20 21:29:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sony

[2010.06.24 02:55:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP

[2006.10.08 21:10:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software

[2005.09.15 22:46:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems

[2007.06.20 17:06:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint

[2009.06.25 10:22:34 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{55A29068-F2CE-456C-9148-C869879E2357}

[2010.03.29 20:53:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[2007.06.20 17:28:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\acccore

[2008.08.26 01:46:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\DataCast

[2009.06.06 12:31:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\dBpoweramp

[2009.09.16 23:29:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Fit3DLive

[2006.10.31 15:25:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\FlashFXP

[2008.01.02 13:20:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Gadu-Gadu

[2006.09.14 14:34:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\GeoVid

[2010.06.11 12:21:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQ

[2005.02.22 23:09:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQLite

[2002.11.29 13:31:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\InterTrust

[2006.04.25 21:31:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\MCMPEGEnc

[2006.12.16 19:21:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Pegasys Inc

[2007.02.20 21:46:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Publish Providers

[2007.06.04 20:08:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Screaming Bee

[2007.04.01 11:45:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Sony

[2006.10.06 13:50:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Teleca

[2005.03.15 16:48:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Tenebril

[2006.10.07 00:28:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\TuneUp Software

[2005.05.21 19:46:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Ulead Systems

[2006.10.24 20:24:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Uniblue

[2009.11.17 20:27:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Unity
 

[2005.01.03 19:06:41 | 000,000,270 | ---- | M] () -- C:\WINDOWS\Tasks\XoftSpy.job

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 

 
 < %SYSTEMDRIVE%\*.* >

[2006.01.17 23:39:45 | 000,000,178 | ---- | M] () -- C:\548e30bc.txt

[2006.03.18 03:09:26 | 000,000,208 | ---- | M] () -- C:\548e4d0e.txt

[2005.05.29 13:28:02 | 000,000,166 | ---- | M] () -- C:\548e6363.txt

[2006.05.09 14:49:42 | 000,000,167 | ---- | M] () -- C:\548e65e9.txt

[2006.02.23 22:12:38 | 000,000,168 | ---- | M] () -- C:\548e6a46.txt

[2005.08.13 14:30:07 | 000,000,170 | ---- | M] () -- C:\548e7af7.txt

[2002.11.28 22:22:31 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2009.06.26 07:28:00 | 000,000,389 | RHS- | M] () -- C:\boot.ini

[2002.08.29 14:00:00 | 000,004,952 | RHS- | M] () -- C:\bootfont.bin

[2002.11.28 22:22:31 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2008.05.08 14:37:57 | 000,000,319 | ---- | M] () -- C:\drmHeader.bin

[2010.06.24 15:34:23 | 536,449,024 | -HS- | M] () -- C:\hiberfil.sys

[2006.09.01 17:34:46 | 000,544,472 | ---- | M] () -- C:\HMV9Inst.log

[2007.02.05 01:02:18 | 000,000,167 | ---- | M] () -- C:\ICQLite.log

[2007.03.06 20:23:18 | 000,003,015 | ---- | M] () -- C:\INSTALL.LOG

[2002.11.28 22:22:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2006.09.01 17:35:49 | 000,003,537 | ---- | M] () -- C:\MALog.txt

[2006.05.20 21:56:04 | 000,000,081 | ---- | M] () -- C:\MessengerDiscoveryDebug.log

[2010.04.13 20:03:40 | 000,050,899 | ---- | M] () -- C:\MP4debug.log

[2008.08.25 23:32:56 | 000,000,176 | ---- | M] () -- C:\mp4log.txt

[2002.11.28 22:22:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2004.12.05 02:07:22 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2004.12.05 02:07:22 | 000,251,184 | RHS- | M] () -- C:\ntldr

[2010.06.24 15:34:21 | 804,569,088 | -HS- | M] () -- C:\pagefile.sys

[2008.06.03 14:16:54 | 000,001,812 | ---- | M] () -- C:\PhMgr.log

[2007.11.22 15:27:39 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm

[2008.01.21 08:21:46 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm

[2008.02.04 17:53:26 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm

[2008.04.27 18:32:45 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm

[2008.04.27 18:32:45 | 000,000,148 | -H-- | M] () -- C:\sqmdata04.sqm

[2008.04.27 18:32:45 | 000,000,148 | -H-- | M] () -- C:\sqmdata05.sqm

[2008.05.30 19:31:34 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm

[2008.07.11 18:37:52 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm

[2009.07.11 21:06:27 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm

[2009.07.11 21:06:27 | 000,000,148 | -H-- | M] () -- C:\sqmdata09.sqm

[2007.11.22 15:27:39 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm

[2008.01.21 08:21:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm

[2008.02.04 17:53:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm

[2008.04.27 18:32:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm

[2008.04.27 18:32:45 | 000,000,136 | -H-- | M] () -- C:\sqmnoopt04.sqm

[2008.05.30 19:31:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm

[2008.07.11 18:37:52 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm

[2009.07.11 21:06:27 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm

[2009.07.11 21:06:27 | 000,000,136 | -H-- | M] () -- C:\sqmnoopt08.sqm

[2006.09.14 21:52:11 | 000,117,640 | ---- | M] () -- C:\test.htm

[2006.02.01 01:17:53 | 000,000,522 | ---- | M] () -- C:\Vtterr.log

[2010.06.06 00:08:45 | 000,002,688 | ---- | M] () -- C:\Win32.Worm.Downladup.Gen.log

[1 C:\*.tmp files -> C:\*.tmp -> ]

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

[16 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 
 < %systemroot%\Tasks\*.job /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

[2002.11.28 23:14:39 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav

[2002.11.28 23:14:39 | 000,606,208 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav

[2002.11.28 23:14:39 | 000,393,216 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

 
 < %systemroot%\system32\drivers\*.sys /90 >

[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys

[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 99 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:EF6E4E62

@Alternate Data Stream - 365 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF

< End of report >

Code:

OTL Extras logfile created on: 24.06.2010 16:48:13 - Run 5

OTL by OldTimer - Version 3.2.5.3     Folder = D:\Spiele\Movies

Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

512,00 Mb Total Physical Memory | 251,00 Mb Available Physical Memory | 49,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 80,00% Paging File free

Paging file location(s): C:\pagefile.sys 0 0D:\pagefile.sys 0 0 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 28,00 Gb Total Space | 1,24 Gb Free Space | 4,44% Space Free | Partition Type: NTFS

Drive D: | 46,53 Gb Total Space | 1,44 Gb Free Space | 3,10% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

Drive H: | 982,13 Mb Total Space | 93,42 Mb Free Space | 9,51% Space Free | Partition Type: FAT

I: Drive not present or media not loaded

 

Computer Name: Weggemacht

Current User Name: Weggemacht

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 90 Days

Output = Minimal

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Directory [Winamp.Bookmark] -- "D:\Spiele\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)

Directory [Winamp.Enqueue] -- "D:\Spiele\Winamp\winamp.exe" /ADD "%1" (Nullsoft)

Directory [Winamp.Play] -- "D:\Spiele\Winamp\winamp.exe" "%1" (Nullsoft)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirewallDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"1295:TCP" = 1295:TCP:*:Enabled:kpouggn

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Programme\Gadu-Gadu\gg.exe" = C:\Programme\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program glowny -- (Gadu-Gadu S.A.)

"D:\Spiele\EA GAMES\Nightfire\Bond.exe" = D:\Spiele\EA GAMES\Nightfire\Bond.exe:*:Enabled:Bond -- File not found

"D:\Spiele\Steam\Steam.exe" = D:\Spiele\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)

"D:\Spiele\Steam1\Steam.exe" = D:\Spiele\Steam1\Steam.exe:*:Enabled:Steam -- File not found

"D:\Spiele\Steam1\SteamApps\ichbins893492\counter-strike\hl.exe" = D:\Spiele\Steam1\SteamApps\ichbins893492\counter-strike\hl.exe:*:Enabled:Half-Life Launcher -- File not found

"C:\Dokumente und Einstellungen\***\Eigene Dateien\incredimail_install.exe" = C:\Dokumente und Einstellungen\***\Eigene Dateien\incredimail_install.exe:*:Enabled:IncrediMail Installer -- File not found

"C:\Programme\WinMX\WinMX.exe" = C:\Programme\WinMX\WinMX.exe:*:Enabled:WinMX Application -- File not found

"C:\Programme\ICQLite\ICQLite.exe" = C:\Programme\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite -- File not found

"C:\Programme\Java\j2re1.4.2_03\bin\javaw.exe" = C:\Programme\Java\j2re1.4.2_03\bin\javaw.exe:*:Enabled:javaw -- ()

"C:\Programme\Yahoo!\Messenger\YPager.exe" = C:\Programme\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger -- File not found

"C:\Programme\Yahoo!\Messenger\YServer.exe" = C:\Programme\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- File not found

"D:\Spiele\Skype\Phone\Skype.exe" = D:\Spiele\Skype\Phone\Skype.exe:*:Enabled:Skype -- File not found

"C:\Programme\Tlen.pl\tlen.exe" = C:\Programme\Tlen.pl\tlen.exe:*:Enabled:Komunikator Tlen.pl -- (o2.pl Sp. z o.o.)

"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)

"D:\Spiele\ICQLite\ICQLite.exe" = D:\Spiele\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite -- File not found

"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)

"C:\Programme\Gemeinsame Dateien\AOL\Loader\aolload.exe" = C:\Programme\Gemeinsame Dateien\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- File not found

"C:\Programme\Gemeinsame Dateien\AOL\1182351920\ee\aolsoftware.exe" = C:\Programme\Gemeinsame Dateien\AOL\1182351920\ee\aolsoftware.exe:*:Enabled:AOL Services -- File not found

"C:\Programme\Gemeinsame Dateien\AOL\1182351920\ee\aim6.exe" = C:\Programme\Gemeinsame Dateien\AOL\1182351920\ee\aim6.exe:*:Enabled:AIM -- File not found

"D:\Programme\ICQ6\ICQ.exe" = D:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found

"D:\Programme\AVG\AVG8\avgupd.exe" = D:\Programme\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)

"D:\Programme\AVG\AVG8\avgnsx.exe" = D:\Programme\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)

"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)

"C:\Programme\Microsoft LifeCam\LifeExp.exe" = C:\Programme\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- File not found

"D:\Programme\ICQ6.5\ICQ.exe" = D:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)

"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

"D:\Programme\iTunes\iTunes.exe" = D:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

"D:\Spiele\Steam\SteamApps\ichbins893492\counter-strike\hl.exe" = D:\Spiele\Steam\SteamApps\ichbins893492\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour

"{117C01B5-9D68-4A15-85E2-A7CDFA82CEB9}" = OpenMG Secure Module 3.1

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2366D960-F00F-11D3-99D3-00C04FCCB775}" = VAIO System Information

"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2

"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 20

"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime

"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3B24B725-D81F-442D-8CE5-2AF05A4A4CC9}" = Music Visualizer Library 1.4.00

"{3C67D8C0-F0EC-11D3-99D3-00C04FCCB775}" = VAIO Action Setup

"{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}" = Skype Plugin Manager

"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger

"{49FC50FC-F965-40D9-89B4-CBFF80941031}" = Windows Movie Maker 2.0

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4EAD2E21-1D4A-4E2B-A082-8D08961539C9}" = Microsoft Works Suite-Add-Ins für Microsoft Word

"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent

"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call

"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5

"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup

"{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VOR

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings

"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0

"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03

"{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}" = SonicStage 

"{81063354-9060-42B2-A000-1EBE96778AA9}" = iTunes

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{84B2CF01-194D-2284-B313-F2E0D78D1031}" = Nero 7 Demo

"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{96965E6C-41DB-4E0A-BC65-D92381D51D2A}" = Sony Vegas 7.0

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support

"{AB3F9E62-1C4A-45DA-96E4-BFEB26C73F18}" = USB to UART Adapter Driver Installer

"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch

"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup

"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player

"{C191BE7C-8542-4A61-973A-714EF76C5995}" = Logitech QuickCam-Software

"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax

"{C19DBE5E-712E-4F02-8380-ECEDD951B374}" = Fujitsu Siemens Computers digital TV

"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio

"{C9E129BC-27D3-436E-BAAC-4CE81E0962F1}" = Sony Media Manager 2.2

"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)

"{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}" = Razer DeathAdder(TM) Mouse

"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F34D9A5F-484A-4E31-A9D3-908CB265B289}" = Sygate Personal Firewall

"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials

"{FE58B892-3825-4610-A6A2-E6EFCA83BD97}" = Ulead PhotoImpact 10 ESD

"13860389BCE916343D6A5C65169C6F0C6BF6E3EA" = Windows Driver Package - Cypress (CyUsb) USB 

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2

"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings

"AVG8Uninstall" = AVG 8.5

"CANONBJ_Deinstall_CNMCP47.DLL" = Canon i320

"CCleaner" = CCleaner (remove only)

"Cole2k Media - Codec Pack (Video)" = Cole2k Media - Codec Pack (Video)

"DA73216D935E3CBA996AFD6E6513ECC587E0C3C1" = Windows Driver Package - Razer (HidUsb) HIDClass  (02/02/2007 1.0.5.0)

"FLVPlayer" = FLV Player 1.3.3

"Free Video to iPhone Converter_is1" = Free Video to iPhone Converter version 2.4

"Gadu-Gadu" = Gadu-Gadu 7.7

"GoldWave v5.12" = GoldWave v5.12

"Great Deal Provider_is1" = Great Deal Provider

"HijackThis" = HijackThis 1.99.1

"ICQToolbar" = ICQ Toolbar

"ie8" = Windows Internet Explorer 8

"Indeo® XP Software" = Indeo® XP Software

"InstallShield_{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VAIO Online-Registration (Deutsch)

"InstallShield_{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio

"Lucent Technologies Soft Modem" = Lucent Technologies Soft Modem AMR

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Messenger Plus! Live" = Messenger Plus! Live

"MessengerDiscovery 1.3.1_is1" = MessengerDiscovery 1.3.1

"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0

"Mozilla Firefox (3.6.4)" = Mozilla Firefox (3.6.4)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"MyFreeCodec" = MyFreeCodec

"NVIDIA Drivers" = NVIDIA Drivers

"OpenMG HotFix3.1-02-08-09-01" = OpenMG Limited Patch 3.1-02-10-23-01

"OpenMG HotFix3.1-02-08-15-01" = OpenMG Limited Patch 3.1-02-10-22-01

"QcDrv" = Logitech® Camera-Treiber

"Shockwave" = Shockwave

"ShockwaveFlash" = Adobe Flash Player 9 ActiveX

"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)

"Skype_is1" = Skype 3.0

"Steam" = Steam

"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2

"Tlen.pl" = Tlen.pl

"TMPGEnc Studio_is1" = TMPGEnc Studio 1.1

"Total Video Converter 3.0 beta_is1" = Total Video Converter 3.0 beta

"Uninstall_is1" = Uninstall 1.0.0.1

"ViewpointMediaPlayer" = Viewpoint Media Player

"Virtualdub 1.4.9" = Virtualdub 1.4.9

"VLC media player" = VLC media player 1.0.3

"Winamp" = Winamp (remove only)

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 2

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = WinRAR Archivierer

"Wisdom-soft Set up ASR 3.1 Free" = Wisdom-soft Set up ASR 3.1 Free

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Works2004Setup" = Setup-Start von Microsoft Works 2004

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"XP Codec Pack" = XP Codec Pack

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"UnityWebPlayer" = Unity Web Player

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 10.06.2010 13:03:58 | Computer Name = Weggemacht | Source = nview_info | ID = 11141121

Description = 

 

Error - 10.06.2010 13:03:58 | Computer Name = Weggemacht | Source = nview_info | ID = 11141121

Description = 

 

Error - 10.06.2010 13:03:58 | Computer Name = Weggemacht | Source = nview_info | ID = 11141121

Description = 

 

Error - 10.06.2010 13:03:59 | Computer Name = Weggemacht | Source = nview_info | ID = 11141121

Description = 

 

Error - 10.06.2010 13:03:59 | Computer Name = Weggemacht | Source = nview_info | ID = 11141121

Description = 

 

Error - 10.06.2010 13:04:02 | Computer Name = Weggemacht | Source = nview_info | ID = 11141121

Description = 

 

Error - 10.06.2010 13:04:02 | Computer Name = Weggemacht | Source = nview_info | ID = 11141121

Description = 

 

Error - 10.06.2010 13:04:03 | Computer Name = Weggemacht | Source = nview_info | ID = 11141121

Description = 

 

Error - 10.06.2010 13:04:03 | Computer Name = Weggemacht | Source = nview_info | ID = 11141121

Description = 

 

Error - 23.06.2010 07:49:28 | Computer Name = Weggemacht | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung applemobiledevicehelper.exe, Version 8.4.599.1,

 fehlgeschlagenes Modul msvcrt.dll, Version 7.0.2600.2180, Fehleradresse 0x00032332.

 

[ System Events ]

Error - 23.06.2010 12:33:32 | Computer Name = Weggemacht | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Aspi32" wurde aufgrund folgenden Fehlers nicht gestartet:

   %%2

 

Error - 23.06.2010 12:33:32 | Computer Name = Weggemacht | Source = Service Control Manager | ID = 7000

Description = Der Dienst "MSCamSvc" wurde aufgrund folgenden Fehlers nicht gestartet:

   %%3

 

Error - 23.06.2010 13:06:45 | Computer Name = Weggemacht | Source = W32Time | ID = 39452689

Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten

 Peer  "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15

 Minuten  wiederholt.  Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.

 (0x80072751)

 

Error - 23.06.2010 13:06:45 | Computer Name = Weggemacht | Source = W32Time | ID = 39452701

Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren

 Zeitquellen  konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb  der

 nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung  mit der Quelle

 herzustellen.  Der NtpClient verfügt über keine Quelle mit genauer Zeit.

 

Error - 23.06.2010 16:49:39 | Computer Name = Weggemacht | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Aspi32" wurde aufgrund folgenden Fehlers nicht gestartet:

   %%2

 

Error - 23.06.2010 16:49:39 | Computer Name = Weggemacht | Source = Service Control Manager | ID = 7000

Description = Der Dienst "MSCamSvc" wurde aufgrund folgenden Fehlers nicht gestartet:

   %%3

 

Error - 24.06.2010 05:48:55 | Computer Name = Weggemacht | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Aspi32" wurde aufgrund folgenden Fehlers nicht gestartet:

   %%2

 

Error - 24.06.2010 05:48:55 | Computer Name = Weggemacht | Source = Service Control Manager | ID = 7000

Description = Der Dienst "MSCamSvc" wurde aufgrund folgenden Fehlers nicht gestartet:

   %%3

 

Error - 24.06.2010 09:35:52 | Computer Name = Weggemacht | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Aspi32" wurde aufgrund folgenden Fehlers nicht gestartet:

   %%2

 

Error - 24.06.2010 09:35:52 | Computer Name = Weggemacht | Source = Service Control Manager | ID = 7000

Description = Der Dienst "MSCamSvc" wurde aufgrund folgenden Fehlers nicht gestartet:

   %%3

 

 

< End of report >

Sry, dass es so lange gedauert hat, hatte viel zu tun.

ComboFix Log File:

Code:

ComboFix 10-07-03.06 - Weggemacht 06.07.2010  19:26:41.1.1 - x86

Microsoft Windows XP Home Edition  5.1.2600.2.1252.49.1031.18.512.281 [GMT 2:00]

ausgeführt von:: c:\dokumente und einstellungen\Weggemacht\Desktop\Combo-Fix.exe

AV: AVG Anti-Virus *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FW: Sygate Personal Firewall *disabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}

.
 

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.
 

c:\windows\system32\muzapp.exe

c:\windows\xpsp1hfm.log
 

.

(((((((((((((((((((((((   Dateien erstellt von 2010-06-06 bis 2010-07-06  ))))))))))))))))))))))))))))))

.
 

2010-07-04 16:09 . 2010-07-04 16:10        --------        d-----w-        c:\programme\XP Codec Pack

2010-07-04 15:57 . 2010-03-15 09:31        165376        ----a-w-        c:\windows\system32\unrar.dll

2010-07-02 13:58 . 2010-07-02 13:58        --------        d-sh--w-        c:\dokumente und einstellungen\LocalService\IETldCache

2010-07-02 13:54 . 2010-07-02 13:54        --------        d-----w-        c:\dokumente und einstellungen\Weggemacht\Lokale Einstellungen\Anwendungsdaten\AOL

2010-07-01 14:37 . 2010-07-01 14:37        --------        d-----w-        c:\programme\GoldWave

2010-07-01 02:25 . 2010-07-01 02:25        --------        d-----w-        c:\dokumente und einstellungen\Weggemacht\Anwendungsdaten\DVDVideoSoftIEHelpers

2010-06-28 18:35 . 2010-06-28 18:35        0        ----a-r-        C:\logwmemory.bin

2010-06-28 18:33 . 2010-06-28 18:33        --------        d-----w-        c:\dokumente und einstellungen\Weggemacht\Anwendungsdaten\Soldat

2010-06-28 16:52 . 2010-07-04 19:39        --------        d-----w-        c:\dokumente und einstellungen\Weggemacht\Anwendungsdaten\vlc

2010-06-28 16:50 . 2010-06-28 16:50        --------        d-----w-        c:\programme\VideoLAN

2010-06-27 10:31 . 2010-07-04 19:00        --------        d-----w-        c:\dokumente und einstellungen\Weggemacht\Anwendungsdaten\dvdcss

2010-06-17 08:03 . 2010-06-17 08:03        --------        d-sh--w-        c:\dokumente und einstellungen\NetworkService\IETldCache

2010-06-17 08:03 . 2010-06-17 08:03        --------        d-----w-        c:\dokumente und einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Apple

2010-06-08 15:36 . 2010-06-08 15:36        --------        d-sh--w-        c:\dokumente und einstellungen\WeggemachtM\IETldCache

2010-06-06 20:19 . 2010-06-06 20:19        --------        d-----w-        c:\programme\MSXML 4.0

2010-06-06 20:18 . 2010-06-06 20:18        --------        d-----w-        c:\windows\ie8updates

2010-06-06 20:07 . 2010-06-06 20:07        --------        d-----w-        c:\programme\Microsoft CAPICOM 2.1.0.2

2010-06-06 20:04 . 2010-02-12 10:03        293376        ------w-        c:\windows\system32\browserchoice.exe

2010-06-06 20:03 . 2010-02-24 12:31        454016        -c----w-        c:\windows\system32\dllcache\mrxsmb.sys

2010-06-06 20:03 . 2010-02-25 06:15        55296        -c----w-        c:\windows\system32\dllcache\msfeedsbs.dll

2010-06-06 20:03 . 2010-02-25 06:14        247808        -c----w-        c:\windows\system32\dllcache\ieproxy.dll

2010-06-06 20:03 . 2010-02-25 06:15        12800        -c----w-        c:\windows\system32\dllcache\xpshims.dll

2010-06-06 20:03 . 2010-02-25 06:15        1985536        -c----w-        c:\windows\system32\dllcache\iertutil.dll

2010-06-06 20:03 . 2010-02-25 06:15        594432        -c----w-        c:\windows\system32\dllcache\msfeeds.dll

2010-06-06 20:02 . 2009-12-31 16:14        352640        -c----w-        c:\windows\system32\dllcache\srv.sys

2010-06-06 20:01 . 2009-11-21 16:37        470528        -c----w-        c:\windows\system32\dllcache\aclayers.dll

2010-06-06 19:59 . 2009-06-21 22:05        153088        -c----w-        c:\windows\system32\dllcache\triedit.dll

2010-06-06 19:59 . 2009-06-05 07:42        655872        -c----w-        c:\windows\system32\dllcache\mstscax.dll

2010-06-06 19:57 . 2009-07-31 04:58        1172480        -c----w-        c:\windows\system32\dllcache\msxml3.dll

2010-06-06 19:57 . 2008-05-01 14:30        331776        -c----w-        c:\windows\system32\dllcache\msadce.dll

2010-06-06 19:57 . 2008-06-14 17:57        273024        -c----w-        c:\windows\system32\dllcache\bthport.sys

2010-06-06 17:53 . 2010-06-06 17:53        --------        d-sh--w-        c:\dokumente und einstellungen\Weggemacht\PrivacIE

2010-06-06 17:50 . 2010-06-06 17:50        --------        d-sh--w-        c:\dokumente und einstellungen\Weggemacht\IETldCache
 

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-07-06 12:32 . 2008-11-20 14:57        0        ----a-w-        c:\windows\system32\drivers\lvuvc.hs

2010-07-04 15:59 . 2008-07-19 20:47        --------        d-----w-        c:\programme\K-Lite Codec Pack

2010-07-04 15:28 . 2002-11-29 08:31        --------        d--h--w-        c:\programme\InstallShield Installation Information

2010-07-04 15:28 . 2006-04-25 19:30        --------        d-----w-        c:\programme\MainConcept

2010-07-03 21:37 . 2007-01-22 11:49        --------        d-----w-        c:\dokumente und einstellungen\Weggemacht\Anwendungsdaten\ICQ

2010-07-02 13:58 . 2008-07-14 11:06        --------        d-----w-        c:\programme\ICQ6Toolbar

2010-07-02 13:55 . 2008-07-14 11:06        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\ICQ

2010-07-02 12:15 . 2006-11-24 11:15        --------        d---a-w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP

2010-06-14 10:08 . 2010-06-25 10:54        545280        ----a-w-        c:\dokumente und einstellungen\Weggemacht\Anwendungsdaten\Mozilla\Firefox\Profiles\c9kgigm7.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe

2010-06-14 10:08 . 2010-06-25 10:54        4687360        ----a-w-        c:\dokumente und einstellungen\Weggemacht\Anwendungsdaten\Mozilla\Firefox\Profiles\c9kgigm7.default\extensions\piclens@cooliris.com\libs\cooliris192.dll

2010-06-14 10:08 . 2010-06-25 10:54        425984        ----a-w-        c:\dokumente und einstellungen\Weggemacht\Anwendungsdaten\Mozilla\Firefox\Profiles\c9kgigm7.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe

2010-06-14 10:08 . 2010-06-25 10:54        152064        ----a-w-        c:\dokumente und einstellungen\Weggemacht\Anwendungsdaten\Mozilla\Firefox\Profiles\c9kgigm7.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll

2010-06-14 10:08 . 2010-06-25 10:54        103424        ----a-w-        c:\dokumente und einstellungen\Weggemacht\Anwendungsdaten\Mozilla\Firefox\Profiles\c9kgigm7.default\extensions\piclens@cooliris.com\libs\pixomatic.dll

2010-06-14 10:08 . 2010-06-25 10:54        57856        ----a-w-        c:\dokumente und einstellungen\Weggemacht\Anwendungsdaten\Mozilla\Firefox\Profiles\c9kgigm7.default\extensions\piclens@cooliris.com\components\coolirisstub.dll

2010-06-14 10:08 . 2010-06-25 10:54        4687872        ----a-w-        c:\dokumente und einstellungen\Weggemacht\Anwendungsdaten\Mozilla\Firefox\Profiles\c9kgigm7.default\extensions\piclens@cooliris.com\libs\cooliris190.dll

2010-06-13 19:56 . 2002-11-28 21:11        426778        ----a-w-        c:\windows\system32\perfh007.dat

2010-06-13 19:56 . 2002-11-28 21:11        79480        ----a-w-        c:\windows\system32\perfc007.dat

2010-06-06 22:28 . 2006-08-02 12:43        124664        ----a-w-        c:\windows\system32\GDIPFONTCACHEV1.DAT

2010-06-06 17:07 . 2005-01-20 14:32        --------        d-----w-        c:\programme\Java

2010-06-06 17:05 . 2002-11-29 10:51        --------        d-----w-        c:\programme\Gemeinsame Dateien\Adobe

2010-06-06 16:41 . 2006-07-06 13:27        --------        d-----w-        c:\programme\QuickTime

2010-06-06 16:29 . 2010-06-06 16:29        61440        ----a-w-        c:\dokumente und einstellungen\Weggemacht\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-3b46e34b-n\decora-sse.dll

2010-06-06 16:29 . 2010-06-06 16:29        503808        ----a-w-        c:\dokumente und einstellungen\Weggemacht\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-6da3c8d5-n\msvcp71.dll

2010-06-06 16:29 . 2010-06-06 16:29        499712        ----a-w-        c:\dokumente und einstellungen\Weggemacht\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-6da3c8d5-n\jmc.dll

2010-06-06 16:29 . 2010-06-06 16:29        348160        ----a-w-        c:\dokumente und einstellungen\Weggemacht\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-6da3c8d5-n\msvcr71.dll

2010-06-06 16:29 . 2010-06-06 16:29        12800        ----a-w-        c:\dokumente und einstellungen\Weggemachtk\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-3b46e34b-n\decora-d3d.dll

2010-06-06 16:14 . 2005-01-20 14:31        --------        d-----w-        c:\programme\Gemeinsame Dateien\Java

2010-06-06 16:12 . 2010-06-06 16:14        921376        ----a-w-        c:\dokumente und einstellungen\Weggemacht\Anwendungsdaten\Sun\Java\JRERunOnce.exe

2010-06-06 14:35 . 2010-06-06 11:38        --------        d-----w-        c:\programme\BearPaw 1200CU

2010-06-05 11:17 . 2010-06-05 11:17        --------        d-----w-        c:\dokumente und einstellungen\Weggemachtk\Anwendungsdaten\Malwarebytes

2010-06-05 11:16 . 2010-06-05 11:16        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes

2010-05-20 22:28 . 2010-05-20 22:28        --------        d-----w-        c:\programme\Seagate

2010-05-20 22:21 . 2004-12-05 19:49        --------        d-----w-        c:\programme\Gemeinsame Dateien\Wise Installation Wizard

2010-04-29 13:39 . 2010-06-05 11:16        38224        ----a-w-        c:\windows\system32\drivers\mbamswissarmy.sys

2010-04-29 13:39 . 2010-06-05 11:16        20952        ----a-w-        c:\windows\system32\drivers\mbam.sys

2010-04-12 15:29 . 2010-06-06 16:28        411368        ----a-w-        c:\windows\system32\deployJava1.dll

.
 

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ezShieldProtector for Px"="c:\windows\System32\ezSP_Px.exe" [2002-08-20 40960]

"SmcService"="c:\progra~1\Sygate\SPF\smc.exe" [2004-10-15 2577632]

"AVG8_TRAY"="d:\progra~1\AVG\AVG8\avgtray.exe" [2010-03-20 2046816]

"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-12-09 225280]

"LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]

"nwiz"="nwiz.exe" [2009-01-15 1657376]

"NvMediaCenter"="NvMCTray.dll" [2009-01-15 86016]

"DeathAdder"="d:\programme\Razer\DeathAdder\razerhid.exe" [2007-09-07 159744]

"iTunesHelper"="d:\programme\iTunes\iTunesHelper.exe" [2010-02-15 141608]

"Malwarebytes' Anti-Malware"="d:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]

"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" [2010-03-17 421888]

"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760]

"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

"LTSMMSG"="LTSMMSG.exe" [2002-07-20 32768]
 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-03 15360]
 

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"UIHost"="c:\dokumente und einstellungen\All Users\Anwendungsdaten\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"
 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-08-01 12:31        11952        ----a-w-        c:\windows\system32\avgrsstx.dll
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

2005-10-28 14:25        94208        ----a-w-        c:\programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeathAdder]

2007-09-07 14:54        159744        ----a-w-        d:\programme\Razer\DeathAdder\razerhid.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]

2007-05-10 14:36        2111176        ----a-w-        c:\programme\Gadu-Gadu\gg.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Komunikator]

2006-10-11 09:48        1118720        ----a-w-        c:\programme\Tlen.pl\tlen.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraAssistant]

2005-12-07 09:26        489472        ----a-w-        c:\programme\Logitech\Video\CameraAssistant.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideo[inspector]]

2005-12-07 09:33        73728        ----a-w-        c:\programme\Logitech\Video\InstallHelper.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2004-08-03 23:58        1667584        ------w-        c:\programme\Messenger\msmsgs.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2001-07-09 08:50        155648        ----a-w-        c:\windows\system32\NeroCheck.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-03-17 19:53        421888        ----a-w-        c:\programme\QuickTime\QTTask.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

2010-05-22 21:46        1238352        ----a-w-        d:\spiele\Steam\Steam.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]

2006-10-13 16:04        707376        ----a-w-        c:\windows\vVX1000.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"ICQ Service"=2 (0x2)
 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Programme\\Gadu-Gadu\\gg.exe"=

"d:\\Spiele\\Steam\\Steam.exe"=

"c:\\Programme\\Java\\j2re1.4.2_03\\bin\\javaw.exe"=

"c:\\Programme\\Messenger\\msmsgs.exe"=

"c:\\Programme\\Tlen.pl\\tlen.exe"=

"c:\\Programme\\Mozilla Firefox\\firefox.exe"=

"c:\\WINDOWS\\system32\\dpvsetup.exe"=

"d:\\Programme\\AVG\\AVG8\\avgupd.exe"=

"d:\\Programme\\AVG\\AVG8\\avgnsx.exe"=

"c:\\Programme\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Programme\\Bonjour\\mDNSResponder.exe"=

"d:\\Programme\\iTunes\\iTunes.exe"=

"d:\\Programme\\Skype\\Phone\\Skype.exe"=

"d:\\Spiele\\Unreal Tournament\\System\\UnrealTournament.exe"=

"d:\\Spiele\\Steam\\SteamApps\\thegamer94853\\counter-strike\\hl.exe"=

"d:\\Programme\\ICQ7.2\\ICQ.exe"=

"d:\\Programme\\ICQ7.2\\aolload.exe"=
 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"1295:TCP"= 1295:TCP:kpouggn
 

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [08.08.2008 03:10 12552]

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [08.08.2008 03:10 335240]

R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [08.08.2008 03:10 108552]

R2 avg8wd;AVG8 WatchDog;d:\progra~1\AVG\AVG8\avgwdsvc.exe [10.01.2009 04:18 297752]

R2 ICQ Service;ICQ Service;c:\programme\ICQ6Toolbar\ICQ Service.exe [14.07.2008 13:06 246520]

R2 MBAMService;MBAMService;d:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [05.06.2010 13:16 304464]

R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [30.08.2006 11:35 2368]

R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [15.01.2008 22:01 22784]

R3 LucentSoftModem;Lucent Technologies Soft Modem;c:\windows\system32\drivers\ltsm.sys [31.07.2002 22:33 815819]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [05.06.2010 13:16 20952]

S3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\drivers\camdrv21.sys [22.08.2005 16:18 223232]

S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys --> c:\windows\system32\DRIVERS\ManyCam.sys [?]

S3 s3m;s3m;c:\windows\system32\drivers\s3m.sys [25.07.2007 21:09 166720]

S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys --> c:\windows\system32\drivers\ScreamingBAudio.sys [?]

S3 SPCP825K;USB to Serial port driver;c:\windows\system32\drivers\SPCP825K.sys [01.09.2006 17:29 31488]

S3 UDTT2BDA;Twinhan USB2 DVB-T receiver;c:\windows\system32\drivers\UDTT2BDA.sys [08.12.2005 21:09 36736]

S3 USBSHHS3;SHARP GSM GPRS USB Driver2 3.0.0;c:\windows\system32\DRIVERS\usbshhs3.sys --> c:\windows\system32\DRIVERS\usbshhs3.sys [?]

.

Inhalt des "geplante Tasks" Ordners
 

2010-06-17 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\programme\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://start.icq.com/

mSearch Bar = 

uInternet Settings,ProxyServer = <local>

uInternet Settings,ProxyOverride = <local>;*.local

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

IE: Nach Microsoft &Excel exportieren - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

IE: {{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - d:\programme\ICQ7.2\ICQ.exe

Trusted Zone: sony-europe.com

Trusted Zone: sonystyle-europe.com

Trusted Zone: vaio-link.com

DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

FF - ProfilePath - c:\dokumente und einstellungen\Weggemacht\Anwendungsdaten\Mozilla\Firefox\Profiles\c9kgigm7.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.ebay.de/

FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.6&q=

FF - plugin: c:\dokumente und einstellungen\Weggemacht\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: c:\programme\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: c:\programme\Mozilla Firefox\plugins\npmozax.dll

FF - plugin: c:\programme\Mozilla Firefox\plugins\npqtplugin8.dll

FF - plugin: c:\programme\Mozilla Firefox\plugins\npunagi2.dll

FF - plugin: d:\programme\DivX\DivX Web Player\npdivx32.dll

FF - plugin: d:\programme\iTunes\Mozilla Plugins\npitunes.dll
 

---- FIREFOX Richtlinien ----

c:\programme\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type",                  5);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);

c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);

c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);

c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);

c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);

c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);

c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -
 

HKCU-Run-MessengerDiscovery - c:\programme\MessengerDiscovery\MessengerDiscovery.exe

HKLM-Run-SunJavaUpdateSched - c:\programme\Java\jre6\bin\jusched.exe

MSConfigStartUp-!AVG Anti-Spyware - c:\programme\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

MSConfigStartUp-avast! - d:\progra~1\ALWILS~1\Avast4\ashDisp.exe

MSConfigStartUp-Camfrog - d:\programme\Camfrog\Camfrog Video Chat\CamfrogNet.exe

MSConfigStartUp-F-StopW - c:\programme\FSI\F-Prot\F-StopW.EXE

MSConfigStartUp-HostManager - c:\programme\Gemeinsame Dateien\AOL\1182351920\ee\AOLSoftware.exe

MSConfigStartUp-ICQ Lite - d:\spiele\ICQLite\ICQLite.exe

MSConfigStartUp-SpybotSD TeaTimer - d:\programme\Spybot - Search & Destroy2\TeaTimer.exe

MSConfigStartUp-SunJavaUpdateSched - c:\programme\Java\jre6\bin\jusched.exe

MSConfigStartUp-Veoh - d:\programme\Veoh\VeohClient.exe

MSConfigStartUp-WebcamMaxMoniter - d:\programme\WebcamMax\CAMTHINS.exe

AddRemove-HijackThis - c:\dokume~1\Weggemacht\LOKALE~1\Temp\Rar$EX01.625\HijackThis.exe

AddRemove-InstallShield_{C20CE592-B0F8-4D20-BF31-0151CA6331A6} - c:\programme\InstallShield Installation Information\{C20CE592-B0F8-4D20-BF31-0151CA6331A6}\setup.exe

AddRemove-MessengerDiscovery 1.3.1_is1 - c:\programme\MessengerDiscovery\unins000.exe
 
 
 

**************************************************************************
 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net

Rootkit scan 2010-07-06 19:37

Windows 5.1.2600 Service Pack 2 NTFS
 

Scanne versteckte Prozesse... 
 

Scanne versteckte Autostarteinträge... 
 

Scanne versteckte Dateien... 
 

Scan erfolgreich abgeschlossen

versteckte Dateien: 0
 

**************************************************************************
 

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vsdatant]

"ImagePath"=""

.

--------------------- Gesperrte Registrierungsschluessel ---------------------
 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Ñw*]

"7040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

Zeit der Fertigstellung: 2010-07-06  19:45:10

ComboFix-quarantined-files.txt  2010-07-06 17:44
 

Vor Suchlauf: 2.191.343.616 Bytes frei

Nach Suchlauf: 7.135.244.288 Bytes frei
 

WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn /TUTag=TMRIV5 /Kernel=TUKernel.exe

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition (TuneUp Backup)" /fastdetect /NoExecute=OptIn /TUTag=TMRIV5-BAK
 

- - End Of File - - F14577FAC30C3FD443C52C78E8E2AAED