PC versendet Spam

luki265 · 23.12.2010, 14:23

Hallo!!
Danke für die schnelle Antwort.

Malwarebytes:

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes

Datenbank Version: 5382

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

23.12.2010 13:21:26
mbam-log-2010-12-23 (13-21-26).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 384835
Laufzeit: 2 Stunde(n), 28 Minute(n), 40 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 19
Infizierte Registrierungswerte: 3
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 10

Infizierte Speicherprozesse:
c:\WINDOWS\nvsvc32.exe (Backdoor.Bot) -> 2068 -> Unloaded process successfully.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{88ABC5C0-4FCB-11BB-AAX5-81CX1C635612} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{88ABC5C0-4FCB-11BB-AAX5-81CX1C635612} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\4RBPZMXX4S (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\JP595IR86O (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\YVIBBBHA8C (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SSHNAS (Trojan.Renos) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\XTTB00001.XTTB00001Toolbar (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ToolBand.XTTBPos00.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ToolBand.XTTBPos00 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NVIDIA driver monitor (Backdoor.Bot) -> Value: NVIDIA driver monitor -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NVIDIA driver monitor (Backdoor.Bot) -> Value: NVIDIA driver monitor -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run\NVIDIA driver monitor (Malware.Trace) -> Value: NVIDIA driver monitor -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\RECYCLER\s-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\WINDOWS\nvsvc32.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\valiii\lokale einstellungen\temporary internet files\Content.IE5\JBD9YCRK\image96523489[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\valiii\lokale einstellungen\temporary internet files\Content.IE5\BUQCOHZ8\OTL[1].exe (Trojan.Dropper.PGen) -> Delete on reboot.
c:\dokumente und einstellungen\valiii\lokale einstellungen\temporary internet files\Content.IE5\IBYSH9AS\image96523489[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\WINDOWS\wibrf.jpg (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\wiybr.png (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{62c40aa6-4406-467a-a5a5-dfdf1b559b7a}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\RECYCLER\s-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.
c:\programme\icqtoolbar\toolbaru.dll (Trojan.BHO) -> Quarantined and deleted successfully.

OTL:

1. Logfile:OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 23.12.2010 14:04:47 - Run 1
OTL by OldTimer - Version 3.2.18.0     Folder = C:\Dokumente und Einstellungen\valiii\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
894,00 Mb Total Physical Memory | 254,00 Mb Available Physical Memory | 28,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): C:\pagefile.sys 1341 1344 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,04 Gb Total Space | 92,13 Gb Free Space | 61,82% Space Free | Partition Type: NTFS
 
Computer Name: COMPUTER | User Name: valiii | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\valiii\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Nike\Nike+ Connect\Nike+ Connect daemon.exe (Nike)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Apple Software Update\SoftwareUpdate.exe (Apple Inc.)
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)
PRC - C:\Programme\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)
PRC - C:\WINDOWS\system32\o2flash.exe ()
PRC - C:\Programme\PestPatrol\PPMemCheck.exe ()
PRC - C:\Programme\PestPatrol\CookiePatrol.exe ()
PRC - C:\Programme\Lexmark X1100 Series\lxbkbmon.exe (Lexmark International, Inc.)
PRC - C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Dokumente und Einstellungen\valiii\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (AntiVirScheduler) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (O2Flash) -- C:\WINDOWS\system32\o2flash.exe ()
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (w810obex) -- C:\WINDOWS\System32\DRIVERS\w810obex.sys File not found
DRV - (w810mgmt) Sony Ericsson W810 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\System32\DRIVERS\w810mgmt.sys File not found
DRV - (w810mdm) -- C:\WINDOWS\System32\DRIVERS\w810mdm.sys File not found
DRV - (w810mdfl) -- C:\WINDOWS\System32\DRIVERS\w810mdfl.sys File not found
DRV - (w810bus) Sony Ericsson W810 Driver driver (WDM) -- C:\WINDOWS\System32\DRIVERS\w810bus.sys File not found
DRV - (smserial) -- C:\WINDOWS\System32\DRIVERS\smserial.sys File not found
DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS File not found
DRV - (mod7700) -- C:\WINDOWS\System32\DRIVERS\mod7700.sys File not found
DRV - (hwdatacard) -- C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys File not found
DRV - (Huawei) -- C:\WINDOWS\System32\DRIVERS\ewdcsc.sys File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (RT61) -- C:\WINDOWS\system32\drivers\rt61.sys (Ralink Technology Inc.)
DRV - (O2MDRDR) -- C:\WINDOWS\system32\DRIVERS\o2media.sys (O2Micro )
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (O2SDRDR) -- C:\WINDOWS\system32\DRIVERS\o2sd.sys (O2Micro )
DRV - (sscdmdm) -- C:\WINDOWS\system32\drivers\sscdmdm.sys (MCCI)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\WINDOWS\system32\drivers\sscdbus.sys (MCCI)
DRV - (sscdmdfl) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys (MCCI)
DRV - (cdrbsdrv) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.at/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..network.proxy.ftp: ":"
FF - prefs.js..network.proxy.gopher: ":"
FF - prefs.js..network.proxy.http: ":"
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: ":"
FF - prefs.js..network.proxy.ssl: ":"
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.12.23 13:52:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.12.23 13:52:29 | 000,000,000 | ---D | M]
 
[2010.06.23 17:48:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\valiii\Anwendungsdaten\Mozilla\Extensions
[2010.12.21 22:34:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\valiii\Anwendungsdaten\Mozilla\Firefox\Profiles\eyg0ddz2.default\extensions
[2010.08.02 16:46:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\valiii\Anwendungsdaten\Mozilla\Firefox\Profiles\eyg0ddz2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.12.20 19:51:58 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Dokumente und Einstellungen\valiii\Anwendungsdaten\Mozilla\Firefox\Profiles\eyg0ddz2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.07.22 21:23:22 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\valiii\Anwendungsdaten\Mozilla\Firefox\Profiles\eyg0ddz2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.12.18 17:54:12 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.11.21 08:37:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.11.28 14:12:16 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.11.28 14:12:16 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.11.28 14:12:16 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.11.28 14:12:16 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.11.28 14:12:16 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQ Toolbar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (ICQ Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AntivirusRegistration] C:\Programme\CA\Etrust Antivirus\Register.exe ()
O4 - HKLM..\Run: [ATICCC] C:\Programme\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CookiePatrol] C:\Programme\PestPatrol\CookiePatrol.exe ()
O4 - HKLM..\Run: [Lexmark X1100 Series] C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [Nike+ Connect] C:\Programme\Nike\Nike+ Connect\Nike+ Connect daemon.exe (Nike)
O4 - HKLM..\Run: [PestPatrolRegistration] C:\Programme\PestPatrol\Register.exe (SecureIT Solutions)
O4 - HKLM..\Run: [PPMemCheck] C:\Programme\PestPatrol\PPMemCheck.exe ()
O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Ralink Wireless Utility.lnk = C:\Programme\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)
O4 - Startup: C:\Dokumente und Einstellungen\valiii\Startmenü\Programme\Autostart\wkcalrem.LNK = C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\valiii\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\valiii\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 10.0.0.138
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Programme\vShare\vshare_toolbar.dll ()
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\wineay32: DllName - wineay32.dll -  File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\valiii\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\valiii\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.05 05:31:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0bfe61f0-6d7a-11df-93ed-0013d37e4cef}\Shell - "" = AutoRun
O33 - MountPoints2\{0bfe61f0-6d7a-11df-93ed-0013d37e4cef}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0bfe61f0-6d7a-11df-93ed-0013d37e4cef}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O33 - MountPoints2\{7c8671ab-6d8d-11df-93ef-0013d37e4cef}\Shell - "" = AutoRun
O33 - MountPoints2\{7c8671ab-6d8d-11df-93ef-0013d37e4cef}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7c8671ab-6d8d-11df-93ef-0013d37e4cef}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.12.23 14:05:16 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.12.23 14:03:32 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\valiii\Desktop\OTL.exe
[2010.12.23 14:02:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.12.23 14:00:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010.12.23 13:51:49 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2010.12.23 10:48:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\valiii\Anwendungsdaten\Malwarebytes
[2010.12.23 10:48:23 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.23 10:48:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.12.23 10:48:18 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.12.23 10:48:17 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.12.23 10:46:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\anit Trojaner
[2010.12.22 21:18:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McAfee Security Scan
[2010.12.22 21:18:15 | 000,000,000 | ---D | C] -- C:\Programme\McAfee Security Scan
[2010.12.20 20:24:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\valiii\Anwendungsdaten\FreeVideoConverter
[2010.12.20 20:24:05 | 000,000,000 | ---D | C] -- C:\Programme\Free Video Converter
[2010.12.20 20:15:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\valiii\Anwendungsdaten\AVS4YOU
[2010.12.20 20:13:08 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\AVSMedia
[2010.12.20 20:12:49 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\GdiPlus.dll
[2010.12.20 20:12:49 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2010.12.20 20:12:49 | 000,000,000 | ---D | C] -- C:\Programme\AVS4YOU
[2010.12.20 20:12:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVS4YOU
[2010.12.20 19:53:00 | 005,003,908 | ---- | C] (ManiacTools.com                                             ) -- C:\Dokumente und Einstellungen\valiii\Desktop\m4a-to-mp3-converter_6.1.exe
[2010.12.17 16:30:14 | 000,000,000 | -HSD | C] -- C:\found.000
[2010.12.16 14:45:49 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2010.12.15 17:34:53 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010.12.12 19:14:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fighters
[2010.12.12 19:09:39 | 012,700,376 | ---- | C] (DVDVideoSoft Limited.                                       ) -- C:\Dokumente und Einstellungen\valiii\Desktop\FreeYouTubeDownload_210.exe
[2010.12.12 17:14:53 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Silverlight
[2010.12.12 17:14:35 | 006,274,424 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\Silverlight.exe
[2010.12.05 13:54:34 | 000,000,000 | ---D | C] -- C:\Programme\DAEMON Tools Lite
[2010.12.05 13:53:01 | 009,591,104 | ---- | C] (DT Soft Ltd.) -- C:\Dokumente und Einstellungen\valiii\Desktop\DTLite4356-0091.exe
[2010.12.03 13:24:36 | 000,000,000 | ---D | C] -- C:\Programme\WinZip
[2010.12.03 13:11:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010.12.03 13:09:00 | 000,000,000 | ---D | C] -- C:\Programme\Landwirtschafts Simulator 2011
[2010.12.02 21:08:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\valiii\Anwendungsdaten\DAEMON Tools Lite
[2010.12.02 21:08:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2010.12.02 21:08:00 | 009,591,104 | ---- | C] (DT Soft Ltd.) -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\DTLite4356-0091.exe
[2010.12.02 21:03:43 | 001,046,720 | ---- | C] (Driver Mender                                                ) -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\DriverMender.exe
[2010.11.29 17:38:30 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2010.11.29 17:38:30 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2010.11.23 17:10:02 | 000,000,000 | ---D | C] -- C:\Games
[2010.11.23 16:19:51 | 063,735,312 | ---- | C] (Greentube GmbH) -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\AT-SkiChallenge11.exe
[6 C:\Dokumente und Einstellungen\valiii\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\valiii\Eigene Dateien\*.tmp -> ]
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.12.23 14:14:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{AF64CB1C-0317-4431-88A5-B5C3CC012B05}.job
[2010.12.23 14:08:00 | 000,001,522 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2010.12.23 14:03:34 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\valiii\Desktop\OTL.exe
[2010.12.23 13:54:02 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.23 13:54:01 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.23 13:52:17 | 000,001,584 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
[2010.12.23 13:45:01 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.12.23 13:23:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.12.23 13:23:30 | 937,603,072 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.22 21:18:17 | 000,001,575 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk
[2010.12.22 21:18:16 | 000,001,583 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\McAfee Security Scan Plus.lnk
[2010.12.22 20:16:45 | 000,005,392 | ---- | M] () -- C:\Dokumente und Einstellungen\valiii\Anwendungsdaten\wklnhst.dat
[2010.12.22 18:11:29 | 001,517,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.12.21 17:00:24 | 000,002,323 | ---- | M] () -- C:\WINDOWS\ndl.dl
[2010.12.21 16:58:24 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.12.20 22:29:29 | 000,054,272 | ---- | M] () -- C:\Dokumente und Einstellungen\valiii\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.20 22:25:35 | 000,051,712 | ---- | M] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\Biegen_Handout.doc
[2010.12.20 22:25:16 | 000,022,528 | ---- | M] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\Biegen_Referat.doc
[2010.12.20 22:09:29 | 001,380,864 | ---- | M] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\BIEGEN.ppt
[2010.12.20 20:24:08 | 000,000,788 | ---- | M] () -- C:\Dokumente und Einstellungen\valiii\Desktop\Free Video Converter.lnk
[2010.12.20 19:53:28 | 005,003,908 | ---- | M] (ManiacTools.com                                             ) -- C:\Dokumente und Einstellungen\valiii\Desktop\m4a-to-mp3-converter_6.1.exe
[2010.12.20 19:16:15 | 000,029,040 | ---- | M] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\Blechbiegen03-praegebiegen.jpg
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.12.16 18:07:46 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.12.14 21:29:09 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.12.12 20:23:59 | 000,065,024 | ---- | M] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\Biegen Referat.doc
[2010.12.12 19:12:26 | 000,000,906 | ---- | M] () -- C:\Dokumente und Einstellungen\valiii\Desktop\DVDVideoSoft Free Studio.lnk
[2010.12.12 19:11:44 | 012,700,376 | ---- | M] (DVDVideoSoft Limited.                                       ) -- C:\Dokumente und Einstellungen\valiii\Desktop\FreeYouTubeDownload_210.exe
[2010.12.12 19:08:47 | 000,293,184 | ---- | M] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\SoftonicDownloader_fuer_free-youtube-download.exe
[2010.12.12 18:39:58 | 000,000,162 | -H-- | M] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\~$egen Referat.doc
[2010.12.12 18:15:49 | 000,026,624 | ---- | M] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\English 3 BHMIM 1. SA  Texte.doc
[2010.12.12 17:18:07 | 000,000,162 | -H-- | M] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\~$glish 3 BHMIM 1. SA  Texte.doc
[2010.12.12 17:14:35 | 006,274,424 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\Silverlight.exe
[2010.12.05 15:53:42 | 000,000,930 | ---- | M] () -- C:\Dokumente und Einstellungen\valiii\Desktop\Landwirtschafts Simulator 2011 .lnk
[2010.12.05 13:53:01 | 009,591,104 | ---- | M] (DT Soft Ltd.) -- C:\Dokumente und Einstellungen\valiii\Desktop\DTLite4356-0091.exe
[2010.12.03 13:58:47 | 000,001,694 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\WinZip.lnk
[2010.12.03 13:22:16 | 010,741,064 | ---- | M] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\wz145gev.exe
[2010.12.02 21:09:08 | 000,691,696 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.12.02 21:08:00 | 009,591,104 | ---- | M] (DT Soft Ltd.) -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\DTLite4356-0091.exe
[2010.12.02 21:06:24 | 001,046,720 | ---- | M] (Driver Mender                                                ) -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\DriverMender.exe
[2010.11.29 17:38:30 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2010.11.29 17:38:30 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2010.11.23 17:11:06 | 000,001,558 | ---- | M] () -- C:\Dokumente und Einstellungen\valiii\Desktop\Ski Challenge 11 (AT) starten.lnk
[2010.11.23 17:09:24 | 063,735,312 | ---- | M] (Greentube GmbH) -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\AT-SkiChallenge11.exe
[6 C:\Dokumente und Einstellungen\valiii\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\valiii\Eigene Dateien\*.tmp -> ]
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.12.23 14:08:00 | 000,001,522 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2010.12.23 13:52:17 | 000,001,584 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
[2010.12.22 21:18:17 | 000,001,575 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk
[2010.12.22 21:18:16 | 000,001,583 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\McAfee Security Scan Plus.lnk
[2010.12.21 17:00:24 | 000,002,323 | ---- | C] () -- C:\WINDOWS\ndl.dl
[2010.12.20 22:25:35 | 000,051,712 | ---- | C] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\Biegen_Handout.doc
[2010.12.20 22:06:35 | 000,022,528 | ---- | C] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\Biegen_Referat.doc
[2010.12.20 20:59:02 | 001,380,864 | ---- | C] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\BIEGEN.ppt
[2010.12.20 20:24:08 | 000,000,788 | ---- | C] () -- C:\Dokumente und Einstellungen\valiii\Desktop\Free Video Converter.lnk
[2010.12.20 19:16:15 | 000,029,040 | ---- | C] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\Blechbiegen03-praegebiegen.jpg
[2010.12.12 19:08:43 | 000,293,184 | ---- | C] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\SoftonicDownloader_fuer_free-youtube-download.exe
[2010.12.12 18:39:58 | 000,000,162 | -H-- | C] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\~$egen Referat.doc
[2010.12.12 18:39:57 | 000,065,024 | ---- | C] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\Biegen Referat.doc
[2010.12.12 17:18:07 | 000,000,162 | -H-- | C] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\~$glish 3 BHMIM 1. SA  Texte.doc
[2010.12.12 17:07:02 | 000,026,624 | ---- | C] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\English 3 BHMIM 1. SA  Texte.doc
[2010.12.05 15:53:42 | 000,000,930 | ---- | C] () -- C:\Dokumente und Einstellungen\valiii\Desktop\Landwirtschafts Simulator 2011 .lnk
[2010.12.03 13:58:47 | 000,001,694 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\WinZip.lnk
[2010.12.03 13:22:15 | 010,741,064 | ---- | C] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\wz145gev.exe
[2010.12.03 13:20:13 | 000,082,235 | ---- | C] () -- C:\Dokumente und Einstellungen\valiii\Desktop\LS 11 keygen.rar
[2010.12.03 13:03:07 | 864,083,968 | ---- | C] () -- C:\Dokumente und Einstellungen\valiii\Desktop\Landwirtschafts.iso
[2010.12.03 13:03:05 | 000,082,235 | ---- | C] () -- C:\Dokumente und Einstellungen\valiii\Eigene Dateien\LS 11 keygen.rar
[2010.12.02 21:09:06 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.11.23 17:11:06 | 000,001,558 | ---- | C] () -- C:\Dokumente und Einstellungen\valiii\Desktop\Ski Challenge 11 (AT) starten.lnk
[2010.06.01 15:01:23 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008.07.04 13:48:32 | 000,000,398 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2007.06.18 16:58:24 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.05.04 15:06:05 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2007.01.10 18:19:58 | 000,000,253 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2007.01.10 18:19:36 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbkvs.dll
[2007.01.10 18:19:33 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBKLCNP.DLL
[2007.01.10 18:18:58 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\lxbkcoin.ini
[2007.01.02 17:03:45 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006.12.29 13:32:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PhotoNow.INI
[2006.12.24 17:44:34 | 000,005,392 | ---- | C] () -- C:\Dokumente und Einstellungen\valiii\Anwendungsdaten\wklnhst.dat
[2006.12.24 17:44:33 | 000,054,272 | ---- | C] () -- C:\Dokumente und Einstellungen\valiii\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.09.05 08:46:24 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.09.05 07:44:13 | 000,001,728 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006.09.05 06:20:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006.09.05 05:55:10 | 000,290,897 | ---- | C] () -- C:\WINDOWS\System32\Install6x.dll
[2006.09.05 05:52:31 | 000,069,632 | R--- | C] () -- C:\WINDOWS\sm56spn.dll
[2006.09.05 05:52:31 | 000,069,632 | R--- | C] () -- C:\WINDOWS\sm56itl.dll
[2006.09.05 05:52:31 | 000,061,440 | R--- | C] () -- C:\WINDOWS\sm56ger.dll
[2006.09.05 05:52:31 | 000,061,440 | R--- | C] () -- C:\WINDOWS\sm56fra.dll
[2006.09.05 05:52:31 | 000,053,248 | R--- | C] () -- C:\WINDOWS\sm56jpn.dll
[2006.09.05 05:52:30 | 000,069,632 | R--- | C] () -- C:\WINDOWS\sm56eng.dll
[2006.09.05 05:52:30 | 000,069,632 | R--- | C] () -- C:\WINDOWS\sm56brz.dll
[2006.09.05 05:52:30 | 000,049,152 | R--- | C] () -- C:\WINDOWS\sm56cht.dll
[2006.09.05 05:52:30 | 000,049,152 | R--- | C] () -- C:\WINDOWS\sm56chs.dll
[2005.01.21 05:02:28 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\RMDevice.dll
[2003.02.20 16:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.10.06 19:42:58 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002.10.05 00:04:26 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002.10.05 00:04:26 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002.10.05 00:04:18 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll

< End of report >

--- --- ---

2. Logfile:OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 23.12.2010 14:04:47 - Run 1
OTL by OldTimer - Version 3.2.18.0     Folder = C:\Dokumente und Einstellungen\valiii\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
894,00 Mb Total Physical Memory | 254,00 Mb Available Physical Memory | 28,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): C:\pagefile.sys 1341 1344 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,04 Gb Total Space | 92,13 Gb Free Space | 61,82% Space Free | Partition Type: NTFS
 
Computer Name: COMPUTER | User Name: valiii | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Dokumente und Einstellungen\valiii\Desktop\blobby\volley.exe" = C:\Dokumente und Einstellungen\valiii\Desktop\blobby\volley.exe:*:Disabled:volley -- ()
"C:\Dokumente und Einstellungen\valiii\Desktop\Stronghold Crusader\Stronghold Crusader.exe" = C:\Dokumente und Einstellungen\valiii\Desktop\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader -- ()
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer -- (Microsoft Corporation)
"C:\Programme\ProENGINEER Schools Edition\i486_nt\nms\nmsd.exe" = C:\Programme\ProENGINEER Schools Edition\i486_nt\nms\nmsd.exe:*:Enabled:Pro/ENGINEER Wildfire from PTC -- (PTC)
"C:\Programme\ProENGINEER Schools Edition\i486_nt\obj\pro_comm_msg.exe" = C:\Programme\ProENGINEER Schools Edition\i486_nt\obj\pro_comm_msg.exe:*:Enabled:Pro/ENGINEER Wildfire from PTC -- (PTC)
"C:\Programme\ProENGINEER Schools Edition\i486_nt\obj\xtop.exe" = C:\Programme\ProENGINEER Schools Edition\i486_nt\obj\xtop.exe:*:Enabled:Pro/ENGINEER Wildfire from PTC -- (PTC)
"C:\Programme\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe" = C:\Programme\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe:*:Enabled:Landwirtschafts Simulator 2011 -- (GIANTS Software GmbH)
"C:\Programme\Landwirtschafts Simulator 2011\game.exe" = C:\Programme\Landwirtschafts Simulator 2011\game.exe:*:Enabled:Landwirtschafts Simulator 2011 -- (GIANTS Software GmbH)
"C:\Dokumente und Einstellungen\valiii\Lokale Einstellungen\Temporary Internet Files\Content.IE5\IBYSH9AS\image96523489[1].exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor -- File not found
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{17811AE7-6445-4A38-9792-60B227C9F48D}" = PestPatrol Registration
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F51A0CA-2BDD-474E-BB90-C7FA8EA78F52}" = ImageMixer VCD/DVD2 for OLYMPUS
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Solution
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6BFF4534-7608-41F0-85F7-31A0569D8960}" = eTrust Registration
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{874F0C23-7CA8-4639-9D77-E032E272A3FD}" = Emergency 2
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D70145A-3BD3-4DBF-9CBF-223EF4A43257}" = ATI Parental Control & Encoder
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91CA8C77-30FC-4AAF-B2EE-F51B0746D95C}" = ATI Catalyst Control Center
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A70700000002}" = Adobe Reader 7.0.7 - Deutsch
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow 3.0
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EB1B0104-6A57-446F-B855-FDF49151BE0C}" = O2Micro Flash Memory Card Windows Driver V2.04
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F45298E5-0083-426F-A668-1A2C5F04B8A0}" = FaxTools
"{FAB1F336-1B7C-4057-A7BC-2922CD82A781}" = Ralink Wireless LAN Card
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"DivX Total Pack" = DivX Total Pack
"DIVXAudio" = DivX ;-) Audio
"FarmingSimulator2011DE_is1" = Landwirtschafts Simulator 2011
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Video Converter_is1" = Free Video Converter V 2.9
"Free YouTube Download_is1" = Free YouTube Download 2.9
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"InstallShield_{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"InstallShield_{EB1B0104-6A57-446F-B855-FDF49151BE0C}" = O2Micro Flash Memory Card Windows Driver V2.04
"Lexmark X1100 Series" = Lexmark X1100 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nike+ Connect" = Nike+ Connect
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"SMSERIAL" = Motorola SM56 Data Fax Modem
"Uninstall_is1" = Uninstall 1.0.0.1
"Veetle TV" = Veetle TV 0.9.18
"VLC media player" = VideoLAN VLC media player 0.8.6a
"vShare" = vShare Plugin
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"sc11-AT_ORF_MAIN" = Ski Challenge 11 (AT)
"UnityWebPlayer" = Unity Web Player
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 18.12.2010 08:01:57 | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung avcenter.exe, Version 8.0.70.8, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 18.12.2010 12:28:44 | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 1.9.2.3951, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 18.12.2010 12:28:45 | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 1.9.2.3951, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 19.12.2010 09:39:54 | Computer Name = COMPUTER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung game.exe, Version 4.1.6.1, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 21.12.2010 15:32:57 | Computer Name = COMPUTER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung nvsvc32.exe, Version 0.0.0.0, fehlgeschlagenes
 Modul wininet.dll, Version 8.0.6001.18992, Fehleradresse 0x00053e30.
 
Error - 22.12.2010 01:22:45 | Computer Name = COMPUTER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 22.12.2010 01:22:45 | Computer Name = COMPUTER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15703
 
Error - 22.12.2010 01:22:45 | Computer Name = COMPUTER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15703
 
Error - 23.12.2010 05:39:59 | Computer Name = COMPUTER | Source = JavaQuickStarterService | ID = 1
Description = 
 
Error - 23.12.2010 05:44:51 | Computer Name = COMPUTER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung cli.exe, Version 1.11.0.0, fehlgeschlagenes
 Modul kernel32.dll, Version 5.1.2600.5781, Fehleradresse 0x00012afb.
 
[ System Events ]
Error - 21.12.2010 17:34:16 | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 21.12.2010 17:34:16 | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 21.12.2010 17:34:16 | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 21.12.2010 17:34:16 | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 21.12.2010 17:34:16 | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
   %%126
 
Error - 22.12.2010 13:11:24 | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7023
Description = Der Dienst "SSHNAS" wurde mit folgendem Fehler beendet:   %%126
 
Error - 22.12.2010 16:08:24 | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7023
Description = Der Dienst "SSHNAS" wurde mit folgendem Fehler beendet:   %%126
 
Error - 23.12.2010 05:38:11 | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7023
Description = Der Dienst "SSHNAS" wurde mit folgendem Fehler beendet:   %%126
 
Error - 23.12.2010 05:40:46 | Computer Name = COMPUTER | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Java Quick Starter" wurde mit folgendem dienstspezifischem
 Fehler beendet: 1 (0x1).
 
Error - 23.12.2010 05:41:28 | Computer Name = COMPUTER | Source = DCOM | ID = 10010
Description = Der Server "{FBA44040-BD27-4A09-ACC8-C08B7C723DCD}" konnte innerhalb
 des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 
[ TuneUp Events ]
Error - 29.07.2010 13:06:48 | Computer Name = COMPUTER | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 29.07.2010 13:06:49 | Computer Name = COMPUTER | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 03.08.2010 10:08:09 | Computer Name = COMPUTER | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 05.08.2010 06:04:23 | Computer Name = COMPUTER | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 13.08.2010 18:19:59 | Computer Name = COMPUTER | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 14.08.2010 01:51:09 | Computer Name = COMPUTER | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 14.08.2010 01:51:13 | Computer Name = COMPUTER | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 26.09.2010 04:47:51 | Computer Name = COMPUTER | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 26.09.2010 06:55:21 | Computer Name = COMPUTER | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 26.09.2010 06:57:25 | Computer Name = COMPUTER | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
 
< End of report >

--- --- ---

LG Lukas

PC versendet Spam

Mülltonne: PC versendet Spam

PC versendet Spam

Ähnliche Themen: PC versendet Spam