Verwandlung von Bildern in exe-Dateien?

Thommy90 · 25.12.2010, 00:24

Hallo ,

ich hatte meine Digitalkamera und eine SD-Karte in einem Urlaub in Afrika dabei, war auch währendessen in einigen Internetcafés, was wahrscheinlich der Fehler war...

Nun kann ich mir die Bilder auf der Kamera anschauen, allerdings erkennt mein Rechner nur 4 exe-Dateien names "BATO.exe", "DCIM.exe", "Lost Files and Folders.exe", "MISC.exe" und eine Datei mit dem Namen "autorun.inf". Vielleicht kann mir ja jemand helfen oder hat eine Idee? Danke schon einmal im vorraus.

Grüße Thommy90

cosinus · 25.12.2010, 01:58

Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. (SD-Karte der Kamera mit überprüfen lassen)
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in den Thread.

Thommy90 · 25.12.2010, 13:24

Hi, danke schon mal für die Hilfe, als erstes Malware:

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes

Datenbank Version: 5391

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

25.12.2010 13:12:21
mbam-log-2010-12-25 (13-12-21).txt

Art des Suchlaufs: Vollständiger Suchlauf (I:\|)
Durchsuchte Objekte: 144446
Laufzeit: 1 Minute(n), 46 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Dann Oldtimer:
1.OTL.exe:OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 25.12.2010 13:17:51 - Run 1
OTL by OldTimer - Version 3.2.18.0     Folder = C:\Dokumente und Einstellungen\Thomas\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 65,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Programme
Drive C: | 19,53 Gb Total Space | 1,82 Gb Free Space | 9,30% Space Free | Partition Type: NTFS
Drive D: | 136,71 Gb Total Space | 77,30 Gb Free Space | 56,54% Space Free | Partition Type: NTFS
Drive E: | 141,83 Gb Total Space | 66,62 Gb Free Space | 46,97% Space Free | Partition Type: NTFS
Drive F: | 2,51 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 673,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 3,73 Gb Total Space | 0,95 Gb Free Space | 25,33% Space Free | Partition Type: FAT32
 
Computer Name: MAXIMATOR | User Name: Thomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2010.12.25 11:18:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Thomas\Desktop\OTL.exe
PRC - [2010.12.10 11:02:08 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\plugin-container.exe
PRC - [2010.12.10 11:02:05 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2010.12.09 22:11:57 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.11.16 20:43:19 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.11.16 20:43:17 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.09.21 19:37:40 | 000,932,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.08.30 17:17:48 | 000,126,976 | ---- | M] () -- C:\WINXP\system32\UAService.exe
PRC - [2009.08.20 20:08:24 | 002,000,120 | ---- | M] (Veoh Networks) -- C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
PRC - [2009.08.05 11:17:12 | 000,204,800 | ---- | M] (DT Soft Ltd) -- C:\Programme\DAEMON Tools Pro\DTProShellHlp.exe
PRC - [2009.06.25 14:12:42 | 001,414,144 | ---- | M] (Nokia) -- C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009.06.02 09:10:08 | 000,637,952 | ---- | M] (Nokia.) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009.06.01 13:43:04 | 000,155,136 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclBCBTSrv.exe
PRC - [2009.05.28 12:45:00 | 000,132,096 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009.03.31 19:13:17 | 000,212,992 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temp\RtkBtMnt.exe
PRC - [2009.03.30 09:11:14 | 000,120,320 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008.04.30 18:41:12 | 000,815,104 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe
PRC - [2008.04.30 18:27:12 | 001,347,584 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2008.04.30 18:20:38 | 000,901,120 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\S24EvMon.exe
PRC - [2008.04.30 18:11:20 | 001,191,936 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2008.04.30 18:10:10 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008.04.14 13:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINXP\explorer.exe
PRC - [2008.04.03 13:21:10 | 000,070,976 | ---- | M] (Broadcom Corp.) -- C:\Programme\Broadcom\BACS\BPowMon.exe
PRC - [2007.04.01 05:32:38 | 000,568,176 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007.02.12 13:13:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Programme\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2005.11.08 23:00:38 | 000,128,920 | ---- | M] (DT Soft Ltd.) -- C:\Programme\DAEMON Tools\daemon.exe
PRC - [2005.03.08 12:46:00 | 000,651,264 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\StCenter.exe
PRC - [2005.03.04 13:41:06 | 000,913,408 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FwebProt.exe
PRC - [2005.03.04 11:50:00 | 000,118,784 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.12.25 11:18:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Thomas\Desktop\OTL.exe
MOD - [2010.08.23 17:11:46 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINXP\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2007.04.01 18:30:48 | 000,086,016 | ---- | M] (Broadcom Corporation.) -- C:\WINXP\system32\BtMmHook.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\DOKUME~1\Thomas\LOKALE~1\Temp\AVSETUP_49d2615b\basic\avupgsvc.exe -- (AntiVirUpgradeService)
SRV - [2010.12.09 22:11:57 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.11.16 20:43:19 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.08.30 17:17:48 | 000,126,976 | ---- | M] () [Auto | Running] -- C:\WINXP\system32\UAService.exe -- (UserAccess)
SRV - [2009.06.02 09:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.04.30 18:41:12 | 000,815,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.04.30 18:20:38 | 000,901,120 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2008.04.30 18:10:10 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.04.03 13:21:10 | 000,070,976 | ---- | M] (Broadcom Corp.) [Auto | Running] -- C:\Programme\Broadcom\BACS\BPowMon.exe -- (BPowMon)
SRV - [2007.02.12 13:13:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Programme\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2005.03.04 11:50:00 | 000,118,784 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (AVM IGD CTRL Service)
SRV - [2005.03.04 11:42:08 | 000,315,392 | ---- | M] (AVM Berlin) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\AVM\De_serv.exe -- (de_serv)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINXP\System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINXP\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2010.12.21 10:27:00 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINXP\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.11.28 14:19:36 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINXP\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.08.29 14:58:52 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINXP\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2009.08.28 13:37:19 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\WINXP\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINXP\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.31 15:21:36 | 000,317,976 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINXP\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2009.02.13 08:05:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.02.09 07:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.02.09 07:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.02.09 07:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.02.09 07:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.12.31 13:59:00 | 003,453,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.10.31 13:52:00 | 000,093,184 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.06.12 06:00:12 | 000,043,608 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\o2sd.sys -- (O2SDRDR)
DRV - [2008.05.20 14:23:00 | 004,800,000 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.05.13 09:19:12 | 000,051,288 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2008.04.28 05:14:54 | 003,626,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)
DRV - [2008.04.14 13:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.04.14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM)
DRV - [2008.04.03 13:21:06 | 000,010,480 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Programme\Broadcom\BACS\BASFND.sys -- (BASFND)
DRV - [2008.03.20 11:32:24 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINXP\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2008.03.19 10:56:24 | 000,175,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007.03.31 09:32:42 | 000,876,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007.03.31 09:32:40 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2007.03.23 07:20:42 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007.03.23 07:20:24 | 000,149,123 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007.03.23 07:20:08 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007.03.23 07:19:54 | 000,539,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2005.03.03 18:53:57 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINXP\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.02.23 16:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINXP\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.12.03 11:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINXP\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "foxsearch"
FF - prefs.js..browser.search.order.1: "foxsearch"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "foxsearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.spiegel.de"
FF - prefs.js..extensions.enabledItems: max@subfighter.com:1.0.3
FF - prefs.js..extensions.enabledItems: web@veoh.com:1.4
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.9
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.2.5.2
FF - prefs.js..extensions.enabledItems: gutscheinmieze@synatix-gmbh.de:1.03
FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - user.js..browser.search.selectedEngine: "foxsearch"
FF - user.js..browser.search.order.1: "foxsearch"
FF - user.js..browser.search.defaultenginename: "foxsearch"
FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Programme\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.07.18 12:17:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.12.13 16:48:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.12.24 23:57:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2010.12.17 15:13:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2010.10.02 11:33:21 | 000,000,000 | ---D | M]
 
[2010.08.31 20:48:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Extensions
[2010.08.31 20:48:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.12.25 12:19:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\ggbi3w2h.default\extensions
[2010.01.05 08:57:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\ggbi3w2h.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.29 09:46:44 | 000,000,000 | ---D | M] (Stylish) -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\ggbi3w2h.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010.08.14 20:09:22 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\ggbi3w2h.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.12.22 19:37:26 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\ggbi3w2h.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2010.12.22 19:37:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\ggbi3w2h.default\extensions\engine@conduit.com
[2010.12.24 23:57:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\ggbi3w2h.default\extensions\gutscheinmieze@synatix-gmbh.de
[2009.12.04 20:19:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\ggbi3w2h.default\extensions\max@subfighter.com
[2009.08.30 21:29:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\ggbi3w2h.default\extensions\searchrecs@veoh.com
[2010.12.25 12:19:43 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.03.19 09:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Programme\Mozilla Firefox\plugins\npmieze.dll
[2010.10.26 21:01:09 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.10.26 21:01:10 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.12.24 23:57:05 | 000,000,143 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\foxsearch.src
[2010.10.26 21:01:10 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.10.26 21:01:10 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.10.26 21:01:10 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2008.04.14 13:00:00 | 000,000,820 | ---- | M]) - C:\WINXP\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Programme\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINXP\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [DAEMON Tools] C:\Programme\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKLM..\Run: [IntelWireless] C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VVSN] C:\Programme\VVSN\VVSN.exe File not found
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Programme\DAEMON Tools Pro\DTProAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ICQ] C:\Programme\ICQ6.5\ICQ.exe File not found
O4 - HKCU..\Run: [PC Suite Tray] C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [VeohPlugin] C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\FRITZ!DSL Startcenter.lnk = C:\Programme\FRITZ!DSL\StCenter.exe (AVM Berlin)
O4 - Startup: C:\Dokumente und Einstellungen\Thomas\Startmenü\Programme\Autostart\FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\FRITZ!DSL\SARAH.DLL (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINXP\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINXP\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.03.31 16:06:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - Unable to obtain root file information for disk D:\
O32 - AutoRun File - [2005.11.04 07:24:50 | 000,000,000 | R--D | M] - G:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2005.11.04 06:52:23 | 000,729,088 | R--- | M] (Electronic Arts Inc.) - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2005.10.14 09:02:16 | 000,585,728 | R--- | M] (Electronic Arts Inc.) - G:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2005.11.04 07:22:30 | 000,000,160 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - Unable to obtain root file information for disk I:\
O33 - MountPoints2\{197e219e-94a4-11de-8348-00215d80b9ec}\Shell - "" = AutoRun
O33 - MountPoints2\{197e219e-94a4-11de-8348-00215d80b9ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{197e219e-94a4-11de-8348-00215d80b9ec}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2005.11.04 06:52:23 | 000,729,088 | R--- | M] (Electronic Arts Inc.)
O33 - MountPoints2\{70c9687a-7faf-11df-b5ce-00215d80b9ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{70c9687a-7faf-11df-b5ce-00215d80b9ec}\Shell\AutoRun\command - "" = I:\tezge\gazda.exe -- File not found
O33 - MountPoints2\{70c9687a-7faf-11df-b5ce-00215d80b9ec}\Shell\explore\command - "" = I:\tezge\\gazda.exe -- File not found
O33 - MountPoints2\{70c9687a-7faf-11df-b5ce-00215d80b9ec}\Shell\open\command - "" = I:\tezge\\gazda.exe -- File not found
O33 - MountPoints2\{8f9d7be0-2760-11de-8276-00215d80b9ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8f9d7be0-2760-11de-8276-00215d80b9ec}\Shell\AutoRun\command - "" = nemoj\\meni.exe
O33 - MountPoints2\{8f9d7be0-2760-11de-8276-00215d80b9ec}\Shell\explore\command - "" = nemoj\\\meni.exe
O33 - MountPoints2\{8f9d7be0-2760-11de-8276-00215d80b9ec}\Shell\open\command - "" = nemoj\\\meni.exe
O33 - MountPoints2\{9b2682e2-7de8-11df-b5cc-00215d80b9ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9b2682e2-7de8-11df-b5cc-00215d80b9ec}\Shell\AutoRun\command - "" = I:\tezge\gazda.exe -- File not found
O33 - MountPoints2\{9b2682e2-7de8-11df-b5cc-00215d80b9ec}\Shell\explore\command - "" = I:\tezge\\gazda.exe -- File not found
O33 - MountPoints2\{9b2682e2-7de8-11df-b5cc-00215d80b9ec}\Shell\open\command - "" = I:\tezge\\gazda.exe -- File not found
O33 - MountPoints2\{c6853252-93c2-11de-8344-00215d80b9ec}\Shell - "" = AutoRun
O33 - MountPoints2\{c6853252-93c2-11de-8344-00215d80b9ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c6853252-93c2-11de-8344-00215d80b9ec}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2005.11.04 06:52:23 | 000,729,088 | R--- | M] (Electronic Arts Inc.)
O33 - MountPoints2\{e6227b7e-b77d-11df-b5fd-00215d80b9ec}\Shell - "" = AutoRun
O33 - MountPoints2\{e6227b7e-b77d-11df-b5fd-00215d80b9ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e6227b7e-b77d-11df-b5fd-00215d80b9ec}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.12.25 11:18:22 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Thomas\Desktop\OTL.exe
[2010.12.25 11:16:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Malwarebytes
[2010.12.25 11:16:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbamswissarmy.sys
[2010.12.25 11:16:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.12.25 11:16:04 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbam.sys
[2010.12.24 23:56:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Gutscheinmieze
[2010.12.22 19:37:32 | 000,000,000 | ---D | C] -- C:\Programme\Conduit
[2010.12.22 19:37:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Anwendungsdaten\Conduit
[2010.12.22 19:37:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Anwendungsdaten\softonic-de3
[2010.12.22 19:37:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Anwendungsdaten\ConduitEngine
[2010.12.22 19:37:29 | 000,000,000 | ---D | C] -- C:\Programme\ConduitEngine
[2010.12.22 19:37:27 | 000,000,000 | ---D | C] -- C:\Programme\softonic-de3
[2010.12.22 18:57:43 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype
[2010.12.22 18:57:42 | 000,000,000 | R--D | C] -- C:\Programme\Skype
[2010.12.11 17:40:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Thomas\Desktop\Best of iDEAS
[2010.12.05 22:13:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Skype
[2010.12.05 14:17:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
[2010.11.28 14:35:50 | 000,000,000 | ---D | C] -- C:\WINXP\System32\NtmsData
[2010.11.28 14:19:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Avira
[3 C:\WINXP\System32\*.tmp files -> C:\WINXP\System32\*.tmp -> ]
[3 C:\WINXP\*.tmp files -> C:\WINXP\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\Thomas\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Thomas\Eigene Dateien\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.12.25 13:08:27 | 000,000,256 | ---- | M] () -- C:\WINXP\tasks\WGASetup.job
[2010.12.25 13:06:29 | 000,001,084 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.25 13:06:05 | 000,002,048 | --S- | M] () -- C:\WINXP\bootstat.dat
[2010.12.25 11:59:19 | 000,001,212 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskUserS-1-5-21-220523388-115176313-1644491937-1003UA.job
[2010.12.25 11:47:17 | 000,001,088 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.25 11:18:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Thomas\Desktop\OTL.exe
[2010.12.25 11:16:11 | 000,000,630 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.25 00:16:19 | 000,116,633 | ---- | M] () -- C:\wubildr
[2010.12.25 00:16:19 | 000,008,192 | ---- | M] () -- C:\wubildr.mbr
[2010.12.25 00:16:19 | 000,000,246 | RHS- | M] () -- C:\boot.ini
[2010.12.24 23:57:40 | 000,000,609 | ---- | M] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\IsoBuster.lnk
[2010.12.24 16:58:42 | 000,077,285 | ---- | M] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\hmm, crap.JPG
[2010.12.24 13:59:00 | 000,001,160 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskUserS-1-5-21-220523388-115176313-1644491937-1003Core.job
[2010.12.24 11:58:21 | 000,002,206 | ---- | M] () -- C:\WINXP\System32\wpa.dbl
[2010.12.23 12:34:15 | 000,002,239 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2010.12.22 19:37:36 | 000,000,533 | ---- | M] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\Teamspeak 2 RC2.lnk
[2010.12.22 19:24:20 | 000,000,677 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TeamSpeak 3 Client.lnk
[2010.12.21 21:58:26 | 000,096,897 | ---- | M] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\diesel .jpg
[2010.12.21 10:27:00 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINXP\System32\drivers\avipbb.sys
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbam.sys
[2010.12.19 01:09:46 | 000,002,373 | ---- | M] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\Google Chrome.lnk
[2010.12.17 15:05:46 | 000,113,376 | ---- | M] () -- C:\WINXP\System32\FNTCACHE.DAT
[2010.12.17 07:12:26 | 000,001,393 | ---- | M] () -- C:\WINXP\imsins.BAK
[2010.12.05 15:18:25 | 000,249,856 | ---- | M] (TODO: <Company name>) -- C:\WINXP\System32\pdfmona.dll
[2010.12.05 15:18:25 | 000,051,716 | ---- | M] () -- C:\WINXP\System32\pdf995mon.dll
[2010.12.05 15:18:25 | 000,000,025 | ---- | M] () -- C:\WINXP\wpd99.drv
[2010.11.29 21:46:01 | 000,003,444 | ---- | M] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\Moduleinteilung Englisch Winter 10_11 KCC.zip
[2010.11.28 14:19:36 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINXP\System32\drivers\avgntflt.sys
[2010.11.27 18:47:29 | 000,187,392 | ---- | M] () -- C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[3 C:\WINXP\System32\*.tmp files -> C:\WINXP\System32\*.tmp -> ]
[3 C:\WINXP\*.tmp files -> C:\WINXP\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\Thomas\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Thomas\Eigene Dateien\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.12.25 11:16:11 | 000,000,630 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.25 00:16:19 | 000,116,633 | ---- | C] () -- C:\wubildr
[2010.12.25 00:16:19 | 000,008,192 | ---- | C] () -- C:\wubildr.mbr
[2010.12.25 00:05:04 | 000,000,721 | ---- | C] () -- C:\Dokumente und Einstellungen\Thomas\.usbcreator.log
[2010.12.24 23:57:40 | 000,000,609 | ---- | C] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\IsoBuster.lnk
[2010.12.24 16:58:42 | 000,077,285 | ---- | C] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\hmm, crap.JPG
[2010.12.22 19:24:20 | 000,000,677 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TeamSpeak 3 Client.lnk
[2010.12.22 18:57:43 | 000,002,239 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2010.12.21 21:58:14 | 000,096,897 | ---- | C] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\diesel .jpg
[2010.11.29 21:46:00 | 000,003,444 | ---- | C] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\Moduleinteilung Englisch Winter 10_11 KCC.zip
[2010.10.31 21:28:38 | 000,021,840 | ---- | C] () -- C:\WINXP\System32\SIntfNT.dll
[2010.10.31 21:28:38 | 000,017,212 | ---- | C] () -- C:\WINXP\System32\SIntf32.dll
[2010.10.31 21:28:38 | 000,012,067 | ---- | C] () -- C:\WINXP\System32\SIntf16.dll
[2010.10.31 21:27:58 | 000,000,202 | ---- | C] () -- C:\WINXP\SIERRA.INI
[2010.02.17 13:29:35 | 000,116,224 | ---- | C] () -- C:\WINXP\System32\pdfcmnnt.dll
[2010.02.17 13:16:39 | 000,000,025 | ---- | C] () -- C:\WINXP\wpd99.drv
[2010.02.17 13:16:38 | 000,051,716 | ---- | C] () -- C:\WINXP\System32\pdf995mon.dll
[2010.01.25 17:15:26 | 000,000,052 | ---- | C] () -- C:\WINXP\BRPP2KA.INI
[2009.10.19 18:39:09 | 000,000,080 | ---- | C] () -- C:\WINXP\brmx2001.ini
[2009.10.19 18:39:08 | 000,000,464 | ---- | C] () -- C:\WINXP\brwmark.ini
[2009.10.19 18:39:08 | 000,000,040 | ---- | C] () -- C:\WINXP\opt_1230.ini
[2009.08.29 14:58:52 | 000,223,128 | ---- | C] () -- C:\WINXP\System32\drivers\dtscsi.sys
[2009.08.28 10:47:53 | 000,722,416 | ---- | C] () -- C:\WINXP\System32\drivers\sptd.sys
[2009.08.07 18:51:34 | 000,178,430 | ---- | C] () -- C:\WINXP\System32\xlive.dll.cat
[2009.05.25 19:05:01 | 000,000,394 | ---- | C] () -- C:\WINXP\ODBC.INI
[2009.04.05 11:10:51 | 000,187,392 | ---- | C] () -- C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.31 17:01:36 | 000,004,073 | ---- | C] () -- C:\WINXP\ODBCINST.INI
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINXP\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelFrench.dll
[2007.04.01 05:30:28 | 002,842,624 | ---- | C] () -- C:\WINXP\System32\btwicons.dll
[2007.04.01 05:11:52 | 000,090,112 | ---- | C] () -- C:\WINXP\System32\btprn2k.dll
[2001.11.14 10:26:00 | 001,802,240 | ---- | C] () -- C:\WINXP\System32\lcppn21.dll
[1999.04.29 21:00:00 | 000,065,536 | ---- | C] () -- C:\WINXP\System32\MSRTEDIT.DLL

< End of report >

--- --- ---
Nun Extras.txt:OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 25.12.2010 13:17:51 - Run 1
OTL by OldTimer - Version 3.2.18.0     Folder = C:\Dokumente und Einstellungen\Thomas\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 65,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Programme
Drive C: | 19,53 Gb Total Space | 1,82 Gb Free Space | 9,30% Space Free | Partition Type: NTFS
Drive D: | 136,71 Gb Total Space | 77,30 Gb Free Space | 56,54% Space Free | Partition Type: NTFS
Drive E: | 141,83 Gb Total Space | 66,62 Gb Free Space | 46,97% Space Free | Partition Type: NTFS
Drive F: | 2,51 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 673,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 3,73 Gb Total Space | 0,95 Gb Free Space | 25,33% Space Free | Partition Type: FAT32
 
Computer Name: MAXIMATOR | User Name: Thomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Programme\FRITZ!DSL\FBOXUPD.EXE" = C:\Programme\FRITZ!DSL\FBOXUPD.EXE:*:Enabled:AVM FRITZ!Box Firmware-Update -- (AVM Berlin)
"D:\Wow\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe" = D:\Wow\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Wow\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe" = D:\Wow\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Wow\Launcher.exe" = D:\Wow\Launcher.exe:*:Enabled:Blizzard Launcher -- File not found
"C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player  -- (Veoh Networks)
"D:\Games\Conflict\ConflictDeniedOps.exe" = D:\Games\Conflict\ConflictDeniedOps.exe:*:Enabled:Conflict: Denied Ops -- (Pivotal Games)
"C:\Programme\FRITZ!DSL\IGDCTRL.EXE" = C:\Programme\FRITZ!DSL\IGDCTRL.EXE:*:Enabled:FRITZ!DSL - igdctrl.exe -- (AVM Berlin)
"D:\Games\ASSasin´s creed\AssassinsCreed_Dx9.exe" = D:\Games\ASSasin´s creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9 -- (Ubisoft)
"D:\Games\ASSasin´s creed\AssassinsCreed_Dx10.exe" = D:\Games\ASSasin´s creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10 -- (Ubisoft)
"D:\Games\ASSasin´s creed\AssassinsCreed_Launcher.exe" = D:\Games\ASSasin´s creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update -- (Ubisoft)
"D:\Games\Steam\steamapps\poth0800\counter-strike\hl.exe" = D:\Games\Steam\steamapps\poth0800\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
"D:\Games\Red faction\rfg.exe" = D:\Games\Red faction\rfg.exe:*:Enabled:Red Faction: Guerrilla -- (THQ Inc.)
"D:\Games\Terrorist Takedown 2\TT2.exe" = D:\Games\Terrorist Takedown 2\TT2.exe:*:Enabled:TT2 -- (City Interactive)
"D:\Games\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe" = D:\Games\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V -- ()
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"D:\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe" = D:\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe:*:Enabled:Jedi Academy MultiPlayer -- (Activision Inc)
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"D:\Command & Conquer The First Decade\Command & Conquer(tm) Tiberian Sun(tm)\SUN\Game.exe" = D:\Command & Conquer The First Decade\Command & Conquer(tm) Tiberian Sun(tm)\SUN\Game.exe:*:Enabled:Main executable for Tiberian Sun -- (Westwood Studios)
"C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temp\pylA4.tmp\pyrun.exe" = C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temp\pylA4.tmp\pyrun.exe:*:Enabled:pyrun -- File not found
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0408F390-07CB-D410-0D92-216A4F289383}" = Catalyst Control Center Localization Portuguese
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{09CBA8F8-6E2C-2D55-601D-5C7DFBF110DE}" = CCC Help Greek
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{0D994CC5-819F-4657-84DD-397B8FE1EA80}" = Star Wars Jedi Knight Jedi Academy
"{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu
"{11631FFF-BA52-39EC-680A-99E93AD76FFF}" = Catalyst Control Center Localization Swedish
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{204D27E9-6133-EFDB-B08D-1D437C243238}" = Catalyst Control Center Localization Czech
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{213DCFD8-8B71-4B94-AADC-0B975A089169}" = CCC Help Polish
"{2447500B-22D7-47BD-9B13-1A927F43A267}" = Empire Earth
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi Software
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{284B8F16-EBFC-3476-F1BF-67C0C38AAB88}" = CCC Help Russian
"{2A992277-9A01-3010-9D71-96FB05E69A6D}" = Catalyst Control Center Localization Polish
"{2C05F45E-1E76-09FB-F524-AACF06048476}" = Catalyst Control Center Localization Chinese Standard
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{2F2CB2D8-ABC0-A41F-4808-12582DD0C89F}" = Catalyst Control Center Localization Chinese Traditional
"{2F677CE6-AC98-358E-7620-347E86FFA237}" = CCC Help Dutch
"{339DE854-1491-7D3A-BF41-F98D03E96E05}" = Catalyst Control Center Localization Spanish
"{33C1D08E-96AB-9166-B542-B43908F28758}" = CCC Help Korean
"{342461FA-DE28-8952-E88C-9E37358C11DB}" = ccc-core-preinstall
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3C646015-2F15-DDC5-F41F-11286477E604}" = CCC Help Portuguese
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{42A43C70-B1FC-AA51-3413-8701A56F7AC4}" = CCC Help Spanish
"{42E0783D-3BA4-454B-B58A-BF26E49EB7DE}" = Ballance
"{45B886A5-4289-EF3F-0DDE-85153592217A}" = Catalyst Control Center Localization Korean
"{4B8943DF-29A2-577A-8DB1-3EE7226385CC}" = Catalyst Control Center Localization Japanese
"{4C38E232-CBA6-AEF1-2B6A-5083AE0DA066}" = Catalyst Control Center Localization German
"{4F027EE2-CE98-4D6C-303C-0AC82BA7DE37}" = Catalyst Control Center Localization French
"{51A28B4E-98BA-BCAA-8DEE-406F1A4D69DA}" = Catalyst Control Center Localization Norwegian
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{584F138A-B8C6-66ED-4D5C-7B564992256C}" = CCC Help Czech
"{61B9BC1E-F0E6-4A4F-98CB-A0D2EB2D7731}" = O2Micro Flash Memory Card Reader Driver (x86)
"{67783271-0A32-B2D1-39E2-C9CC85B24243}" = CCC Help Thai
"{68EF22FB-93B7-E503-B961-B83F25116CB0}" = Catalyst Control Center Graphics Full Existing
"{69F538CD-AF13-25C6-B4E2-E13C749298F1}" = Catalyst Control Center Localization Thai
"{6A9F833E-6578-6F31-E77A-768B72534D5B}" = CCC Help Italian
"{6DE6DCB8-3D18-3778-F761-20BC90099284}" = Catalyst Control Center Graphics Full New
"{706EC84C-6966-45EB-AEB9-EE6DCEA8CA3A}" = Böse Nachbarn 2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7575545D-279C-56C6-3CBE-58E5C789D41B}" = CCC Help Norwegian
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{80917A9A-CAD4-E70D-E308-8D03856CCEA4}" = Catalyst Control Center Localization Russian
"{8217A940-D7E9-D454-9B5A-AD557AEF273B}" = CCC Help Turkish
"{842FAF7C-50EF-4463-9B8F-6222E1384D7D}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{874ACD66-B816-2977-F0E6-4EAAF9218702}" = Catalyst Control Center Localization Hungarian
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B078697-C45F-91FF-FFAD-DF2FBC7F365C}" = CCC Help Chinese Traditional
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{92011DF7-9EA3-87F7-4E11-5F19EDF688B6}" = CCC Help German
"{9803B3D7-1642-952D-8556-1C6755C04403}" = Catalyst Control Center Localization Finnish
"{98753ECE-9CBF-A483-9970-AE0139321A41}" = CCC Help Swedish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B7E167C-D81F-F6CE-31DA-A618A1AB05DD}" = Catalyst Control Center Graphics Light
"{A0E1F1DA-A8CF-7322-301C-54CE26AF6534}" = CCC Help English
"{A15AE4BE-865A-F9F7-BE07-E46868144440}" = CCC Help Finnish
"{A20B3E16-327F-1C47-00F8-BC74DD9D4797}" = Catalyst Control Center Localization Turkish
"{A2E7781F-7950-C53A-C010-04E9F46C7800}" = CCC Help Japanese
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"{A64A5576-D862-44F8-89DC-2B17FCC9B86E}" = Broadcom Gigabit Integrated Controller
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC153D40-438D-50AE-C27D-8FBE930F443A}" = Catalyst Control Center Localization Greek
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B0C93D56-932E-1A46-1C48-2515A38AB3BA}" = ccc-core-static
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0FF3827-5158-CB17-3972-EA389378C782}" = CCC Help French
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C8E104FE-D57E-4082-9524-6C3A1C8DBDD7}" = A9CAD
"{CDA06904-6190-DD47-9BFE-A8694FAD3E66}" = ccc-utility
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEADC342-7C91-BEF6-B9C4-2CA8887B4B8B}" = CCC Help Danish
"{D3D7F77A-B266-DE2F-5992-EA434001BDB6}" = Catalyst Control Center Localization Dutch
"{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}" = NVIDIA PhysX v8.10.29
"{D5A7D7AB-3093-3619-9261-74DB250ECF7B}" = Microsoft Visual C++ 2008 Express Edition with SP1 - DEU
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic
"{E00D2046-369A-4801-B154-D9AABBC1DCEE}" = Broadcom Management Programs
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EA63AC6C-B860-7549-04B5-4A61EAB19F74}" = Catalyst Control Center Localization Danish
"{ECE000BF-153A-3605-77F0-C6634FAA5D22}" = Catalyst Control Center Core Implementation
"{EE4BA4C3-6DE4-404C-9B69-A84709BED752}" = Conflict Denied Ops
"{EE83071A-2260-4A28-FDE7-0E519732A032}" = Skins
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1F5680A-45D1-2C97-6C6A-1D7B4C4270D1}" = CCC Help Chinese Standard
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{FAFB8884-1640-D8C0-B2BD-20D06623AB1C}" = CCC Help Hungarian
"{FBA4593E-277D-63EC-CB91-4E74F114E838}" = Catalyst Control Center Localization Italian
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMFBox" = FRITZ!Box
"CDex" = CDex extraction audio
"conduitEngine" = Conduit Engine
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Windows-Treiberpaket - Nokia Modem  (06/01/2009 4.1)
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Windows-Treiberpaket - Nokia Modem  (06/01/2009 7.01.0.3)
"FRITZ!DSL" = AVM FRITZ!DSL
"Gutscheinmieze - Toolbar" = Gutscheinmieze - Toolbar
"Heroes of Might and Magic® III" = Heroes of Might and Magic® III Complete
"InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"IsoBuster_is1" = IsoBuster 2.8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual C++ 2008 Express Edition with SP1 - DEU" = Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"Nokia PC Suite" = Nokia PC Suite
"OpenAL" = OpenAL
"ProInst" = Intel PROSet Wireless
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"tt2_is1" = Terrorist Takedown 2 (1.01)
"Videora iPod touch Converter" = Videora iPod touch Converter 5.03
"VLC media player" = VLC media player 0.9.9
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wubi" = Ubuntu
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III: All Products
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 10.12.2010 06:43:16 | Computer Name = MAXIMATOR | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig.  .
 
Error - 10.12.2010 06:43:16 | Computer Name = MAXIMATOR | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig.  .
 
Error - 10.12.2010 06:43:20 | Computer Name = MAXIMATOR | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig.  .
 
Error - 10.12.2010 06:43:20 | Computer Name = MAXIMATOR | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig.  .
 
Error - 10.12.2010 06:43:40 | Computer Name = MAXIMATOR | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig.  .
 
Error - 10.12.2010 06:43:40 | Computer Name = MAXIMATOR | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig.  .
 
Error - 10.12.2010 06:43:40 | Computer Name = MAXIMATOR | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig.  .
 
Error - 10.12.2010 06:43:40 | Computer Name = MAXIMATOR | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig.  .
 
Error - 17.12.2010 10:56:30 | Computer Name = MAXIMATOR | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Skype.exe, Version 5.0.0.152, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 19.12.2010 10:17:32 | Computer Name = MAXIMATOR | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung skype.exe, Version 5.0.0.152, fehlgeschlagenes
 Modul skype.exe, Version 5.0.0.152, Fehleradresse 0x0032b2e1.
 
[ System Events ]
Error - 24.12.2010 19:40:06 | Computer Name = MAXIMATOR | Source = DCOM | ID = 10016
Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID
 (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung
 (Lokal) für die COM-Serveranwendung mit CLSID   {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

 gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste
 geändert werden.
 
Error - 25.12.2010 06:05:46 | Computer Name = MAXIMATOR | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: Die Hardware des Embedded Controllers (EC) hat nicht
 innerhalb des Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware
 oder -Firmware bzw. auf ein schlecht angelegtes BIOS hin, das auf nicht sichere
 Art und Weise auf den EC zugreift. Der EC-Treiber wird erneut versuchen, die fehlgeschlagene
 Transaktion durchzuführen.
 
Error - 25.12.2010 06:05:51 | Computer Name = MAXIMATOR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Avira Upgrade Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%3
 
Error - 25.12.2010 06:06:35 | Computer Name = MAXIMATOR | Source = DCOM | ID = 10016
Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID
 (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung
 (Lokal) für die COM-Serveranwendung mit CLSID   {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

 gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste
 geändert werden.
 
Error - 25.12.2010 06:06:48 | Computer Name = MAXIMATOR | Source = DCOM | ID = 10016
Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID
 (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung
 (Lokal) für die COM-Serveranwendung mit CLSID   {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

 gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste
 geändert werden.
 
Error - 25.12.2010 06:06:48 | Computer Name = MAXIMATOR | Source = DCOM | ID = 10016
Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID
 (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung
 (Lokal) für die COM-Serveranwendung mit CLSID   {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

 gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste
 geändert werden.
 
Error - 25.12.2010 08:06:19 | Computer Name = MAXIMATOR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Avira Upgrade Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%3
 
Error - 25.12.2010 08:06:45 | Computer Name = MAXIMATOR | Source = DCOM | ID = 10016
Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID
 (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung
 (Lokal) für die COM-Serveranwendung mit CLSID   {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

 gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste
 geändert werden.
 
Error - 25.12.2010 08:06:46 | Computer Name = MAXIMATOR | Source = DCOM | ID = 10016
Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID
 (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung
 (Lokal) für die COM-Serveranwendung mit CLSID   {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

 gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste
 geändert werden.
 
Error - 25.12.2010 08:06:46 | Computer Name = MAXIMATOR | Source = DCOM | ID = 10016
Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID
 (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung
 (Lokal) für die COM-Serveranwendung mit CLSID   {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

 gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste
 geändert werden.
 
 
< End of report >

--- --- ---

Thommy90 · 25.12.2010, 13:24

Hi, danke schon mal für die Hilfe, als erstes Malware:

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes

Datenbank Version: 5391

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

25.12.2010 13:12:21
mbam-log-2010-12-25 (13-12-21).txt

Art des Suchlaufs: Vollständiger Suchlauf (I:\|)
Durchsuchte Objekte: 144446
Laufzeit: 1 Minute(n), 46 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Dann Oldtimer:
1.OTL.exe:OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 25.12.2010 13:17:51 - Run 1
OTL by OldTimer - Version 3.2.18.0     Folder = C:\Dokumente und Einstellungen\Thomas\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 65,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Programme
Drive C: | 19,53 Gb Total Space | 1,82 Gb Free Space | 9,30% Space Free | Partition Type: NTFS
Drive D: | 136,71 Gb Total Space | 77,30 Gb Free Space | 56,54% Space Free | Partition Type: NTFS
Drive E: | 141,83 Gb Total Space | 66,62 Gb Free Space | 46,97% Space Free | Partition Type: NTFS
Drive F: | 2,51 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 673,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 3,73 Gb Total Space | 0,95 Gb Free Space | 25,33% Space Free | Partition Type: FAT32
 
Computer Name: MAXIMATOR | User Name: Thomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2010.12.25 11:18:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Thomas\Desktop\OTL.exe
PRC - [2010.12.10 11:02:08 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\plugin-container.exe
PRC - [2010.12.10 11:02:05 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2010.12.09 22:11:57 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.11.16 20:43:19 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.11.16 20:43:17 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.09.21 19:37:40 | 000,932,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.08.30 17:17:48 | 000,126,976 | ---- | M] () -- C:\WINXP\system32\UAService.exe
PRC - [2009.08.20 20:08:24 | 002,000,120 | ---- | M] (Veoh Networks) -- C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
PRC - [2009.08.05 11:17:12 | 000,204,800 | ---- | M] (DT Soft Ltd) -- C:\Programme\DAEMON Tools Pro\DTProShellHlp.exe
PRC - [2009.06.25 14:12:42 | 001,414,144 | ---- | M] (Nokia) -- C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009.06.02 09:10:08 | 000,637,952 | ---- | M] (Nokia.) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009.06.01 13:43:04 | 000,155,136 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclBCBTSrv.exe
PRC - [2009.05.28 12:45:00 | 000,132,096 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009.03.31 19:13:17 | 000,212,992 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temp\RtkBtMnt.exe
PRC - [2009.03.30 09:11:14 | 000,120,320 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008.04.30 18:41:12 | 000,815,104 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe
PRC - [2008.04.30 18:27:12 | 001,347,584 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2008.04.30 18:20:38 | 000,901,120 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\S24EvMon.exe
PRC - [2008.04.30 18:11:20 | 001,191,936 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2008.04.30 18:10:10 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008.04.14 13:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINXP\explorer.exe
PRC - [2008.04.03 13:21:10 | 000,070,976 | ---- | M] (Broadcom Corp.) -- C:\Programme\Broadcom\BACS\BPowMon.exe
PRC - [2007.04.01 05:32:38 | 000,568,176 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007.02.12 13:13:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Programme\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2005.11.08 23:00:38 | 000,128,920 | ---- | M] (DT Soft Ltd.) -- C:\Programme\DAEMON Tools\daemon.exe
PRC - [2005.03.08 12:46:00 | 000,651,264 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\StCenter.exe
PRC - [2005.03.04 13:41:06 | 000,913,408 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FwebProt.exe
PRC - [2005.03.04 11:50:00 | 000,118,784 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.12.25 11:18:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Thomas\Desktop\OTL.exe
MOD - [2010.08.23 17:11:46 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINXP\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2007.04.01 18:30:48 | 000,086,016 | ---- | M] (Broadcom Corporation.) -- C:\WINXP\system32\BtMmHook.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\DOKUME~1\Thomas\LOKALE~1\Temp\AVSETUP_49d2615b\basic\avupgsvc.exe -- (AntiVirUpgradeService)
SRV - [2010.12.09 22:11:57 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.11.16 20:43:19 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.08.30 17:17:48 | 000,126,976 | ---- | M] () [Auto | Running] -- C:\WINXP\system32\UAService.exe -- (UserAccess)
SRV - [2009.06.02 09:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.04.30 18:41:12 | 000,815,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008.04.30 18:20:38 | 000,901,120 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2008.04.30 18:10:10 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.04.03 13:21:10 | 000,070,976 | ---- | M] (Broadcom Corp.) [Auto | Running] -- C:\Programme\Broadcom\BACS\BPowMon.exe -- (BPowMon)
SRV - [2007.02.12 13:13:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Programme\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2005.03.04 11:50:00 | 000,118,784 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (AVM IGD CTRL Service)
SRV - [2005.03.04 11:42:08 | 000,315,392 | ---- | M] (AVM Berlin) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\AVM\De_serv.exe -- (de_serv)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINXP\System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINXP\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2010.12.21 10:27:00 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINXP\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.11.28 14:19:36 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINXP\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.08.29 14:58:52 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINXP\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2009.08.28 13:37:19 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\WINXP\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINXP\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.31 15:21:36 | 000,317,976 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINXP\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2009.02.13 08:05:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.02.09 07:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.02.09 07:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.02.09 07:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.02.09 07:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.12.31 13:59:00 | 003,453,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.10.31 13:52:00 | 000,093,184 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.06.12 06:00:12 | 000,043,608 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\o2sd.sys -- (O2SDRDR)
DRV - [2008.05.20 14:23:00 | 004,800,000 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.05.13 09:19:12 | 000,051,288 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2008.04.28 05:14:54 | 003,626,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)
DRV - [2008.04.14 13:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.04.14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM)
DRV - [2008.04.03 13:21:06 | 000,010,480 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Programme\Broadcom\BACS\BASFND.sys -- (BASFND)
DRV - [2008.03.20 11:32:24 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINXP\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2008.03.19 10:56:24 | 000,175,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007.03.31 09:32:42 | 000,876,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007.03.31 09:32:40 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2007.03.23 07:20:42 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007.03.23 07:20:24 | 000,149,123 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINXP\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007.03.23 07:20:08 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007.03.23 07:19:54 | 000,539,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINXP\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2005.03.03 18:53:57 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINXP\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.02.23 16:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINXP\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.12.03 11:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINXP\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "foxsearch"
FF - prefs.js..browser.search.order.1: "foxsearch"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "foxsearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.spiegel.de"
FF - prefs.js..extensions.enabledItems: max@subfighter.com:1.0.3
FF - prefs.js..extensions.enabledItems: web@veoh.com:1.4
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.9
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.2.5.2
FF - prefs.js..extensions.enabledItems: gutscheinmieze@synatix-gmbh.de:1.03
FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - user.js..browser.search.selectedEngine: "foxsearch"
FF - user.js..browser.search.order.1: "foxsearch"
FF - user.js..browser.search.defaultenginename: "foxsearch"
FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Programme\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.07.18 12:17:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.12.13 16:48:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.12.24 23:57:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2010.12.17 15:13:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2010.10.02 11:33:21 | 000,000,000 | ---D | M]
 
[2010.08.31 20:48:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Extensions
[2010.08.31 20:48:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.12.25 12:19:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\ggbi3w2h.default\extensions
[2010.01.05 08:57:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\ggbi3w2h.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.29 09:46:44 | 000,000,000 | ---D | M] (Stylish) -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\ggbi3w2h.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010.08.14 20:09:22 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\ggbi3w2h.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.12.22 19:37:26 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\ggbi3w2h.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2010.12.22 19:37:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\ggbi3w2h.default\extensions\engine@conduit.com
[2010.12.24 23:57:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\ggbi3w2h.default\extensions\gutscheinmieze@synatix-gmbh.de
[2009.12.04 20:19:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\ggbi3w2h.default\extensions\max@subfighter.com
[2009.08.30 21:29:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\ggbi3w2h.default\extensions\searchrecs@veoh.com
[2010.12.25 12:19:43 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.03.19 09:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Programme\Mozilla Firefox\plugins\npmieze.dll
[2010.10.26 21:01:09 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.10.26 21:01:10 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.12.24 23:57:05 | 000,000,143 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\foxsearch.src
[2010.10.26 21:01:10 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.10.26 21:01:10 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.10.26 21:01:10 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2008.04.14 13:00:00 | 000,000,820 | ---- | M]) - C:\WINXP\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Programme\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINXP\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [DAEMON Tools] C:\Programme\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKLM..\Run: [IntelWireless] C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VVSN] C:\Programme\VVSN\VVSN.exe File not found
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Programme\DAEMON Tools Pro\DTProAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ICQ] C:\Programme\ICQ6.5\ICQ.exe File not found
O4 - HKCU..\Run: [PC Suite Tray] C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [VeohPlugin] C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\FRITZ!DSL Startcenter.lnk = C:\Programme\FRITZ!DSL\StCenter.exe (AVM Berlin)
O4 - Startup: C:\Dokumente und Einstellungen\Thomas\Startmenü\Programme\Autostart\FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\FRITZ!DSL\SARAH.DLL (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINXP\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINXP\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.03.31 16:06:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - Unable to obtain root file information for disk D:\
O32 - AutoRun File - [2005.11.04 07:24:50 | 000,000,000 | R--D | M] - G:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2005.11.04 06:52:23 | 000,729,088 | R--- | M] (Electronic Arts Inc.) - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2005.10.14 09:02:16 | 000,585,728 | R--- | M] (Electronic Arts Inc.) - G:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2005.11.04 07:22:30 | 000,000,160 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - Unable to obtain root file information for disk I:\
O33 - MountPoints2\{197e219e-94a4-11de-8348-00215d80b9ec}\Shell - "" = AutoRun
O33 - MountPoints2\{197e219e-94a4-11de-8348-00215d80b9ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{197e219e-94a4-11de-8348-00215d80b9ec}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2005.11.04 06:52:23 | 000,729,088 | R--- | M] (Electronic Arts Inc.)
O33 - MountPoints2\{70c9687a-7faf-11df-b5ce-00215d80b9ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{70c9687a-7faf-11df-b5ce-00215d80b9ec}\Shell\AutoRun\command - "" = I:\tezge\gazda.exe -- File not found
O33 - MountPoints2\{70c9687a-7faf-11df-b5ce-00215d80b9ec}\Shell\explore\command - "" = I:\tezge\\gazda.exe -- File not found
O33 - MountPoints2\{70c9687a-7faf-11df-b5ce-00215d80b9ec}\Shell\open\command - "" = I:\tezge\\gazda.exe -- File not found
O33 - MountPoints2\{8f9d7be0-2760-11de-8276-00215d80b9ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8f9d7be0-2760-11de-8276-00215d80b9ec}\Shell\AutoRun\command - "" = nemoj\\meni.exe
O33 - MountPoints2\{8f9d7be0-2760-11de-8276-00215d80b9ec}\Shell\explore\command - "" = nemoj\\\meni.exe
O33 - MountPoints2\{8f9d7be0-2760-11de-8276-00215d80b9ec}\Shell\open\command - "" = nemoj\\\meni.exe
O33 - MountPoints2\{9b2682e2-7de8-11df-b5cc-00215d80b9ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9b2682e2-7de8-11df-b5cc-00215d80b9ec}\Shell\AutoRun\command - "" = I:\tezge\gazda.exe -- File not found
O33 - MountPoints2\{9b2682e2-7de8-11df-b5cc-00215d80b9ec}\Shell\explore\command - "" = I:\tezge\\gazda.exe -- File not found
O33 - MountPoints2\{9b2682e2-7de8-11df-b5cc-00215d80b9ec}\Shell\open\command - "" = I:\tezge\\gazda.exe -- File not found
O33 - MountPoints2\{c6853252-93c2-11de-8344-00215d80b9ec}\Shell - "" = AutoRun
O33 - MountPoints2\{c6853252-93c2-11de-8344-00215d80b9ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c6853252-93c2-11de-8344-00215d80b9ec}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2005.11.04 06:52:23 | 000,729,088 | R--- | M] (Electronic Arts Inc.)
O33 - MountPoints2\{e6227b7e-b77d-11df-b5fd-00215d80b9ec}\Shell - "" = AutoRun
O33 - MountPoints2\{e6227b7e-b77d-11df-b5fd-00215d80b9ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e6227b7e-b77d-11df-b5fd-00215d80b9ec}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.12.25 11:18:22 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Thomas\Desktop\OTL.exe
[2010.12.25 11:16:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Malwarebytes
[2010.12.25 11:16:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbamswissarmy.sys
[2010.12.25 11:16:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.12.25 11:16:04 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbam.sys
[2010.12.24 23:56:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Gutscheinmieze
[2010.12.22 19:37:32 | 000,000,000 | ---D | C] -- C:\Programme\Conduit
[2010.12.22 19:37:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Anwendungsdaten\Conduit
[2010.12.22 19:37:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Anwendungsdaten\softonic-de3
[2010.12.22 19:37:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Anwendungsdaten\ConduitEngine
[2010.12.22 19:37:29 | 000,000,000 | ---D | C] -- C:\Programme\ConduitEngine
[2010.12.22 19:37:27 | 000,000,000 | ---D | C] -- C:\Programme\softonic-de3
[2010.12.22 18:57:43 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype
[2010.12.22 18:57:42 | 000,000,000 | R--D | C] -- C:\Programme\Skype
[2010.12.11 17:40:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Thomas\Desktop\Best of iDEAS
[2010.12.05 22:13:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Skype
[2010.12.05 14:17:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
[2010.11.28 14:35:50 | 000,000,000 | ---D | C] -- C:\WINXP\System32\NtmsData
[2010.11.28 14:19:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Thomas\Anwendungsdaten\Avira
[3 C:\WINXP\System32\*.tmp files -> C:\WINXP\System32\*.tmp -> ]
[3 C:\WINXP\*.tmp files -> C:\WINXP\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\Thomas\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Thomas\Eigene Dateien\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.12.25 13:08:27 | 000,000,256 | ---- | M] () -- C:\WINXP\tasks\WGASetup.job
[2010.12.25 13:06:29 | 000,001,084 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.25 13:06:05 | 000,002,048 | --S- | M] () -- C:\WINXP\bootstat.dat
[2010.12.25 11:59:19 | 000,001,212 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskUserS-1-5-21-220523388-115176313-1644491937-1003UA.job
[2010.12.25 11:47:17 | 000,001,088 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.25 11:18:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Thomas\Desktop\OTL.exe
[2010.12.25 11:16:11 | 000,000,630 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.25 00:16:19 | 000,116,633 | ---- | M] () -- C:\wubildr
[2010.12.25 00:16:19 | 000,008,192 | ---- | M] () -- C:\wubildr.mbr
[2010.12.25 00:16:19 | 000,000,246 | RHS- | M] () -- C:\boot.ini
[2010.12.24 23:57:40 | 000,000,609 | ---- | M] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\IsoBuster.lnk
[2010.12.24 16:58:42 | 000,077,285 | ---- | M] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\hmm, crap.JPG
[2010.12.24 13:59:00 | 000,001,160 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskUserS-1-5-21-220523388-115176313-1644491937-1003Core.job
[2010.12.24 11:58:21 | 000,002,206 | ---- | M] () -- C:\WINXP\System32\wpa.dbl
[2010.12.23 12:34:15 | 000,002,239 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2010.12.22 19:37:36 | 000,000,533 | ---- | M] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\Teamspeak 2 RC2.lnk
[2010.12.22 19:24:20 | 000,000,677 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TeamSpeak 3 Client.lnk
[2010.12.21 21:58:26 | 000,096,897 | ---- | M] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\diesel .jpg
[2010.12.21 10:27:00 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINXP\System32\drivers\avipbb.sys
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbam.sys
[2010.12.19 01:09:46 | 000,002,373 | ---- | M] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\Google Chrome.lnk
[2010.12.17 15:05:46 | 000,113,376 | ---- | M] () -- C:\WINXP\System32\FNTCACHE.DAT
[2010.12.17 07:12:26 | 000,001,393 | ---- | M] () -- C:\WINXP\imsins.BAK
[2010.12.05 15:18:25 | 000,249,856 | ---- | M] (TODO: <Company name>) -- C:\WINXP\System32\pdfmona.dll
[2010.12.05 15:18:25 | 000,051,716 | ---- | M] () -- C:\WINXP\System32\pdf995mon.dll
[2010.12.05 15:18:25 | 000,000,025 | ---- | M] () -- C:\WINXP\wpd99.drv
[2010.11.29 21:46:01 | 000,003,444 | ---- | M] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\Moduleinteilung Englisch Winter 10_11 KCC.zip
[2010.11.28 14:19:36 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINXP\System32\drivers\avgntflt.sys
[2010.11.27 18:47:29 | 000,187,392 | ---- | M] () -- C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[3 C:\WINXP\System32\*.tmp files -> C:\WINXP\System32\*.tmp -> ]
[3 C:\WINXP\*.tmp files -> C:\WINXP\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\Thomas\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Thomas\Eigene Dateien\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.12.25 11:16:11 | 000,000,630 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.25 00:16:19 | 000,116,633 | ---- | C] () -- C:\wubildr
[2010.12.25 00:16:19 | 000,008,192 | ---- | C] () -- C:\wubildr.mbr
[2010.12.25 00:05:04 | 000,000,721 | ---- | C] () -- C:\Dokumente und Einstellungen\Thomas\.usbcreator.log
[2010.12.24 23:57:40 | 000,000,609 | ---- | C] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\IsoBuster.lnk
[2010.12.24 16:58:42 | 000,077,285 | ---- | C] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\hmm, crap.JPG
[2010.12.22 19:24:20 | 000,000,677 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TeamSpeak 3 Client.lnk
[2010.12.22 18:57:43 | 000,002,239 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2010.12.21 21:58:14 | 000,096,897 | ---- | C] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\diesel .jpg
[2010.11.29 21:46:00 | 000,003,444 | ---- | C] () -- C:\Dokumente und Einstellungen\Thomas\Desktop\Moduleinteilung Englisch Winter 10_11 KCC.zip
[2010.10.31 21:28:38 | 000,021,840 | ---- | C] () -- C:\WINXP\System32\SIntfNT.dll
[2010.10.31 21:28:38 | 000,017,212 | ---- | C] () -- C:\WINXP\System32\SIntf32.dll
[2010.10.31 21:28:38 | 000,012,067 | ---- | C] () -- C:\WINXP\System32\SIntf16.dll
[2010.10.31 21:27:58 | 000,000,202 | ---- | C] () -- C:\WINXP\SIERRA.INI
[2010.02.17 13:29:35 | 000,116,224 | ---- | C] () -- C:\WINXP\System32\pdfcmnnt.dll
[2010.02.17 13:16:39 | 000,000,025 | ---- | C] () -- C:\WINXP\wpd99.drv
[2010.02.17 13:16:38 | 000,051,716 | ---- | C] () -- C:\WINXP\System32\pdf995mon.dll
[2010.01.25 17:15:26 | 000,000,052 | ---- | C] () -- C:\WINXP\BRPP2KA.INI
[2009.10.19 18:39:09 | 000,000,080 | ---- | C] () -- C:\WINXP\brmx2001.ini
[2009.10.19 18:39:08 | 000,000,464 | ---- | C] () -- C:\WINXP\brwmark.ini
[2009.10.19 18:39:08 | 000,000,040 | ---- | C] () -- C:\WINXP\opt_1230.ini
[2009.08.29 14:58:52 | 000,223,128 | ---- | C] () -- C:\WINXP\System32\drivers\dtscsi.sys
[2009.08.28 10:47:53 | 000,722,416 | ---- | C] () -- C:\WINXP\System32\drivers\sptd.sys
[2009.08.07 18:51:34 | 000,178,430 | ---- | C] () -- C:\WINXP\System32\xlive.dll.cat
[2009.05.25 19:05:01 | 000,000,394 | ---- | C] () -- C:\WINXP\ODBC.INI
[2009.04.05 11:10:51 | 000,187,392 | ---- | C] () -- C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.31 17:01:36 | 000,004,073 | ---- | C] () -- C:\WINXP\ODBCINST.INI
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINXP\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelFrench.dll
[2007.04.01 05:30:28 | 002,842,624 | ---- | C] () -- C:\WINXP\System32\btwicons.dll
[2007.04.01 05:11:52 | 000,090,112 | ---- | C] () -- C:\WINXP\System32\btprn2k.dll
[2001.11.14 10:26:00 | 001,802,240 | ---- | C] () -- C:\WINXP\System32\lcppn21.dll
[1999.04.29 21:00:00 | 000,065,536 | ---- | C] () -- C:\WINXP\System32\MSRTEDIT.DLL

< End of report >

--- --- ---

Nun Extras.txt:OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 25.12.2010 13:17:51 - Run 1
OTL by OldTimer - Version 3.2.18.0     Folder = C:\Dokumente und Einstellungen\Thomas\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 65,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Programme
Drive C: | 19,53 Gb Total Space | 1,82 Gb Free Space | 9,30% Space Free | Partition Type: NTFS
Drive D: | 136,71 Gb Total Space | 77,30 Gb Free Space | 56,54% Space Free | Partition Type: NTFS
Drive E: | 141,83 Gb Total Space | 66,62 Gb Free Space | 46,97% Space Free | Partition Type: NTFS
Drive F: | 2,51 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 673,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 3,73 Gb Total Space | 0,95 Gb Free Space | 25,33% Space Free | Partition Type: FAT32
 
Computer Name: MAXIMATOR | User Name: Thomas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Programme\FRITZ!DSL\FBOXUPD.EXE" = C:\Programme\FRITZ!DSL\FBOXUPD.EXE:*:Enabled:AVM FRITZ!Box Firmware-Update -- (AVM Berlin)
"D:\Wow\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe" = D:\Wow\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Wow\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe" = D:\Wow\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Wow\Launcher.exe" = D:\Wow\Launcher.exe:*:Enabled:Blizzard Launcher -- File not found
"C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player  -- (Veoh Networks)
"D:\Games\Conflict\ConflictDeniedOps.exe" = D:\Games\Conflict\ConflictDeniedOps.exe:*:Enabled:Conflict: Denied Ops -- (Pivotal Games)
"C:\Programme\FRITZ!DSL\IGDCTRL.EXE" = C:\Programme\FRITZ!DSL\IGDCTRL.EXE:*:Enabled:FRITZ!DSL - igdctrl.exe -- (AVM Berlin)
"D:\Games\ASSasin´s creed\AssassinsCreed_Dx9.exe" = D:\Games\ASSasin´s creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9 -- (Ubisoft)
"D:\Games\ASSasin´s creed\AssassinsCreed_Dx10.exe" = D:\Games\ASSasin´s creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10 -- (Ubisoft)
"D:\Games\ASSasin´s creed\AssassinsCreed_Launcher.exe" = D:\Games\ASSasin´s creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update -- (Ubisoft)
"D:\Games\Steam\steamapps\poth0800\counter-strike\hl.exe" = D:\Games\Steam\steamapps\poth0800\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
"D:\Games\Red faction\rfg.exe" = D:\Games\Red faction\rfg.exe:*:Enabled:Red Faction: Guerrilla -- (THQ Inc.)
"D:\Games\Terrorist Takedown 2\TT2.exe" = D:\Games\Terrorist Takedown 2\TT2.exe:*:Enabled:TT2 -- (City Interactive)
"D:\Games\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe" = D:\Games\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V -- ()
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"D:\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe" = D:\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe:*:Enabled:Jedi Academy MultiPlayer -- (Activision Inc)
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"D:\Command & Conquer The First Decade\Command & Conquer(tm) Tiberian Sun(tm)\SUN\Game.exe" = D:\Command & Conquer The First Decade\Command & Conquer(tm) Tiberian Sun(tm)\SUN\Game.exe:*:Enabled:Main executable for Tiberian Sun -- (Westwood Studios)
"C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temp\pylA4.tmp\pyrun.exe" = C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temp\pylA4.tmp\pyrun.exe:*:Enabled:pyrun -- File not found
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0408F390-07CB-D410-0D92-216A4F289383}" = Catalyst Control Center Localization Portuguese
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{09CBA8F8-6E2C-2D55-601D-5C7DFBF110DE}" = CCC Help Greek
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{0D994CC5-819F-4657-84DD-397B8FE1EA80}" = Star Wars Jedi Knight Jedi Academy
"{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu
"{11631FFF-BA52-39EC-680A-99E93AD76FFF}" = Catalyst Control Center Localization Swedish
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{204D27E9-6133-EFDB-B08D-1D437C243238}" = Catalyst Control Center Localization Czech
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{213DCFD8-8B71-4B94-AADC-0B975A089169}" = CCC Help Polish
"{2447500B-22D7-47BD-9B13-1A927F43A267}" = Empire Earth
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi Software
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{284B8F16-EBFC-3476-F1BF-67C0C38AAB88}" = CCC Help Russian
"{2A992277-9A01-3010-9D71-96FB05E69A6D}" = Catalyst Control Center Localization Polish
"{2C05F45E-1E76-09FB-F524-AACF06048476}" = Catalyst Control Center Localization Chinese Standard
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{2F2CB2D8-ABC0-A41F-4808-12582DD0C89F}" = Catalyst Control Center Localization Chinese Traditional
"{2F677CE6-AC98-358E-7620-347E86FFA237}" = CCC Help Dutch
"{339DE854-1491-7D3A-BF41-F98D03E96E05}" = Catalyst Control Center Localization Spanish
"{33C1D08E-96AB-9166-B542-B43908F28758}" = CCC Help Korean
"{342461FA-DE28-8952-E88C-9E37358C11DB}" = ccc-core-preinstall
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3C646015-2F15-DDC5-F41F-11286477E604}" = CCC Help Portuguese
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{42A43C70-B1FC-AA51-3413-8701A56F7AC4}" = CCC Help Spanish
"{42E0783D-3BA4-454B-B58A-BF26E49EB7DE}" = Ballance
"{45B886A5-4289-EF3F-0DDE-85153592217A}" = Catalyst Control Center Localization Korean
"{4B8943DF-29A2-577A-8DB1-3EE7226385CC}" = Catalyst Control Center Localization Japanese
"{4C38E232-CBA6-AEF1-2B6A-5083AE0DA066}" = Catalyst Control Center Localization German
"{4F027EE2-CE98-4D6C-303C-0AC82BA7DE37}" = Catalyst Control Center Localization French
"{51A28B4E-98BA-BCAA-8DEE-406F1A4D69DA}" = Catalyst Control Center Localization Norwegian
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{584F138A-B8C6-66ED-4D5C-7B564992256C}" = CCC Help Czech
"{61B9BC1E-F0E6-4A4F-98CB-A0D2EB2D7731}" = O2Micro Flash Memory Card Reader Driver (x86)
"{67783271-0A32-B2D1-39E2-C9CC85B24243}" = CCC Help Thai
"{68EF22FB-93B7-E503-B961-B83F25116CB0}" = Catalyst Control Center Graphics Full Existing
"{69F538CD-AF13-25C6-B4E2-E13C749298F1}" = Catalyst Control Center Localization Thai
"{6A9F833E-6578-6F31-E77A-768B72534D5B}" = CCC Help Italian
"{6DE6DCB8-3D18-3778-F761-20BC90099284}" = Catalyst Control Center Graphics Full New
"{706EC84C-6966-45EB-AEB9-EE6DCEA8CA3A}" = Böse Nachbarn 2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7575545D-279C-56C6-3CBE-58E5C789D41B}" = CCC Help Norwegian
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{80917A9A-CAD4-E70D-E308-8D03856CCEA4}" = Catalyst Control Center Localization Russian
"{8217A940-D7E9-D454-9B5A-AD557AEF273B}" = CCC Help Turkish
"{842FAF7C-50EF-4463-9B8F-6222E1384D7D}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{874ACD66-B816-2977-F0E6-4EAAF9218702}" = Catalyst Control Center Localization Hungarian
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B078697-C45F-91FF-FFAD-DF2FBC7F365C}" = CCC Help Chinese Traditional
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{92011DF7-9EA3-87F7-4E11-5F19EDF688B6}" = CCC Help German
"{9803B3D7-1642-952D-8556-1C6755C04403}" = Catalyst Control Center Localization Finnish
"{98753ECE-9CBF-A483-9970-AE0139321A41}" = CCC Help Swedish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B7E167C-D81F-F6CE-31DA-A618A1AB05DD}" = Catalyst Control Center Graphics Light
"{A0E1F1DA-A8CF-7322-301C-54CE26AF6534}" = CCC Help English
"{A15AE4BE-865A-F9F7-BE07-E46868144440}" = CCC Help Finnish
"{A20B3E16-327F-1C47-00F8-BC74DD9D4797}" = Catalyst Control Center Localization Turkish
"{A2E7781F-7950-C53A-C010-04E9F46C7800}" = CCC Help Japanese
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"{A64A5576-D862-44F8-89DC-2B17FCC9B86E}" = Broadcom Gigabit Integrated Controller
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC153D40-438D-50AE-C27D-8FBE930F443A}" = Catalyst Control Center Localization Greek
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B0C93D56-932E-1A46-1C48-2515A38AB3BA}" = ccc-core-static
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0FF3827-5158-CB17-3972-EA389378C782}" = CCC Help French
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C8E104FE-D57E-4082-9524-6C3A1C8DBDD7}" = A9CAD
"{CDA06904-6190-DD47-9BFE-A8694FAD3E66}" = ccc-utility
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEADC342-7C91-BEF6-B9C4-2CA8887B4B8B}" = CCC Help Danish
"{D3D7F77A-B266-DE2F-5992-EA434001BDB6}" = Catalyst Control Center Localization Dutch
"{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}" = NVIDIA PhysX v8.10.29
"{D5A7D7AB-3093-3619-9261-74DB250ECF7B}" = Microsoft Visual C++ 2008 Express Edition with SP1 - DEU
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic
"{E00D2046-369A-4801-B154-D9AABBC1DCEE}" = Broadcom Management Programs
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EA63AC6C-B860-7549-04B5-4A61EAB19F74}" = Catalyst Control Center Localization Danish
"{ECE000BF-153A-3605-77F0-C6634FAA5D22}" = Catalyst Control Center Core Implementation
"{EE4BA4C3-6DE4-404C-9B69-A84709BED752}" = Conflict Denied Ops
"{EE83071A-2260-4A28-FDE7-0E519732A032}" = Skins
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1F5680A-45D1-2C97-6C6A-1D7B4C4270D1}" = CCC Help Chinese Standard
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{FAFB8884-1640-D8C0-B2BD-20D06623AB1C}" = CCC Help Hungarian
"{FBA4593E-277D-63EC-CB91-4E74F114E838}" = Catalyst Control Center Localization Italian
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMFBox" = FRITZ!Box
"CDex" = CDex extraction audio
"conduitEngine" = Conduit Engine
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Windows-Treiberpaket - Nokia Modem  (06/01/2009 4.1)
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Windows-Treiberpaket - Nokia Modem  (06/01/2009 7.01.0.3)
"FRITZ!DSL" = AVM FRITZ!DSL
"Gutscheinmieze - Toolbar" = Gutscheinmieze - Toolbar
"Heroes of Might and Magic® III" = Heroes of Might and Magic® III Complete
"InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"IsoBuster_is1" = IsoBuster 2.8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual C++ 2008 Express Edition with SP1 - DEU" = Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"Nokia PC Suite" = Nokia PC Suite
"OpenAL" = OpenAL
"ProInst" = Intel PROSet Wireless
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"tt2_is1" = Terrorist Takedown 2 (1.01)
"Videora iPod touch Converter" = Videora iPod touch Converter 5.03
"VLC media player" = VLC media player 0.9.9
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wubi" = Ubuntu
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III: All Products
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 10.12.2010 06:43:16 | Computer Name = MAXIMATOR | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig.  .
 
Error - 10.12.2010 06:43:16 | Computer Name = MAXIMATOR | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig.  .
 
Error - 10.12.2010 06:43:20 | Computer Name = MAXIMATOR | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig.  .
 
Error - 10.12.2010 06:43:20 | Computer Name = MAXIMATOR | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig.  .
 
Error - 10.12.2010 06:43:40 | Computer Name = MAXIMATOR | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig.  .
 
Error - 10.12.2010 06:43:40 | Computer Name = MAXIMATOR | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig.  .
 
Error - 10.12.2010 06:43:40 | Computer Name = MAXIMATOR | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig.  .
 
Error - 10.12.2010 06:43:40 | Computer Name = MAXIMATOR | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Die Daten sind unzulässig.  .
 
Error - 17.12.2010 10:56:30 | Computer Name = MAXIMATOR | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Skype.exe, Version 5.0.0.152, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 19.12.2010 10:17:32 | Computer Name = MAXIMATOR | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung skype.exe, Version 5.0.0.152, fehlgeschlagenes
 Modul skype.exe, Version 5.0.0.152, Fehleradresse 0x0032b2e1.
 
[ System Events ]
Error - 24.12.2010 19:40:06 | Computer Name = MAXIMATOR | Source = DCOM | ID = 10016
Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID
 (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung
 (Lokal) für die COM-Serveranwendung mit CLSID   {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

 gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste
 geändert werden.
 
Error - 25.12.2010 06:05:46 | Computer Name = MAXIMATOR | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: Die Hardware des Embedded Controllers (EC) hat nicht
 innerhalb des Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware
 oder -Firmware bzw. auf ein schlecht angelegtes BIOS hin, das auf nicht sichere
 Art und Weise auf den EC zugreift. Der EC-Treiber wird erneut versuchen, die fehlgeschlagene
 Transaktion durchzuführen.
 
Error - 25.12.2010 06:05:51 | Computer Name = MAXIMATOR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Avira Upgrade Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%3
 
Error - 25.12.2010 06:06:35 | Computer Name = MAXIMATOR | Source = DCOM | ID = 10016
Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID
 (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung
 (Lokal) für die COM-Serveranwendung mit CLSID   {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

 gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste
 geändert werden.
 
Error - 25.12.2010 06:06:48 | Computer Name = MAXIMATOR | Source = DCOM | ID = 10016
Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID
 (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung
 (Lokal) für die COM-Serveranwendung mit CLSID   {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

 gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste
 geändert werden.
 
Error - 25.12.2010 06:06:48 | Computer Name = MAXIMATOR | Source = DCOM | ID = 10016
Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID
 (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung
 (Lokal) für die COM-Serveranwendung mit CLSID   {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

 gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste
 geändert werden.
 
Error - 25.12.2010 08:06:19 | Computer Name = MAXIMATOR | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Avira Upgrade Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%3
 
Error - 25.12.2010 08:06:45 | Computer Name = MAXIMATOR | Source = DCOM | ID = 10016
Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID
 (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung
 (Lokal) für die COM-Serveranwendung mit CLSID   {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

 gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste
 geändert werden.
 
Error - 25.12.2010 08:06:46 | Computer Name = MAXIMATOR | Source = DCOM | ID = 10016
Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID
 (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung
 (Lokal) für die COM-Serveranwendung mit CLSID   {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

 gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste
 geändert werden.
 
Error - 25.12.2010 08:06:46 | Computer Name = MAXIMATOR | Source = DCOM | ID = 10016
Description = Durch die Berechtigungseinstellungen (Computerstandard) wird der SID
 (S-1-5-20) für Benutzer NT-AUTORITÄT\NETZWERKDIENST keine Aktivierungberechtigung
 (Lokal) für die COM-Serveranwendung mit CLSID   {A4199E55-EBB9-49E5-AF1A-7A5408B2E206}

 gewährt. Diese Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste
 geändert werden.
 
 
< End of report >

--- --- ---

cosinus · 27.12.2010, 19:13

Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
O4 - HKLM..\Run: [VVSN] C:\Programme\VVSN\VVSN.exe File not found
O32 - AutoRun File - [2005.11.04 07:24:50 | 000,000,000 | R--D | M] - G:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2005.11.04 06:52:23 | 000,729,088 | R--- | M] (Electronic Arts Inc.) - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2005.10.14 09:02:16 | 000,585,728 | R--- | M] (Electronic Arts Inc.) - G:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2005.11.04 07:22:30 | 000,000,160 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - Unable to obtain root file information for disk I:\
O33 - MountPoints2\{197e219e-94a4-11de-8348-00215d80b9ec}\Shell - "" = AutoRun
O33 - MountPoints2\{197e219e-94a4-11de-8348-00215d80b9ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{197e219e-94a4-11de-8348-00215d80b9ec}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2005.11.04 06:52:23 | 000,729,088 | R--- | M] (Electronic Arts Inc.)
O33 - MountPoints2\{70c9687a-7faf-11df-b5ce-00215d80b9ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{70c9687a-7faf-11df-b5ce-00215d80b9ec}\Shell\AutoRun\command - "" = I:\tezge\gazda.exe -- File not found
O33 - MountPoints2\{70c9687a-7faf-11df-b5ce-00215d80b9ec}\Shell\explore\command - "" = I:\tezge\\gazda.exe -- File not found
O33 - MountPoints2\{70c9687a-7faf-11df-b5ce-00215d80b9ec}\Shell\open\command - "" = I:\tezge\\gazda.exe -- File not found
O33 - MountPoints2\{8f9d7be0-2760-11de-8276-00215d80b9ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8f9d7be0-2760-11de-8276-00215d80b9ec}\Shell\AutoRun\command - "" = nemoj\\meni.exe
O33 - MountPoints2\{8f9d7be0-2760-11de-8276-00215d80b9ec}\Shell\explore\command - "" = nemoj\\\meni.exe
O33 - MountPoints2\{8f9d7be0-2760-11de-8276-00215d80b9ec}\Shell\open\command - "" = nemoj\\\meni.exe
O33 - MountPoints2\{9b2682e2-7de8-11df-b5cc-00215d80b9ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9b2682e2-7de8-11df-b5cc-00215d80b9ec}\Shell\AutoRun\command - "" = I:\tezge\gazda.exe -- File not found
O33 - MountPoints2\{9b2682e2-7de8-11df-b5cc-00215d80b9ec}\Shell\explore\command - "" = I:\tezge\\gazda.exe -- File not found
O33 - MountPoints2\{9b2682e2-7de8-11df-b5cc-00215d80b9ec}\Shell\open\command - "" = I:\tezge\\gazda.exe -- File not found
O33 - MountPoints2\{c6853252-93c2-11de-8344-00215d80b9ec}\Shell - "" = AutoRun
O33 - MountPoints2\{c6853252-93c2-11de-8344-00215d80b9ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c6853252-93c2-11de-8344-00215d80b9ec}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2005.11.04 06:52:23 | 000,729,088 | R--- | M] (Electronic Arts Inc.)
O33 - MountPoints2\{e6227b7e-b77d-11df-b5fd-00215d80b9ec}\Shell - "" = AutoRun
O33 - MountPoints2\{e6227b7e-b77d-11df-b5fd-00215d80b9ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e6227b7e-b77d-11df-b5fd-00215d80b9ec}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found
:Files
C:\Programme\VVSN
:Commands
[purity]
[resethosts]
[emptytemp]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Verwandlung von Bildern in exe-Dateien?

Plagegeister aller Art und deren Bekämpfung: Verwandlung von Bildern in exe-Dateien?