Trojaner-Board - Virus oder Wurm " Perflib_Perfdata_1cc " & " Perflib_Perfdata

HuBu

Ich habe " Perflib_Perfdata_1cc " & " Perflib_Perfdata_228 " datei im Windows/Temp ordner gefunden und ich kann sie nicht löschen ...

Ich befürchte echt das schlimmste und hoffe dass ihr mir hier wirklich helfen könnt ... denn ich weiss nicht weiter o.o

zudem weiss ich nicht wie lange die dateien im ordner sind ... dafür aber dass sie sich ab und an mal unbenennen ... ( letzten 3 buchstaben der jeweiligen datei )

Ich hoffe man kann eine komplette festplattenformatierung umgehen und das problem " virus / trojaner / wurm " löschen - beseitigen ...

name der dateien im temp : " Perflib_Perfdata_1cc " & " Perflib_Perfdata_228 "

Die 2# Dateien sind 16KB gross

CCleaner erfolglos durchlaufen

Malwarebytes' Anti-Malware erfolglos durchlaufen

Avira AntiVir Personal 10 erfolglos durchlaufen

WindowsScan erfoglos durchlaufen

Hier sind einige Auswertungen die ggf. von Hilfe sein könnten

Zitat:

ACDSee 10 Photo Manager
Acrobat.com
Adobe Acrobat 5.0
Adobe After Effects CS4
Adobe AIR
Adobe Creative Suite 4 Master Collection
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Media Player
Adobe Reader 9.3.2 - Deutsch
Apple Application Support
Athlon 64 Processor Driver
Aureon 5.1 Fun ControlPanel
Avira AntiVir Personal - Free Antivirus
AVS Media Player 3.1
AVS4YOU Software Navigator 1.3
CCleaner (remove only)
Counter-Strike Source v1.0.0.22
CubeDesktop 1.3.1
CursorXP
DAEMON Tools Toolbar
DiRT2
DivX-Setup
EA Download Manager
ESET Online Scanner v3
EVEREST Ultimate Edition v4.60
Everlight
EVO - Seperated drivers
Fable - The Lost Chapters
Fiesta Online 1.01.004
Florensia
Free Video to Flash Converter version 4.2
Free WMA to MP3 Converter 1.08
Free YouTube Converter
Free YouTube Download 2.3
Free YouTube to Mp3 Converter version 3.1
FXhome EffectsLab Lite (remove only)
GameSpy Comrade
Google Chrome
Grand Theft Auto IV
GTA2
GTR Evolution
heroes in the sky
HijackThis 2.0.2
ICQ6.5
InterVideo WinDVD
Ipswitch WS_FTP Professional 2007
IsoBuster 2.5
J2SE Runtime Environment 5.0 Update 4
Java(TM) 6 Update 20
Kodak EasyShare Software
Logitech iTouch Software
Logitech Resource Center
MAGIX Fotobuch 3.2
MAGIX Music Maker 14 Producer Edition Download version 13.0.2.1 (US)
MAGIX Online Druck Service 2.3.2.0 (D)
MAGIX Screenshare 4.3.6.1987 (US)
MAGIX Video deluxe 2008 PLUS 7.5.0.20 (D)
MAGIX Xtreme Foto Designer 6 6.0.22.0 (D)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
Microsoft .NET Framework 3.0 German Language Pack
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 SP1
Microsoft ActiveSync
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.0.19)
Need for Speed™ SHIFT
Nero 6 Ultra Edition
Nero Media Player
NeroVision Express 2
NVIDIA Drivers
NVIDIA GAME System Software 2.8.1
NVIDIA nView Desktop Manager
NVIDIA PhysX
Oblivion
OpenAL
OpenOffice.org 2.3
OpenOffice.org 3.1
OPERATION7
Pando Media Booster
panowalker
PhotoScape
PowerDVD
PowerISO
PowerQuest PartitionMagic 8.0
Project Vii ICQ Skin - isnichwahr.de Edition
Project64 1.6
ProtectDisc Helper Driver 10
PunkBuster Services
QuickTime
Race On Offline
Realtek High Definition Audio Driver
REALTEK USB Wireless LAN Driver and Utility
Reason 4.0
Resolume Avenue 3.2.0
Risen
RocketDock 1.3.5
Rockstar Games Social Club
Security Task Manager 1.7h
Seven Transformation Pack 4.0
Silent Hill
Silent Hill 2
Silent Hill 3
Silent Hill 4
Silent Hill 5
SimpLite-MSN 2.2
Skype™ 4.1
Steam
TeamViewer 4
Text-To-Speech-Runtime
Trillian
TuneUp Utilities
TuneUp Utilities 2006
Unity Web Player
Virtual DJ - Atomix Productions
Vista Transformation Pack 8.0
VLC media player 0.9.8a
WAV to MP3
Winamp
Windows Live Essentials
Windows Live Sync
Windows Media Format 11 runtime
Windows XP Service Pack 3
WinRAR
xp-AntiSpy 3.97

Zitat:

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

15.08.2010 11:06:03
mbam-log-2010-08-15 (11-06-03).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|G:\|)
Durchsuchte Objekte: 636422
Laufzeit: 2 Stunde(n), 52 Minute(n), 27 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Zitat:

Die 30 neuesten Dateien im Ordner Windows:

***** ***** ***** ***** *****
***** Scanning C:\WINDOWS *****
***** ***** ***** ***** *****

15.08.2010 WindowsUpdate.log 03 34:58.920
15.08.2010 RTacDbg.txt 01 42:387
14.08.2010 NeroDigital.ini 05 46:135
14.08.2010 wiaservc.log 03 29:50
14.08.2010 wiadebug.log 03 29:159
14.08.2010 bootstat.dat 03 28:2.048
13.08.2010 SchedLgU.Txt 21 42:32.010
13.08.2010 bthservsdp.dat 21 42:12
13.08.2010 Sti_Trace.log 18 54:0
11.08.2010 cdplayer.ini 23 22:34
11.08.2010 BeatBox.INI 13 41:495
11.08.2010 Robota.INI 13 41:28
13.07.2010 0 07 22:32
07.06.2010 win.ini 17 09:531
03.06.2010 BsMobileModel.ini 20 52:0
08.05.2010 WMSysPr9.prx 00 52:316.640
04.04.2010 Thumbs.db 20 18:57.344
20.03.2010 Icon_6.ico 23 19:76.214
20.03.2010 Icon_5.ico 21 53:78.942
20.03.2010 Icon_4.ico 21 15:78.942
20.03.2010 Icon_3.ico 21 04:78.942
20.03.2010 Icon_2.ico 19 59:78.942
15.03.2010 ODBCINST.INI 04 59:4.161
15.03.2010 WindowsShell.Manifest 04 58:749
15.03.2010 system.ini 04 44:231
15.03.2010 UPGRADE.TXT 04 18:254
14.03.2010 setupapi.old 22 21:795

Die 50 neuesten Dateien im Ordner Windows\system32:

***** ***** ***** ***** *****
***** Scanning C:\WINDOWS\system32 *****
***** ***** ***** ***** *****

14.08.2010 Thumbs.db 03 29:12.288
14.08.2010 INSTALL.LOG 03 28:503.555
14.08.2010 NvApps.xml 03 28:196.687
13.08.2010 perfh009.dat 18 40:440.684
13.08.2010 perfh007.dat 18 40:458.476
13.08.2010 perfc009.dat 18 40:71.002
13.08.2010 perfc007.dat 18 40:84.318
13.08.2010 PerfStringBackup.INI 18 40:1.066.938
12.08.2010 wpa.dbl 19 55:2.206
18.07.2010 FNTCACHE.DAT 09 36:2.071.456
07.07.2010 VundoFixSVC.exe 22 49:24.576
06.07.2010 TURegOpt.exe 13 26:30.528
06.07.2010 uxtuneup.dll 13 20:30.016
10.06.2010 PxWave.dll 01 01:440.816
10.06.2010 vxblock.dll 01 01:100.848
10.06.2010 PxAFS.DLL 01 01:133.616
10.06.2010 pxinsi64.exe 01 01:126.448
10.06.2010 PxSFS.DLL 01 01:2.120.176
10.06.2010 Px.dll 01 01:698.864
10.06.2010 PxMas.dll 01 01:219.632
10.06.2010 pxhpinst.exe 01 01:72.176
10.06.2010 pxinsa64.exe 01 01:68.592
10.06.2010 pxdrv.dll 01 01:567.792
02.06.2010 0 21 18:0
01.06.2010 jupdate-1.6.0_20-b02.log 22 28:3.238
13.05.2010 HsInfo.dat 23 27:96
27.04.2010 DivXControlPanelApplet.cpl 00 04:353.592
21.04.2010 wrap_oal.dll 21 17:445.016
21.04.2010 OpenAL32.dll 21 17:109.144
12.04.2010 javaws.exe 17 29:153.376
12.04.2010 javaw.exe 17 29:145.184
12.04.2010 java.exe 17 29:145.184
12.04.2010 deployJava1.dll 17 29:411.368
12.04.2010 javacpl.cpl 15 19:73.728
03.04.2010 PnkBstrB.xtr 04 15:189.480
03.04.2010 PnkBstrB.exe 04 15:189.480
02.04.2010 PnkBstrA.exe 21 11:75.064
02.04.2010 pbsvc.exe 21 11:794.408
20.03.2010 TUKernel.exe 19 48:2.287.616
17.03.2010 QuickTime.qts 21 53:69.632
17.03.2010 QuickTimeVR.qtx 21 53:94.208
15.03.2010 spupdwxp.log 06 21:90
15.03.2010 $winnt$.inf 05 02:288
15.03.2010 amcompat.tlb 04 59:16.832
15.03.2010 nscompat.tlb 04 59:23.392
15.03.2010 logonui.exe.manifest 04 58:488
15.03.2010 WindowsLogon.manifest 04 58:488

***** ***** ***** ***** *****
***** Scanning C:\WINDOWS\system32\drivers\etc\hosts *****
***** ***** ***** ***** *****

# Copyright (c) 1993-1999 Microsoft Corp.
#

#
# 102.54.94.97 rhino.acme.com # Quellserver
# 38.25.63.10 x.acme.com # x-Clienthost

127.0.0.1 localhost
127.0.0.1 activate.adobe.com

***** ***** ***** ***** *****
***** Scanning Processe *****
***** ***** ***** ***** *****

Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung
========================= ===== ================ ========== ===============
System Idle Process 0 Console 0 28 K
System 4 Console 0 252 K
smss.exe 752 Console 0 420 K
csrss.exe 896 Console 0 5.404 K
winlogon.exe 968 Console 0 3.724 K
services.exe 1028 Console 0 3.752 K
lsass.exe 1040 Console 0 1.420 K
nvsvc32.exe 1252 Console 0 5.116 K
svchost.exe 1276 Console 0 5.576 K
svchost.exe 1356 Console 0 4.488 K
WinStylerThemeSvc.exe 1368 Console 0 3.868 K
svchost.exe 1456 Console 0 23.588 K
svchost.exe 1612 Console 0 3.676 K
svchost.exe 1640 Console 0 3.056 K
spoolsv.exe 1804 Console 0 5.356 K
sched.exe 1888 Console 0 868 K
explorer.exe 264 Console 0 36.636 K
svchost.exe 460 Console 0 11.284 K
avguard.exe 476 Console 0 2.924 K
svchost.exe 500 Console 0 3.308 K
jqs.exe 552 Console 0 1.400 K
PnkBstrA.exe 716 Console 0 2.696 K
PnkBstrB.exe 800 Console 0 2.880 K
TuneUpUtilitiesService32. 432 Console 0 10.168 K
rundll32.exe 1320 Console 0 3.352 K
avgnt.exe 1592 Console 0 1.608 K
RTHDCPL.EXE 1672 Console 0 23.740 K
DrvIcon.exe 1696 Console 0 3.432 K
jusched.exe 1088 Console 0 2.668 K
rundll32.exe 1952 Console 0 4.460 K
acrotray.exe 2056 Console 0 3.064 K
DivXUpdate.exe 2112 Console 0 5.900 K
RocketDock.exe 2140 Console 0 9.096 K
LClock.exe 2180 Console 0 1.080 K
wcescomm.exe 2216 Console 0 5.328 K
DTLite.exe 2328 Console 0 7.724 K
rapimgr.exe 2420 Console 0 5.476 K
ViGlance.exe 520 Console 0 7.160 K
wscntfy.exe 1684 Console 0 2.420 K
Rainbar.exe 2568 Console 0 5.836 K
TuneUpUtilitiesApp32.exe 2524 Console 0 6.440 K
alg.exe 2920 Console 0 3.668 K
svchost.exe 3568 Console 0 4.604 K
everest.exe 3464 Console 0 21.576 K
winamp.exe 376 Console 0 9.544 K
cmd.exe 1216 Console 0 2.276 K
tasklist.exe 2720 Console 0 4.516 K
wmiprvse.exe 3176 Console 0 5.804 K

Microsoft Windows XP [Version 5.1.2600]

***** Ende des Scans 15.08.2010 um 15:42:43,56 ***

HiJackthis Logfile:

Code:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:43:29, on 15.08.2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal
 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programme\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\svchost.exe

C:\Programme\Avira\AntiVir Desktop\avguard.exe

C:\WINDOWS\system32\svchost.exe

C:\Programme\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

C:\WINDOWS\system32\rundll32.exe

C:\Programme\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Programme\Vista Drive Icon\DrvIcon.exe

C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe

C:\Programme\DivX\DivX Update\DivXUpdate.exe

C:\Programme\RocketDock\RocketDock.exe

C:\Programme\LClock\lclock.exe

C:\Programme\Microsoft ActiveSync\wcescomm.exe

C:\Programme\DAEMON Tools Lite\DTLite.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\PROGRA~1\ViGlance\ViGlance.exe

C:\WINDOWS\system32\wscntfy.exe

C:\PROGRA~1\VISTAR~1\Rainbar.exe

C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\svchost.exe

C:\Programme\Lavalys\EVEREST Ultimate Edition\everest.exe

C:\Programme\Winamp\winamp.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Programme\Trend Micro\HijackThis\HijackThis.exe
 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Windows X's Live - The ultimate Windows 7 experiences

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll

O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Programme\Styler\TB\StylerTB.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe

O4 - HKLM\..\Run: [TrayServer] C:\Programme\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe

O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [DrvIcon] C:\Programme\Vista Drive Icon\DrvIcon.exe

O4 - HKLM\..\Run: [vilaunch] C:\WINDOWS\system32\vilaunch.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\GEMEIN~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [DivXUpdate] "C:\Programme\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKCU\..\Run: [RocketDock] "C:\Programme\RocketDock\RocketDock.exe"

O4 - HKCU\..\Run: [LClock] C:\Programme\LClock\lclock.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\wcescomm.exe"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [Pando Media Booster] C:\Programme\Pando Networks\Media Booster\PMB.exe

O4 - HKCU\..\Run: [Simp] C:\Programme\Secway\SimpLite-MSN 2.2\SimpLite-MSN.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: REALTEK USB Wireless LAN Utility.lnk = ?

O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Save YouTube Video - res://C:\Programme\Gemeinsame Dateien\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm

O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe

O9 - Extra button: Klicke hier um das Projekt xp-AntiSpy zu unterstützen - {0e921e80-267a-42aa-aee4-60b9a1222a44} - C:\Programme\xp-AntiSpy\sponsoring\sponsor.html (HKCU)

O9 - Extra 'Tools' menuitem: Unterstützung für xp-AntiSpy - {0e921e80-267a-42aa-aee4-60b9a1222a44} - C:\Programme\xp-AntiSpy\sponsoring\sponsor.html (HKCU)

O12 - Plugin for .spop: C:\Programme\Internet Explorer\Plugins\NPDocBox.dll

O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe

O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Programme\Google\Update\GoogleUpdate.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe

O23 - Service: UPnPService - Magix AG - C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe
 

--

End of file - 9853 bytes

--- --- ---

Ich hoffe die LOGS sind zulässig und können euch einen überblick verschaffen ...

Ich hoffe Ihr könnt mir helfen ... danke schonmal und LG
A.Daniel

danke erstmal ... und hier die 2# loggs

1#

OTL Logfile:

Code:

OTL logfile created on: 17.08.2010 15:46:44 - Run 1

OTL by OldTimer - Version 3.2.10.0     Folder = C:\Dokumente und Einstellungen\VIRUS\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free

Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 253,72 Gb Total Space | 166,80 Gb Free Space | 65,74% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

Drive G: | 677,79 Gb Total Space | 130,36 Gb Free Space | 19,23% Space Free | Partition Type: NTFS

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: THEVIRUS

Current User Name: VIRUS

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Dokumente und Einstellungen\VIRUS\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)

PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)

PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()

PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

PRC - C:\Programme\ViGlance\ViGlance.exe (Lee-Soft.com, Lee Matthew Chantrey)

PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Programme\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Programme\Vista Drive Icon\DrvIcon.exe (artArmin)

PRC - C:\Programme\RocketDock\RocketDock.exe ()

PRC - C:\Programme\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe (Realtek Semiconductor Corp.)

PRC - C:\Programme\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)

PRC - C:\Programme\Microsoft ActiveSync\rapimgr.exe (Microsoft Corporation)

PRC - C:\Programme\Vista Rainbar\Rainbar.exe ()

PRC - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe (TuneUp Software GmbH)

PRC - C:\Programme\LClock\LClock.exe ()

 

 
 ========== Modules (SafeList) ==========

 

MOD - C:\Dokumente und Einstellungen\VIRUS\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

MOD - C:\Programme\RocketDock\RocketDock.dll ()

MOD - C:\Programme\TuneUp Utilities 2006\WinStylerThemeHelper.dll ()

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (gupdate) Google Update Service (gupdate) -- C:\Programme\Google\Update\GoogleUpdate.exe File not found

SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)

SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)

SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)

SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)

SRV - (Akamai) -- c:\Programme\Gemeinsame Dateien\Akamai\rswin_3725.dll ()

SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (Adobe Version Cue CS4) -- C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)

SRV - (UPnPService) -- C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)

SRV - (TUWinStylerThemeSvc) -- C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe (TuneUp Software GmbH)

SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (XDva288) -- C:\WINDOWS\System32\XDva288.sys File not found

DRV - (VcommMgr) -- C:\WINDOWS\System32\Drivers\VcommMgr.sys File not found

DRV - (VComm) -- C:\WINDOWS\System32\DRIVERS\VComm.sys File not found

DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found

DRV - (Btcsrusb) -- C:\WINDOWS\System32\Drivers\btcusb.sys File not found

DRV - (BTCOMBUS) -- C:\WINDOWS\System32\Drivers\btcombus.sys File not found

DRV - (BTCOM) -- C:\WINDOWS\System32\DRIVERS\btcomport.sys File not found

DRV - (BT) -- C:\WINDOWS\System32\DRIVERS\btnetdrv.sys File not found

DRV - (AMDMSRIO) -- C:\DOKUME~1\VIRUS\LOKALE~1\Temp\{55638DD9-D5A9-11D3-B74B-204C4F4F5020}\AMDMSRIO.sys File not found

DRV - (PnkBstrK) -- C:\WINDOWS\system32\drivers\PnkBstrK.sys ()

DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()

DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)

DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)

DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)

DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()

DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()

DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)

DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)

DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)

DRV - (BtHidBus) -- C:\WINDOWS\System32\Drivers\BtHidBus.sys (IVT Corporation.)

DRV - (btnetBUs) -- C:\WINDOWS\system32\drivers\btnetBus.sys ()

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)

DRV - (EverestDriver) -- C:\Programme\Lavalys\EVEREST Ultimate Edition\kerneld.wnt ()

DRV - (adfs) -- C:\WINDOWS\System32\drivers\adfs.sys (Adobe Systems, Inc.)

DRV - (IvtBtBUs) -- C:\WINDOWS\system32\drivers\IvtBtBus.sys (IVT Corporation.)

DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)

DRV - (teamviewervpn) -- C:\WINDOWS\system32\drivers\teamviewervpn.sys (TeamViewer GmbH)

DRV - (acehlp10) -- C:\WINDOWS\system32\drivers\acehlp10.sys (Protect Software GmbH)

DRV - (acedrv10) -- C:\WINDOWS\system32\drivers\ACEDRV10.sys (Protect Software GmbH)

DRV - (RTL8187B) -- C:\WINDOWS\system32\drivers\RTL8187B.sys (Realtek Semiconductor Corporation                           )

DRV - (PQNTDrv) -- C:\WINDOWS\System32\drivers\PQNTDRV.sys (PowerQuest Corporation)

DRV - (itchfltr) -- C:\WINDOWS\system32\drivers\itchfltr.sys (Logitech, Inc.)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.update: false

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"

FF - prefs.js..extensions.enabledItems: {9d29971a-bf52-4769-98d4-d4bc2ec4fa20}:0.3.4

FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.11.6

FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.8

FF - prefs.js..extensions.enabledItems: dvscontextmenuy@dvdvideosoft.com:1.0

FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.5.7

FF - prefs.js..extensions.enabledItems: {04426594-bce6-4705-b811-bcdba2fd9c7b}:1.0

FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.7

FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}:6.0.4

FF - prefs.js..extensions.enabledItems: netvideohunter@netvideohunter.com:1.3

FF - prefs.js..extensions.enabledItems: {66E978CD-981F-47DF-AC42-E3CF417C1467}:0.4.2

FF - prefs.js..extensions.enabledItems: splash@aldreneo.com:2.0.2

FF - prefs.js..extensions.enabledItems: timetrack@usablehack.com:1.2.5

FF - prefs.js..extensions.enabledItems: {2f17f610-5e97-4fed-828f-9940b7b577a4}:1.5.1

FF - prefs.js..extensions.enabledItems: xulprofiler@yoono.com:1.0.4

FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c9626}:1.6

FF - prefs.js..extensions.enabledItems: {239c61a8-e55f-11db-8314-0800200c9a66}:2.0.7

FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20100415

 

FF - HKLM\software\mozilla\Firefox\extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Programme\RelevantKnowledge

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.07.22 06:32:03 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.07.18 10:07:55 | 000,000,000 | ---D | M]

 

[2009.02.01 00:21:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Extensions

[2010.08.01 14:56:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\extensions

[2010.05.28 19:34:03 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\extensions\{04426594-bce6-4705-b811-bcdba2fd9c7b}

[2010.05.28 19:33:45 | 000,000,000 | ---D | M] (ANTHEM) -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\extensions\{07b2a769-ed19-4483-87ce-c643914c9626}

[2010.08.01 14:56:41 | 000,000,000 | ---D | M] (Flagfox) -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

[2009.03.17 08:17:37 | 000,000,000 | ---D | M] (BlackX 2) -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\extensions\{239c61a8-e55f-11db-8314-0800200c9a66}

[2010.07.02 21:08:54 | 000,000,000 | ---D | M] (TV-Fox) -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4}

[2010.05.28 19:34:02 | 000,000,000 | ---D | M] (New Tab Homepage) -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}

[2010.05.28 19:34:07 | 000,000,000 | ---D | M] (MR Tech Toolkit) -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\extensions\{9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}

[2009.03.17 08:57:51 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\extensions\{9d29971a-bf52-4769-98d4-d4bc2ec4fa20}

[2010.05.28 19:33:57 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}

[2010.05.28 19:34:02 | 000,000,000 | ---D | M] (FoxTab) -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}

[2010.05.28 19:34:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\extensions\firegestures@xuldev.org

[2010.05.28 19:34:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\extensions\nasanightlaunch@example.com

[2010.08.01 14:56:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\extensions\netvideohunter@netvideohunter.com

[2010.05.28 19:33:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\extensions\piclens@cooliris.com

[2010.05.28 19:33:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\extensions\piclens@cooliris.com-trash

[2009.03.17 08:52:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\extensions\splash@aldreneo.com

[2010.05.28 19:34:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\extensions\timetrack@usablehack.com

[2009.02.02 06:14:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\extensions\xulprofiler@yoono.com

[2009.07.02 01:57:34 | 000,000,890 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\searchplugins\conduit.xml

[2010.03.21 08:42:28 | 000,002,055 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Mozilla\Firefox\Profiles\pdc70veu.default\searchplugins\daemon-search.xml

[2010.08.01 14:55:41 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions

[2010.06.01 22:28:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll

[2009.04.08 04:06:28 | 000,122,880 | ---- | M] (AB) -- C:\Programme\Mozilla Firefox\plugins\NPOP7PlugIn.dll

[2010.03.23 12:25:56 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml

[2010.03.23 12:25:56 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml

[2010.03.23 12:25:56 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml

[2010.03.23 12:25:56 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml

[2010.03.23 12:25:56 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2010.07.18 08:07:41 | 000,000,853 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: 127.0.0.1                                activate.adobe.com

O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()

O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Programme\Styler\TB\StylerTB.dll (StyleFantasist)

O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)

O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [DrvIcon] C:\Programme\Vista Drive Icon\DrvIcon.exe (artArmin)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [TrayServer] C:\Programme\MAGIX\Video_deluxe_2008_PLUS\Trayserver.exe (MAGIX AG)

O4 - HKLM..\Run: [vilaunch] C:\WINDOWS\system32\vilaunch.exe ()

O4 - HKCU..\Run: [H/PC Connection Agent] C:\Programme\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)

O4 - HKCU..\Run: [LClock] C:\Programme\LClock\LClock.exe ()

O4 - HKCU..\Run: [Pando Media Booster] C:\Programme\Pando Networks\Media Booster\PMB.exe ()

O4 - HKCU..\Run: [RocketDock] C:\Programme\RocketDock\RocketDock.exe ()

O4 - HKCU..\Run: [Simp] C:\Programme\Secway\SimpLite-MSN 2.2\SimpLite-MSN.exe (Secway)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\REALTEK USB Wireless LAN Utility.lnk = C:\Programme\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe (Realtek Semiconductor Corp.)

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177

O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Save YouTube Video - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)

O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)

O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)

O12 - Plugin for: .spop - C:\Programme\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)

O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Vertrauenswürdige Sites)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\VIRUS\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\VIRUS\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 0

O32 - AutoRun File - [2009.01.31 15:13:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{4c7fcf68-3d93-11de-9b5c-000e2e4c2785}\Shell\AutoRun\command - "" = I:\setupSNK.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2010.08.17 15:45:20 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\VIRUS\Desktop\OTL.exe

[2010.08.17 15:03:18 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\VIRUS\Recent

[2010.08.17 11:46:38 | 003,420,304 | ---- | C] (Piriform Ltd) -- C:\Dokumente und Einstellungen\VIRUS\Desktop\ccsetup234.exe

[2010.08.17 09:41:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\VIRUS\Desktop\rrr

[2010.08.15 21:44:56 | 000,000,000 | ---D | C] -- C:\Programme\Unlocker

[2010.08.13 00:49:37 | 000,030,528 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe

[2010.08.13 00:49:36 | 000,030,016 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll

[2010.08.13 00:49:13 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2010

[2010.08.13 00:48:30 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}

[2010.08.13 00:39:17 | 019,793,728 | ---- | C] (TuneUp Software) -- C:\Dokumente und Einstellungen\VIRUS\Desktop\TU2010TrialDE.exe

[2010.08.06 22:25:17 | 000,000,000 | ---D | C] -- C:\Programme\ESET

[2010.08.06 20:02:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\VIRUS\Desktop\WindowsScan

[2010.08.06 17:38:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\VIRUS\Desktop\REPORT

[2010.08.02 08:00:52 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro

[2010.08.02 08:00:36 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\VIRUS\Desktop\HJTInstall.exe

[2010.08.01 17:59:49 | 000,000,000 | ---D | C] -- C:\Programme\Resolume Avenue 3.2.0

[2010.08.01 17:58:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Resolume Avenue 3

[2010.08.01 17:58:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\VIRUS\Eigene Dateien\Resolume Avenue 3

[2010.08.01 17:58:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\Resolume

[2010.08.01 17:00:54 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DivX Shared

[2010.07.27 15:27:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan

[2010.07.27 15:27:41 | 000,000,000 | ---D | C] -- C:\Programme\Security Task Manager

[2010.07.26 00:50:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Originals

[2010.07.24 18:09:35 | 000,027,165 | ---- | C] (VIA Technologies, Inc.              ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys

[2010.07.22 05:14:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Resolume.Avenue.v3.2.0-UNION

[2010.07.22 00:26:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\VIRUS\Desktop\e

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2010.08.17 15:45:24 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\VIRUS\Desktop\OTL.exe

[2010.08.17 14:52:15 | 000,196,687 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml

[2010.08.17 14:52:12 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010.08.17 14:52:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010.08.17 14:51:31 | 011,534,336 | -H-- | M] () -- C:\Dokumente und Einstellungen\VIRUS\NTUSER.DAT

[2010.08.17 14:51:26 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat

[2010.08.17 11:47:30 | 000,000,667 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\CCleaner.lnk

[2010.08.17 11:46:45 | 003,420,304 | ---- | M] (Piriform Ltd) -- C:\Dokumente und Einstellungen\VIRUS\Desktop\ccsetup234.exe

[2010.08.17 09:44:15 | 000,000,135 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2010.08.17 00:57:13 | 000,017,882 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\AVSMediaPlayer.m3u

[2010.08.16 19:38:00 | 000,001,156 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-616249376-725345543-1003Core1cab6499aab732.job

[2010.08.15 23:44:20 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010.08.15 21:43:53 | 001,015,869 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\unlocker1.9.0.exe

[2010.08.15 05:22:46 | 000,001,425 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\0202.m3u

[2010.08.13 18:40:08 | 001,066,938 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010.08.13 18:40:08 | 000,458,476 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2010.08.13 18:40:08 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010.08.13 18:40:08 | 000,084,318 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2010.08.13 18:40:08 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010.08.13 17:17:19 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\VIRUS\ntuser.ini

[2010.08.13 00:49:34 | 000,001,722 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk

[2010.08.13 00:49:34 | 000,001,708 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities.lnk

[2010.08.13 00:48:19 | 000,011,821 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\EVO 1,6 GB DOWNLOAD

[2010.08.13 00:40:16 | 019,793,728 | ---- | M] (TuneUp Software) -- C:\Dokumente und Einstellungen\VIRUS\Desktop\TU2010TrialDE.exe

[2010.08.11 23:50:33 | 000,063,488 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\whats this

[2010.08.11 23:22:08 | 000,000,034 | ---- | M] () -- C:\WINDOWS\cdplayer.ini

[2010.08.11 13:41:58 | 000,000,495 | ---- | M] () -- C:\WINDOWS\BeatBox.INI

[2010.08.11 13:41:57 | 000,000,028 | ---- | M] () -- C:\WINDOWS\Robota.INI

[2010.08.09 23:53:15 | 000,307,885 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Unbenannt(1).jpg

[2010.08.09 23:43:33 | 000,173,748 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\blabla.jpg

[2010.08.06 22:25:04 | 002,672,312 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\esetsmartinstaller_deu.exe

[2010.08.06 20:01:49 | 000,001,046 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\WindowsScan.zip

[2010.08.06 17:15:54 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job

[2010.08.05 22:54:25 | 000,137,216 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010.08.04 20:56:27 | 158,313,624 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Sangriá-Hunters by EDELMANN.mp3

[2010.08.02 15:24:17 | 050,058,607 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\set test.mp3

[2010.08.02 08:00:52 | 000,001,711 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\HijackThis.lnk

[2010.08.02 08:00:36 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\VIRUS\Desktop\HJTInstall.exe

[2010.08.01 18:44:51 | 000,024,798 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Official Link List.odt

[2010.08.01 18:27:11 | 050,365,743 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Rainbow_blur_background_v2.part2.rar

[2010.07.31 10:59:04 | 000,008,373 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\3eb255d4ec.jpeg

[2010.07.31 05:22:24 | 000,903,069 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Silent Hill 5.odt

[2010.07.30 11:41:53 | 002,083,434 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Facekicked.gif

[2010.07.27 16:26:39 | 000,000,689 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2010.07.27 15:27:24 | 001,709,408 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\taskmanager17.exe

[2010.07.26 00:50:36 | 000,486,447 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Twitter.jpg

[2010.07.26 00:49:27 | 004,200,054 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\twitter_background_.bmp

[2010.07.26 00:38:16 | 000,285,990 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\twitter_background_.jpg

[2010.07.25 20:59:59 | 000,008,212 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Eigene Dateien\IpsThumb.db

[2010.07.25 20:49:11 | 000,077,462 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\LoPa (1).jpg

[2010.07.25 20:48:52 | 000,123,836 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\LoPa (2).jpg

[2010.07.25 20:47:33 | 000,155,405 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\LoPa.jpg

[2010.07.25 03:44:21 | 000,105,854 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Unbenannt.jpg

[2010.07.23 02:33:57 | 000,315,727 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\YouTubeDesign.jpg

[2010.07.21 16:53:10 | 000,030,938 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Neu OpenDocument Text.odt

[2010.07.21 07:05:24 | 000,064,188 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Neu Rich Text Dokument.rtf

[2010.07.19 16:39:44 | 000,893,508 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\riss-im-asphalt.jpg

[2010.07.19 16:37:53 | 000,241,682 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\asphalt_gross.jpg

[2010.07.19 16:37:33 | 000,443,450 | ---- | M] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\wallpaper_asphalt_1600.jpg

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2010.08.17 11:47:30 | 000,000,667 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\CCleaner.lnk

[2010.08.15 21:43:52 | 001,015,869 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\unlocker1.9.0.exe

[2010.08.15 05:22:46 | 000,001,425 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\0202.m3u

[2010.08.13 00:49:34 | 000,001,722 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk

[2010.08.13 00:49:34 | 000,001,708 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities.lnk

[2010.08.11 08:52:50 | 000,063,488 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\whats this

[2010.08.09 23:53:08 | 000,307,885 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Unbenannt(1).jpg

[2010.08.09 23:43:29 | 000,173,748 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\blabla.jpg

[2010.08.06 22:24:55 | 002,672,312 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\esetsmartinstaller_deu.exe

[2010.08.06 20:01:49 | 000,001,046 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\WindowsScan.zip

[2010.08.04 20:48:56 | 158,313,624 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Sangriá-Hunters by EDELMANN.mp3

[2010.08.02 15:17:41 | 050,058,607 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\set test.mp3

[2010.08.02 08:00:52 | 000,001,711 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\HijackThis.lnk

[2010.08.01 18:18:29 | 050,365,743 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Rainbow_blur_background_v2.part2.rar

[2010.07.31 10:59:04 | 000,008,373 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\3eb255d4ec.jpeg

[2010.07.31 04:41:56 | 000,903,069 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Silent Hill 5.odt

[2010.07.30 11:41:52 | 002,083,434 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Facekicked.gif

[2010.07.27 16:26:39 | 000,000,689 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2010.07.27 15:27:21 | 001,709,408 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\taskmanager17.exe

[2010.07.26 00:49:27 | 004,200,054 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\twitter_background_.bmp

[2010.07.26 00:46:39 | 000,486,447 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Twitter.jpg

[2010.07.26 00:38:16 | 000,285,990 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\twitter_background_.jpg

[2010.07.25 20:59:59 | 000,008,212 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Eigene Dateien\IpsThumb.db

[2010.07.25 18:25:30 | 000,123,836 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\LoPa (2).jpg

[2010.07.25 18:25:21 | 000,155,405 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\LoPa.jpg

[2010.07.25 18:25:16 | 000,077,462 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\LoPa (1).jpg

[2010.07.25 03:44:16 | 000,105,854 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Unbenannt.jpg

[2010.07.23 02:33:56 | 000,315,727 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\YouTubeDesign.jpg

[2010.07.21 06:55:43 | 000,064,188 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\Neu Rich Text Dokument.rtf

[2010.07.20 00:51:44 | 000,011,821 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\EVO 1,6 GB DOWNLOAD

[2010.07.19 16:39:44 | 000,893,508 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\riss-im-asphalt.jpg

[2010.07.19 16:37:53 | 000,241,682 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\asphalt_gross.jpg

[2010.07.19 16:37:33 | 000,443,450 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Desktop\wallpaper_asphalt_1600.jpg

[2010.06.16 21:13:19 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll

[2010.06.16 21:13:19 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\advd.dll

[2010.06.16 21:13:19 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\auth.dll

[2010.06.03 20:52:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\BsMobileModel.ini

[2010.05.08 19:07:36 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\$_hpcst$.hpc

[2010.04.25 04:24:29 | 000,000,022 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Lokale Einstellungen\Anwendungsdaten\kodakpcd.ini

[2010.04.06 18:33:10 | 000,030,088 | ---- | C] () -- C:\WINDOWS\System32\drivers\btnetBus.sys

[2010.04.02 21:11:26 | 000,137,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys

[2010.04.02 21:11:25 | 000,139,152 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\PnkBstrK.sys

[2010.03.03 00:13:13 | 000,017,882 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\AVSMediaPlayer.m3u

[2010.02.13 15:55:00 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Anwendungsdaten\$_hpcst$.hpc

[2009.12.11 03:01:39 | 000,005,051 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\xqkcebzs.dik

[2009.12.03 23:07:05 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI

[2009.11.10 06:35:11 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\WBCustomizer.dll

[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[2009.10.03 00:57:47 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini

[2009.10.03 00:31:14 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys

[2009.10.03 00:31:14 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys

[2009.08.07 13:33:24 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2009.08.07 13:33:24 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2009.08.07 13:33:24 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\DVDIFOFilter.dll

[2009.02.19 19:00:15 | 000,000,495 | ---- | C] () -- C:\WINDOWS\BeatBox.INI

[2009.02.12 07:51:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MusicEditor.INI

[2009.02.05 13:13:13 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2009.02.04 08:22:22 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Robota.INI

[2009.02.04 08:21:35 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\mgxasio2.dll

[2009.02.04 07:05:23 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll

[2009.02.04 07:03:41 | 000,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini

[2009.02.03 07:50:07 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys

[2009.02.03 03:00:25 | 000,116,024 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat

[2009.02.01 20:30:42 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\vuins32.dll

[2009.02.01 02:26:49 | 000,137,216 | ---- | C] () -- C:\Dokumente und Einstellungen\VIRUS\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009.02.01 01:11:29 | 000,000,135 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2009.01.31 19:15:06 | 000,000,487 | ---- | C] () -- C:\WINDOWS\demo.INI

[2009.01.31 16:29:33 | 000,000,077 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini

[2009.01.31 16:04:25 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL

[2009.01.31 15:29:11 | 000,002,322 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini

[2009.01.31 15:29:10 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS

[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll

[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll

[2004.08.04 02:57:34 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

< End of report >

--- --- ---

2#

OTL Logfile:

Code:

OTL Extras logfile created on: 17.08.2010 15:46:44 - Run 1

OTL by OldTimer - Version 3.2.10.0     Folder = C:\Dokumente und Einstellungen\VIRUS\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free

Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 253,72 Gb Total Space | 166,80 Gb Free Space | 65,74% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

Drive G: | 677,79 Gb Total Space | 130,36 Gb Free Space | 19,23% Space Free | Partition Type: NTFS

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: THEVIRUS

Current User Name: VIRUS

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- Reg Error: Key error.

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [ACDSee 10.0.Browse] -- "C:\Programme\ACD Systems\ACDSee\10.0\ACDSeeQV10.exe" "%1" (ACD Systems)

Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()

Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)

Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)

Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

"57236:TCP" = 57236:TCP:*:Enabled:Pando Media Booster

"57236:UDP" = 57236:UDP:*:Enabled:Pando Media Booster

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

"57236:TCP" = 57236:TCP:*:Enabled:Pando Media Booster

"57236:UDP" = 57236:UDP:*:Enabled:Pando Media Booster

"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4

"3703:TCP" = 3703:TCP:*:Enabled:Adobe Version Cue CS4 Server

"3704:TCP" = 3704:TCP:*:Enabled:Adobe Version Cue CS4 Server

"51000:TCP" = 51000:TCP:*:Enabled:Adobe Version Cue CS4 Server

"51001:TCP" = 51001:TCP:*:Enabled:Adobe Version Cue CS4 Server

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Programme\MSN Messenger\msncall.exe" = C:\Programme\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found

"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)

"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)

"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

"G:\theVIRUS\Make in Love\Foto Session\Kodak EasyShare software\bin\EasyShare.exe" = G:\theVIRUS\Make in Love\Foto Session\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)

"C:\Programme\TeamViewer\Version4\TeamViewer.exe" = C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)

"G:\Games\Heros in the Sky\heroes in the sky\HIS.exe" = G:\Games\Heros in the Sky\heroes in the sky\HIS.exe:*:Enabled:his -- ()

"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)

"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)

"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

"C:\Programme\Steam\Steam.exe" = C:\Programme\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)

"G:\Games\DiRT II\dirt2_game.exe" = G:\Games\DiRT II\dirt2_game.exe:*:Enabled:DiRT2 -- (Codemasters)

"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

"G:\Games\GTA Grand Theft Auto\GTA IV\Grand Theft Auto 4\Grand Theft Auto IV\LaunchGTAIV.exe" = G:\Games\GTA Grand Theft Auto\GTA IV\Grand Theft Auto 4\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Sony DADC Austria AG)

"C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)

"C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe" = C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:*:Enabled:Adobe Version Cue CS4 Server -- (Adobe Systems Incorporated)

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4

"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable

"{036AA4D4-6D32-11D4-9875-00105ACE7734}" = Logitech iTouch Software

"{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}" = Adobe Flash Player 10 Plugin

"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu

"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4

"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4

"{06CA97F7-1421-4969-ACC5-D175D3E45A5E}" = Florensia

"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC

"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club

"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler

"{0C053AE9-9DB6-42EE-B991-B6C57BB5F63F}" = Florensia

"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4

"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4

"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday

"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD

"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4

"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen

"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4

"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4

"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4

"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB

"{17A87ED9-129A-4516-A3BF-5E513D23C3BB}" = Aureon 5.1 Fun ControlPanel

"{190F5799-0795-46CF-A341-2FD0820652D8}" = SimpLite-MSN 2.2

"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR

"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server

"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4

"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler

"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 20

"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime

"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models

"{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}" = GTA2

"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie

"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)

"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE

"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt

"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4

"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4

"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion

"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4

"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4

"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4

"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin

"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup

"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger

"{428102E6-8A39-48B9-8389-847F5A44A600}" = MSXML 4.0

"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4

"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore

"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit

"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets

"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg

"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4

"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1

"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs

"{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2

"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001

"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV

"{54BB0384-1C33-488F-A95B-877E480D3EDC}" = MSXML 4.0

"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support

"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4

"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter

"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV

"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call

"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA

"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink

"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support

"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5

"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection

"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4

"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support

"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr

"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content

"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD

"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK

"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids

"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic

"{6FC4A9C1-2008-46F0-A1CF-6611F5F4DC49}" = EVO - Seperated drivers

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4

"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync

"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en

"{7AED71CD-5538-4A60-8ECF-B9C45CD21E9C}" = GameSpy Comrade

"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime

"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files

"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)

"{7F28246A-CEF7-46EF-8708-511A57FA5F2C}" = Evolution - The Genesis Project

"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4

"{868D7896-99D4-4513-BC62-2B3AD3E24926}" = TuneUp Utilities 2006

"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4

"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr

"{8983409B-E79D-4712-ABDC-665052FF625B}" = Everlight

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS

"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday

"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini

"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui

"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)

"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM

"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync

"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt

"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch

"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch

"{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}" = Ipswitch WS_FTP Professional 2007

"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK

"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4

"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4

"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI

"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content

"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect

"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore

"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4

"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4

"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module

"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT

"{BE686891-3C56-4714-AFEF-341A7867BA80}" = REALTEK USB Wireless LAN Driver and Utility

"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver

"{C1939820-A945-11D4-86F6-0001031E5712}" = InterVideo WinDVD

"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU

"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU

"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters

"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4

"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser

"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com

"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1

"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare Software

"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities

"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4

"{D765F1CE-5AE5-4C47-B134-AE58AC474740}" = OpenOffice.org 3.1

"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR

"{DD5B65F7-7CA5-4DE4-AEE7-7E8F26BF78F5}" = OpenOffice.org 2.3

"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4

"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer

"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX

"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips

"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup

"{EBACD371-EA18-4BBF-B505-1BA015C9DF3F}_is1" = Race On Offline

"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase

"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack

"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK

"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4

"{F8B98EB6-FC06-45BF-87D4-9784E0408611}" = ACDSee 10 Photo Manager

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4

"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials

"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4

"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS

"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs

"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock

"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All

"Adobe Acrobat 5.0" = Adobe Acrobat 5.0

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX

"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4

"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"AVS Media Player_is1" = AVS Media Player 3.1

"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3

"CCleaner" = CCleaner

"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"Counter-Strike Source_is1" = Counter-Strike Source v1.0.0.22

"CubeDesktop" = CubeDesktop 1.3.1

"CursorXP" = CursorXP

"DAEMON Tools Toolbar" = DAEMON Tools Toolbar

"DivX Setup.divx.com" = DivX-Setup

"EADM" = EA Download Manager

"Easypano panowalker_is1" = panowalker

"ESET Online Scanner" = ESET Online Scanner v3

"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.60

"Fiesta Online" = Fiesta Online 1.01.004

"Free Video to Flash Converter_is1" = Free Video to Flash Converter version 4.2

"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.08

"Free YouTube Converter_is1" = Free YouTube Converter

"Free YouTube Download_is1" = Free YouTube Download 2.3

"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1

"FXhome EffectsLab Lite" = FXhome EffectsLab Lite (remove only)

"GTR Evolution_1.1.1.2_is1" = GTR Evolution

"heroes in the sky" = heroes in the sky

"HijackThis" = HijackThis 2.0.2

"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0

"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters

"IsoBuster_is1" = IsoBuster 2.5

"Logitech Resource Center" = Logitech Resource Center

"MAGIX Fotobuch" = MAGIX Fotobuch 3.2

"MAGIX Music Maker 14 Producer Edition Download version US" = MAGIX Music Maker 14 Producer Edition Download version 13.0.2.1 (US)

"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)

"MAGIX Screenshare US" = MAGIX Screenshare 4.3.6.1987 (US)

"MAGIX Video deluxe 2008 PLUS D" = MAGIX Video deluxe 2008 PLUS 7.5.0.20 (D)

"MAGIX Xtreme Foto Designer 6 D" = MAGIX Xtreme Foto Designer 6 6.0.22.0 (D)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack

"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)

"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition

"NeroVision!UninstallKey" = NeroVision Express 2

"NMPUninstallKey" = Nero Media Player

"NVIDIA Drivers" = NVIDIA Drivers

"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager

"OpenAL" = OpenAL

"OPERATION7" = OPERATION7

"PhotoScape" = PhotoScape

"PowerISO" = PowerISO

"Project Vii ICQ Skin - isnichwahr.de Edition" = Project Vii ICQ Skin - isnichwahr.de Edition

"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10

"PunkBusterSvc" = PunkBuster Services

"Reason4_is1" = Reason 4.0

"Resolume Avenue 3.2.0_is1" = Resolume Avenue 3.2.0

"RocketDock_is1" = RocketDock 1.3.5

"Security Task Manager" = Security Task Manager 1.7h

"Seven Transformation Pack" = Seven Transformation Pack 4.0

"Silent Hill 2_is1" = Silent Hill 2

"Silent Hill 3_is1" = Silent Hill 3

"Silent Hill 4_is1" = Silent Hill 4

"Silent Hill 5_is1" = Silent Hill 5

"Silent Hill_is1" = Silent Hill

"TeamViewer 4" = TeamViewer 4

"Trillian" = Trillian

"TuneUp Utilities" = TuneUp Utilities

"Unlocker" = Unlocker 1.9.0

"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions

"Vista Transformation Pack" = Vista Transformation Pack 8.0

"VLC media player" = VLC media player 0.9.8a

"WAV to MP3" = WAV to MP3

"Winamp" = Winamp

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = WinRAR

"WMFDist11" = Windows Media Format 11 runtime

"xp-AntiSpy" = xp-AntiSpy 3.97

"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

"UnityWebPlayer" = Unity Web Player

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 13.08.2010 11:16:07 | Computer Name = THEVIRUS | Source = MsiInstaller | ID = 1008

Description = Die Installation von C:\WINDOWS\Installer\7e21f54.msi ist aufgrund

 eines Fehlers in der Verarbeitung der Richtlinie für Softwareeinschränkungen nicht

 zugelassen. Das Objekt ist nicht vertrauenswürdig.

 

Error - 13.08.2010 11:16:07 | Computer Name = THEVIRUS | Source = MsiInstaller | ID = 1008

Description = Die Installation von C:\WINDOWS\Installer\44ee181.msi ist aufgrund

 eines Fehlers in der Verarbeitung der Richtlinie für Softwareeinschränkungen nicht

 zugelassen. Das Objekt ist nicht vertrauenswürdig.

 

Error - 13.08.2010 11:16:07 | Computer Name = THEVIRUS | Source = MsiInstaller | ID = 1008

Description = Die Installation von C:\WINDOWS\Installer\44ee181.msi ist aufgrund

 eines Fehlers in der Verarbeitung der Richtlinie für Softwareeinschränkungen nicht

 zugelassen. Das Objekt ist nicht vertrauenswürdig.

 

Error - 13.08.2010 11:16:07 | Computer Name = THEVIRUS | Source = MsiInstaller | ID = 1008

Description = Die Installation von C:\WINDOWS\Installer\7e21f42.msi ist aufgrund

 eines Fehlers in der Verarbeitung der Richtlinie für Softwareeinschränkungen nicht

 zugelassen. Das Objekt ist nicht vertrauenswürdig.

 

Error - 13.08.2010 11:16:07 | Computer Name = THEVIRUS | Source = MsiInstaller | ID = 1008

Description = Die Installation von C:\WINDOWS\Installer\7e21f42.msi ist aufgrund

 eines Fehlers in der Verarbeitung der Richtlinie für Softwareeinschränkungen nicht

 zugelassen. Das Objekt ist nicht vertrauenswürdig.

 

Error - 13.08.2010 11:16:50 | Computer Name = THEVIRUS | Source = EventSystem | ID = 4609

Description = Das COM+-Ereignissystem hat einen ungültigen Rückgabecode während 

der internen Verarbeitung erkannt. HRESULT war 8007043C von Zeile 44 von f:\xpsp3\com\com1x\src\events\tier1\eventsystemobj.cpp.

 Wenden Sie sich an den Microsoft-Produktsuppor

 

Error - 13.08.2010 11:22:36 | Computer Name = THEVIRUS | Source = MsiInstaller | ID = 1008

Description = Die Installation von C:\Programme\MSN\MSNCoreFiles\Install\MSN9Components\msnmsgs.msi

 ist aufgrund eines Fehlers in der Verarbeitung der Richtlinie für Softwareeinschränkungen

 nicht zugelassen. Das Objekt ist nicht vertrauenswürdig.

 

Error - 13.08.2010 11:23:14 | Computer Name = THEVIRUS | Source = MsiInstaller | ID = 1008

Description = Die Installation von C:\Programme\MSN\MSNCoreFiles\Install\MSN9Components\msnmsgs.msi

 ist aufgrund eines Fehlers in der Verarbeitung der Richtlinie für Softwareeinschränkungen

 nicht zugelassen. Das Objekt ist nicht vertrauenswürdig.

 

Error - 13.08.2010 11:24:06 | Computer Name = THEVIRUS | Source = MsiInstaller | ID = 1008

Description = Die Installation von C:\Programme\MSN\MSNCoreFiles\Install\MSN9Components\msnmsgs.msi

 ist aufgrund eines Fehlers in der Verarbeitung der Richtlinie für Softwareeinschränkungen

 nicht zugelassen. Das Objekt ist nicht vertrauenswürdig.

 

Error - 15.08.2010 19:22:42 | Computer Name = THEVIRUS | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung divxupdate.exe, Version 1.0.1.10, fehlgeschlagenes

 Modul msvcp80.dll, Version 8.0.50727.4053, Fehleradresse 0x000100b5.

 

[ System Events ]

Error - 13.08.2010 12:13:40 | Computer Name = THEVIRUS | Source = Srv | ID = 2000

Description = Der Aufruf eines Systemdienstes durch den Serverdienst ist unerwartet

 fehlgeschlagen.

 

Error - 13.08.2010 12:13:40 | Computer Name = THEVIRUS | Source = Srv | ID = 2000

Description = Der Aufruf eines Systemdienstes durch den Serverdienst ist unerwartet

 fehlgeschlagen.

 

Error - 13.08.2010 12:49:53 | Computer Name = THEVIRUS | Source = Service Control Manager | ID = 7034

Description = Dienst "TuneUp Drive Defrag-Dienst" wurde unerwartet beendet. Dies

 ist bereits 1 Mal passiert.

 

Error - 15.08.2010 13:59:04 | Computer Name = THEVIRUS | Source = Srv | ID = 2000

Description = Der Aufruf eines Systemdienstes durch den Serverdienst ist unerwartet

 fehlgeschlagen.

 

Error - 15.08.2010 13:59:04 | Computer Name = THEVIRUS | Source = Srv | ID = 2000

Description = Der Aufruf eines Systemdienstes durch den Serverdienst ist unerwartet

 fehlgeschlagen.

 

Error - 15.08.2010 17:49:29 | Computer Name = THEVIRUS | Source = Service Control Manager | ID = 7034

Description = Dienst "TuneUp Drive Defrag-Dienst" wurde unerwartet beendet. Dies

 ist bereits 1 Mal passiert.

 

Error - 15.08.2010 21:41:41 | Computer Name = THEVIRUS | Source = Service Control Manager | ID = 7031

Description = Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist

 bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden

 durchgeführt: Starten Sie den Dienst neu..

 

Error - 15.08.2010 22:07:34 | Computer Name = THEVIRUS | Source = Service Control Manager | ID = 7034

Description = Dienst "TuneUp Utilities Service" wurde unerwartet beendet. Dies ist

 bereits 1 Mal passiert.

 

Error - 16.08.2010 19:59:05 | Computer Name = THEVIRUS | Source = Service Control Manager | ID = 7034

Description = Dienst "TuneUp Utilities Service" wurde unerwartet beendet. Dies ist

 bereits 1 Mal passiert.

 

Error - 17.08.2010 05:01:36 | Computer Name = THEVIRUS | Source = Service Control Manager | ID = 7034

Description = Dienst "TuneUp Utilities Service" wurde unerwartet beendet. Dies ist

 bereits 1 Mal passiert.

 

 

< End of report >

--- --- ---