ComboFix 09-07-09.08 - Alex 11.07.2009 17:09.1.4 - NTFSx86
Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1252.49.1031.18.2047.1178 [GMT 2:00]
ausgeführt von:: c:\users\Alex\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1229 [VPS 081114-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1229 [VPS 081114-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows-Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\$recycle.bin\S-1-5-21-2979653160-3419397832-1766153521-500
c:\$recycle.bin\S-1-5-21-82469758-2491866950-3852801962-500
c:\users\Alex\AppData\Local\meoeasu.dat
c:\users\Alex\AppData\Local\meoeasu_nav.dat
c:\users\Alex\AppData\Local\meoeasu_navps.dat
c:\windows\Installer\18787f0.msi
E:\install.exe

.
(((((((((((((((((((((((   Dateien erstellt von 2009-06-11 bis 2009-07-11  ))))))))))))))))))))))))))))))
.

2009-07-11 15:14 . 2009-07-11 15:14	--------	d-----w-	c:\users\Alex\AppData\Local\temp
2009-07-11 14:17 . 2009-07-11 14:17	--------	d-----w-	c:\users\Alex\AppData\Roaming\Malwarebytes
2009-07-11 14:17 . 2009-06-17 09:27	38160	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-11 14:17 . 2009-07-11 14:17	--------	d-----w-	c:\programdata\Malwarebytes
2009-07-11 14:17 . 2009-07-11 15:03	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2009-07-11 14:17 . 2009-06-17 09:27	19096	----a-w-	c:\windows\system32\drivers\mbam.sys
2009-07-11 14:12 . 2009-07-11 14:12	--------	d-----w-	c:\program files\CCleaner
2009-07-11 13:45 . 2009-07-11 13:45	--------	d-----w-	c:\program files\Trend Micro
2009-07-11 09:54 . 2006-02-10 13:51	1391040	----a-w-	c:\windows\system32\drivers\cmudaxu.sys
2009-07-11 09:54 . 2006-01-03 14:07	61440	----a-w-	c:\windows\system\cmsnxeye.exe
2009-07-11 09:54 . 2005-12-21 16:41	253952	----a-w-	c:\windows\system32\cmdrvrmu.exe
2009-07-11 09:54 . 2005-03-07 16:29	45056	----a-w-	c:\windows\system32\cmdrvrmu.dll
2009-07-11 09:54 . 2004-04-14 13:28	315392	----a-w-	c:\windows\system\cmifltr.dll
2009-07-11 09:54 . 2004-02-18 16:19	16384	----a-w-	c:\windows\system32\cmpropu.dll
2009-07-11 09:54 . 2004-02-13 17:39	98304	----a-w-	c:\windows\system32\cmudau.dll
2009-07-11 09:54 . 2002-04-29 17:04	917504	----a-w-	c:\windows\system\cmds3du.dll
2009-07-11 09:54 . 2001-11-23 14:08	712704	----a-w-	c:\windows\system32\a3dpropu.dll
2009-07-11 09:54 . 2001-11-23 14:08	712704	----a-w-	c:\windows\system32\a3d.dll
2009-07-11 09:54 . 2005-12-07 18:20	258048	------r-	c:\windows\CmiUSB2Uninstall.exe
2009-07-11 09:53 . 2009-07-11 09:54	--------	d-----w-	c:\program files\Trust HS-6400 5.1 Surround USB Headset
2009-07-10 16:56 . 2007-03-26 19:39	65536	----a-w-	c:\windows\system32\CmiInstallResAll.dll
2009-07-10 16:56 . 2007-01-16 15:49	65536	----a-w-	c:\windows\VMix.dll
2009-07-10 16:56 . 2009-07-10 16:56	--------	d-----w-	C:\download
2009-07-02 20:57 . 2009-07-02 20:57	--------	d-----w-	c:\program files\Common Files\DivX Shared
2009-06-21 00:34 . 2009-06-21 00:34	--------	d-----w-	c:\program files\iPod
2009-06-21 00:34 . 2009-06-21 00:34	--------	d-----w-	c:\program files\iTunes
2009-06-21 00:27 . 2009-06-21 00:27	75048	----a-w-	c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-20 08:41 . 2009-06-24 11:25	--------	d-----w-	c:\program files\City Interactive
2009-06-14 07:21 . 2009-04-30 12:37	293376	----a-w-	c:\windows\system32\psisdecd.dll
2009-06-14 07:21 . 2009-04-30 12:37	428544	----a-w-	c:\windows\system32\EncDec.dll

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-11 15:11 . 2009-04-20 07:37	--------	d-----w-	c:\users\Alex\AppData\Roaming\DNA
2009-07-11 15:01 . 2009-02-20 23:48	--------	d-----w-	c:\program files\Runes of Magic
2009-07-11 12:54 . 2008-11-16 02:04	89	----a-w-	c:\users\Alex\AppData\Local\avbeq.bat
2009-07-10 17:01 . 2009-05-01 02:29	--------	d-----w-	c:\programdata\Google Updater
2009-07-07 06:49 . 2009-04-25 02:41	--------	d-----w-	c:\program files\Curse
2009-07-02 20:58 . 2008-07-11 10:29	--------	d-----w-	c:\program files\DivX
2009-06-27 09:01 . 2008-07-17 19:39	--------	d-----w-	c:\program files\ICQ6
2009-06-27 09:00 . 2008-07-14 06:04	--------	d-----w-	c:\users\Alex\AppData\Roaming\Xfire
2009-06-21 02:28 . 2008-07-19 09:18	--------	d-----w-	c:\users\Alex\AppData\Roaming\Apple Computer
2009-06-21 00:38 . 2008-11-06 00:18	--------	d-----w-	c:\program files\Safari
2009-06-21 00:34 . 2008-07-19 09:16	--------	d-----w-	c:\program files\Common Files\Apple
2009-06-21 00:34 . 2008-07-19 09:17	--------	d-----w-	c:\programdata\Apple Computer
2009-06-20 08:13 . 2009-01-05 16:13	--------	d-----w-	c:\program files\Common Files\Blizzard Entertainment
2009-06-18 22:11 . 2007-11-07 06:31	618204	----a-w-	c:\windows\system32\perfh007.dat
2009-06-18 22:11 . 2007-11-07 06:31	122442	----a-w-	c:\windows\system32\perfc007.dat
2009-06-18 21:56 . 2009-01-05 16:13	--------	d-----w-	c:\program files\World of Warcraft
2009-06-18 21:50 . 2007-11-06 22:26	--------	d---a-w-	c:\program files\Common Files\LightScribe
2009-06-18 21:49 . 2009-06-07 15:06	--------	d-----w-	c:\program files\Leap Free Download YouTube Video Converter
2009-06-18 21:48 . 2008-12-12 19:49	--------	d-----w-	c:\programdata\Droppix
2009-06-18 20:25 . 2009-03-17 10:11	--------	d-----w-	c:\program files\Steam
2009-06-17 16:47 . 2009-03-17 10:11	--------	d-----w-	c:\program files\Common Files\Steam
2009-06-11 01:06 . 2008-12-04 14:41	--------	d-----w-	c:\programdata\Microsoft Help
2009-06-11 01:05 . 2007-11-06 22:29	--------	d-----w-	c:\program files\Microsoft Works
2009-06-07 15:42 . 2009-06-07 15:42	--------	d-----w-	c:\program files\QuickTime
2009-06-07 15:06 . 2008-09-03 03:14	--------	d-----w-	c:\program files\ffdshow
2009-05-31 09:08 . 2008-07-02 14:02	91240	----a-w-	c:\users\Alex\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-28 11:46 . 2008-07-11 10:40	--------	d-----w-	c:\users\Alex\AppData\Roaming\Tobit
2009-05-28 11:35 . 2007-11-06 22:27	--------	d-----w-	c:\program files\Common Files\muvee Technologies
2009-05-28 11:35 . 2007-11-06 22:16	--------	d--h--w-	c:\program files\InstallShield Installation Information
2009-05-28 11:30 . 2008-08-25 08:59	--------	d-----w-	c:\program files\Mumble
2009-05-28 11:28 . 2007-11-06 22:35	--------	d-----w-	c:\program files\Google
2009-05-28 11:25 . 2008-11-30 11:34	--------	d-----w-	c:\program files\Alt WAV MP3 WMA OGG Converter
2009-05-27 12:53 . 2009-05-27 12:51	119478	----a-w-	c:\windows\hpqins00.dat
2009-05-23 13:07 . 2009-05-23 13:07	--------	d-----w-	c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-05-21 10:12 . 2008-09-26 23:22	--------	d-----w-	c:\program files\Common Files\Adobe
2009-05-20 20:19 . 2009-05-20 20:18	--------	d-----w-	c:\program files\buffed
2009-05-13 12:08 . 2006-11-02 11:18	--------	d-----w-	c:\program files\Windows Mail
2009-05-01 21:02 . 2009-05-01 21:02	90112	----a-w-	c:\windows\system32\dpl100.dll
2009-05-01 21:02 . 2009-05-01 21:02	823296	----a-w-	c:\windows\system32\divx_xx0c.dll
2009-05-01 21:02 . 2009-05-01 21:02	823296	----a-w-	c:\windows\system32\divx_xx07.dll
2009-05-01 21:02 . 2009-05-01 21:02	815104	----a-w-	c:\windows\system32\divx_xx0a.dll
2009-05-01 21:02 . 2009-05-01 21:02	811008	----a-w-	c:\windows\system32\divx_xx16.dll
2009-05-01 21:02 . 2009-05-01 21:02	802816	----a-w-	c:\windows\system32\divx_xx11.dll
2009-05-01 21:02 . 2009-05-01 21:02	685056	----a-w-	c:\windows\system32\DivX.dll
2009-04-24 16:05 . 2009-06-10 20:11	827904	----a-w-	c:\windows\system32\wininet.dll
2009-04-24 16:02 . 2009-06-10 20:11	78336	----a-w-	c:\windows\system32\ieencode.dll
2009-04-24 13:44 . 2009-06-10 20:11	26624	----a-w-	c:\windows\system32\ieUnatt.exe
2009-04-23 12:43 . 2009-06-10 20:11	784896	----a-w-	c:\windows\system32\rpcrt4.dll
2009-04-23 12:42 . 2009-06-10 20:11	636928	----a-w-	c:\windows\system32\localspl.dll
2009-04-21 11:55 . 2009-06-10 20:11	2033152	----a-w-	c:\windows\system32\win32k.sys
2009-05-01 21:02 . 2009-05-01 21:02	1044480	----a-w-	c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02	200704	----a-w-	c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-03-11 20:06 . 2009-03-11 20:06	23	--sha-w-	c:\windows\System32\edacded0_x.dat
2007-11-07 06:46 . 2007-11-07 06:32	8192	--sha-w-	c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2008-10-08 11:22	1172792	----a-w-	c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-02-24 3558136]
"BitTorrent DNA"="c:\users\Alex\Program Files\DNA\btdna.exe" [2009-04-20 318272]
"CurseClient"="c:\program files\Curse\CurseClient.exe" [2009-07-07 1966592]
"BLASC"="c:\program files\buffed\BLASC.exe" [2009-05-20 2247168]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-05-24 71176]
"SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2008-01-10 92704]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-01-10 8530464]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-01-10 88608]
"AVMWlanClient"="c:\program files\avmwlanstick\wlangui.exe" [2007-12-19 1748992]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-13 177472]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-01-15 4874240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2007-04-03 44168]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ClipIncSrvTray"="c:\program files\Tobit ClipInc\Player\ClipIncTray.exe"
"HPAdvisor"=c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{18B6CA2E-793E-4FBD-98E9-9F811E87B6F7}"= UDP:c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{8F197EC9-26B4-4E32-B8A1-E21B5997819A}"= TCP:c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{4B1F2BD0-D871-4D88-BC11-C2615A3E178D}"= UDP:c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{CDBBF7CC-7801-451C-A045-2A6732503765}"= TCP:c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{D822A7E3-BCDF-4342-9131-B8DAA5F6F97E}"= UDP:c:\program files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{A6D03147-2901-4437-986D-65034A1FF578}"= TCP:c:\program files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{DB65EA73-4838-44E6-B8E6-F9F1CABBF311}"= TCP:9442:127.0.0.1:Intel(R) Viiv(TM) Media Server Discovery
"{D72BCCCE-02B2-4FEC-9A4A-5E8FE7D59D6A}"= TCP:1900:LocalSubnet:LocalSubnet:Intel(R) Viiv(TM) Media Server UPnP Discovery
"TCP Query User{5EC9A0C3-D4B6-4116-A5BC-5AB13C11DED3}c:\\program files\\zattoo\\zattood.exe"= UDP:c:\program files\zattoo\zattood.exe:zattood
"UDP Query User{32823EAB-60F6-4FE8-9474-826AD339B094}c:\\program files\\zattoo\\zattood.exe"= TCP:c:\program files\zattoo\zattood.exe:zattood
"TCP Query User{D4D0DDD6-187D-47A2-B702-AF5C18FAEBFC}c:\\program files\\zattoo\\zattoo.exe"= UDP:c:\program files\zattoo\zattoo.exe: 
"UDP Query User{89BF80BE-C0CD-43A8-8329-5105F9943049}c:\\program files\\zattoo\\zattoo.exe"= TCP:c:\program files\zattoo\zattoo.exe: 
"TCP Query User{1E661785-2DFA-4F44-92EA-55888F49F961}c:\\program files\\city interactive\\code of honor 2\\game.exe"= UDP:c:\program files\city interactive\code of honor 2\game.exe:game
"UDP Query User{7FAE5771-6AD6-4425-BC64-364B247AA7A1}c:\\program files\\city interactive\\code of honor 2\\game.exe"= TCP:c:\program files\city interactive\code of honor 2\game.exe:game
"TCP Query User{5CD1A758-FE4D-4F42-9A96-A917884B167D}c:\\program files\\steam\\steamapps\\shadowhunter1989\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\shadowhunter1989\counter-strike source\hl2.exe:hl2
"UDP Query User{491D6E34-3A32-463C-A77F-F4BD04486A19}c:\\program files\\steam\\steamapps\\shadowhunter1989\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\shadowhunter1989\counter-strike source\hl2.exe:hl2
"{07B0EE3D-3852-4AA8-8D70-FDD593678E74}"= UDP:Profile=Private|Profile=Public|c:\program files\Tobit ClipInc\Server\ClipInc-Server.exe:ClipInc Server
"{7EC72D51-BDF3-48F3-A583-C64BD1339C7B}"= TCP:Profile=Private|Profile=Public|c:\program files\Tobit ClipInc\Server\ClipInc-Server.exe:ClipInc Server
"{73924A6B-66EF-4066-8892-A914C33A4B20}"= UDP:Profile=Private|Profile=Public|c:\program files\Tobit ClipInc\Player\ClipInc-Player.exe:ClipInc Player
"{4265568A-9B00-48F0-929C-D63B25DF5BDF}"= TCP:Profile=Private|Profile=Public|c:\program files\Tobit ClipInc\Player\ClipInc-Player.exe:ClipInc Player
"TCP Query User{78B2FA9F-7C34-4AB3-89BA-C295A3B763B9}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
"UDP Query User{5AE37A89-AF55-4490-A427-1ED125C448D3}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
"TCP Query User{60F80B6E-3D70-48F2-9E49-68ABCA714951}c:\\program files\\icq6\\icq.exe"= UDP:c:\program files\icq6\icq.exe:ICQ Library
"UDP Query User{B27B821F-7329-4C7C-A3EB-7B74258E06BA}c:\\program files\\icq6\\icq.exe"= TCP:c:\program files\icq6\icq.exe:ICQ Library
"TCP Query User{3729E9D5-9E1A-48A1-8FBA-1C138C0EE698}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{30DB76E6-4D64-4C0F-B3A1-25DAB320AD37}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{0AC03B37-64A1-4637-A0AA-4793F84E9518}"= UDP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
"{0AA9C5C9-4D1F-491B-80EA-CBC1F33DD264}"= TCP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
"{57997FC3-9683-40DB-9102-42CDB4913960}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{DAA6D54D-D082-4A65-8486-1D43BEB27FA5}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{16E3362D-F7FA-4E02-9311-462B79A153B4}c:\\program files\\steam\\steamapps\\shadowhunter1989\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\shadowhunter1989\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{7B0885EE-38C6-44F0-ADDE-B1F07D1D62B3}c:\\program files\\steam\\steamapps\\shadowhunter1989\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\shadowhunter1989\counter-strike\hl.exe:Half-Life Launcher
"{0D868C0C-D53C-447D-A042-2D68280609D8}"= UDP:c:\program files\Atari\Neverwinter Nights 2\nwn2main.exe:Neverwinter Nights 2 Main
"{37C141C5-EA99-48DA-90CC-BE97DDC48FCA}"= TCP:c:\program files\Atari\Neverwinter Nights 2\nwn2main.exe:Neverwinter Nights 2 Main
"{A0212521-8226-4AFE-964A-D0851267518A}"= UDP:c:\program files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe:Neverwinter Nights 2 AMD
"{C148C2CE-6A62-4856-8992-CBFC4AB823B4}"= TCP:c:\program files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe:Neverwinter Nights 2 AMD
"{10C1ABD2-ED34-420E-9B82-4535788A7646}"= UDP:c:\program files\Atari\Neverwinter Nights 2\nwupdate.exe:Neverwinter Nights 2 Updater
"{476BF631-7945-41C4-B408-E46D6BFE73DE}"= TCP:c:\program files\Atari\Neverwinter Nights 2\nwupdate.exe:Neverwinter Nights 2 Updater
"{B5E18819-3FEA-436B-834E-E7FAED77393E}"= UDP:c:\program files\Atari\Neverwinter Nights 2\nwn2server.exe:Neverwinter Nights 2 Server
"{9F347B29-48DF-4E85-ADD0-F42033DFF77E}"= TCP:c:\program files\Atari\Neverwinter Nights 2\nwn2server.exe:Neverwinter Nights 2 Server
"TCP Query User{8602B359-E5D5-4AD9-96C4-3F22FF92C759}c:\\program files\\steam\\steamapps\\shadowhunter1989\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\shadowhunter1989\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{DF544025-B62D-4A7E-93CC-B29377FAD1EC}c:\\program files\\steam\\steamapps\\shadowhunter1989\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\shadowhunter1989\condition zero\hl.exe:Half-Life Launcher
"TCP Query User{F3A0F81B-3F6A-4343-B03D-DE0594AD10E5}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
"UDP Query User{B822EC64-0488-467F-A40A-43FDEA4B76E9}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
"TCP Query User{037D44FA-1B9A-48DE-9A1A-821A171D11AC}c:\\program files\\icq6\\icq.exe"= UDP:c:\program files\icq6\icq.exe:ICQ Library
"UDP Query User{5C15CEEF-CCE7-40DE-A549-124A209D657A}c:\\program files\\icq6\\icq.exe"= TCP:c:\program files\icq6\icq.exe:ICQ Library
"TCP Query User{5C054E0E-31C4-494F-81A5-BE8C26BE8727}c:\\users\\alex\\appdata\\local\\octoshape\\octoshape streaming services\\octoshapeclient.exe"= UDP:c:\users\alex\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe:octoshapeclient.exe
"UDP Query User{291EF690-A126-48D3-BAE6-3FE7CD5306B4}c:\\users\\alex\\appdata\\local\\octoshape\\octoshape streaming services\\octoshapeclient.exe"= TCP:c:\users\alex\appdata\local\octoshape\octoshape streaming services\octoshapeclient.exe:octoshapeclient.exe
"TCP Query User{16DD3FE6-0EFA-4334-8B76-1A6E31B578DA}c:\\program files\\zattoo\\zattood.exe"= UDP:c:\program files\zattoo\zattood.exe:zattood
"UDP Query User{113991AF-E405-47A0-A6AF-3C2FDF15ADAE}c:\\program files\\zattoo\\zattood.exe"= TCP:c:\program files\zattoo\zattood.exe:zattood
"TCP Query User{48A00C84-D599-4A7E-94A0-6AD2154F8497}c:\\program files\\zattoo\\zattoo.exe"= UDP:c:\program files\zattoo\zattoo.exe: 
"UDP Query User{9420F1B3-E6C5-40CF-9E96-87816EBF6888}c:\\program files\\zattoo\\zattoo.exe"= TCP:c:\program files\zattoo\zattoo.exe: 
"TCP Query User{08898FDF-1D26-4D74-9C10-D868C1B38F95}c:\\program files\\steam\\steamapps\\shadowhunter1989\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\shadowhunter1989\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{BE865D28-3DC0-4281-A936-7EEE1D6EFB39}c:\\program files\\steam\\steamapps\\shadowhunter1989\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\shadowhunter1989\counter-strike\hl.exe:Half-Life Launcher
"TCP Query User{094BFCA4-718B-456E-BCFF-07AA25D9077A}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{B45FB8D0-E5F6-431D-87BB-8D3AD5BE18EB}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{2C2CD03A-2FE2-49F5-800E-81EB9E5CD4B8}c:\\program files\\steam\\steamapps\\shadowhunter1989\\condition zero deleted scenes\\hl.exe"= UDP:c:\program files\steam\steamapps\shadowhunter1989\condition zero deleted scenes\hl.exe:Half-Life Launcher
"UDP Query User{0BB5B77B-10ED-4BC0-9062-67C9BE34A73E}c:\\program files\\steam\\steamapps\\shadowhunter1989\\condition zero deleted scenes\\hl.exe"= TCP:c:\program files\steam\steamapps\shadowhunter1989\condition zero deleted scenes\hl.exe:Half-Life Launcher
"TCP Query User{2A46FADC-B44F-4ACC-8287-B17F2C9CAF07}c:\\program files\\steam\\steamapps\\shadowhunter1989\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\shadowhunter1989\counter-strike source\hl2.exe:hl2
"UDP Query User{3BD710A8-266F-4797-84A0-F7DA12629E96}c:\\program files\\steam\\steamapps\\shadowhunter1989\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\shadowhunter1989\counter-strike source\hl2.exe:hl2
"TCP Query User{AFDBF1D0-A658-442C-8E81-EBC6916CB25E}c:\\users\\alex\\appdata\\roaming\\macromedia\\flash player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"= UDP:c:\users\alex\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe:octoshape.exe
"UDP Query User{7008C808-7B65-4E21-B650-2D2A84C9FBD9}c:\\users\\alex\\appdata\\roaming\\macromedia\\flash player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"= TCP:c:\users\alex\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe:octoshape.exe
"TCP Query User{02DDA742-B52D-41B8-8F57-16B26E87C1F5}c:\\program files\\teamspeak2_rc2\\server_windows.exe"= UDP:c:\program files\teamspeak2_rc2\server_windows.exe:Server
"UDP Query User{602889AE-B9B6-42B9-822A-A74E062A5C5C}c:\\program files\\teamspeak2_rc2\\server_windows.exe"= TCP:c:\program files\teamspeak2_rc2\server_windows.exe:Server
"{AB08A1EF-5FAC-4F26-9CB9-3891EE288175}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{1D9343A7-1C4A-4DCD-AB05-CCD0965AEA7C}c:\\program files\\steam\\steamapps\\shadowhunter1989\\zombie panic! source\\hl2.exe"= UDP:c:\program files\steam\steamapps\shadowhunter1989\zombie panic! source\hl2.exe:hl2
"UDP Query User{6B5AB64D-7449-41B5-83D7-D38DF0613986}c:\\program files\\steam\\steamapps\\shadowhunter1989\\zombie panic! source\\hl2.exe"= TCP:c:\program files\steam\steamapps\shadowhunter1989\zombie panic! source\hl2.exe:hl2
"TCP Query User{66A2647D-96E0-48F0-AB0C-3553F26A162B}c:\\program files\\steam\\steamapps\\shadowhunter1989\\age of chivalry\\hl2.exe"= UDP:c:\program files\steam\steamapps\shadowhunter1989\age of chivalry\hl2.exe:hl2
"UDP Query User{285A6573-F3D1-4F62-AE57-56F0D5A5AAE9}c:\\program files\\steam\\steamapps\\shadowhunter1989\\age of chivalry\\hl2.exe"= TCP:c:\program files\steam\steamapps\shadowhunter1989\age of chivalry\hl2.exe:hl2
"TCP Query User{696466ED-67DA-4A76-94CF-26750F0BD486}c:\\program files\\steam\\steamapps\\shadowhunter1989\\day of defeat\\hl.exe"= UDP:c:\program files\steam\steamapps\shadowhunter1989\day of defeat\hl.exe:Half-Life Launcher
"UDP Query User{10A3F3AC-CC38-4AEA-BF3D-53619CB31A8A}c:\\program files\\steam\\steamapps\\shadowhunter1989\\day of defeat\\hl.exe"= TCP:c:\program files\steam\steamapps\shadowhunter1989\day of defeat\hl.exe:Half-Life Launcher
"TCP Query User{E3D8CF1B-73CC-44BE-BDD1-50DDD119F8AB}c:\\program files\\steam\\steamapps\\shadowhunter1989\\day of defeat source\\hl2.exe"= UDP:c:\program files\steam\steamapps\shadowhunter1989\day of defeat source\hl2.exe:hl2
"UDP Query User{3667D59B-D848-4231-AB25-EB0CD3718D98}c:\\program files\\steam\\steamapps\\shadowhunter1989\\day of defeat source\\hl2.exe"= TCP:c:\program files\steam\steamapps\shadowhunter1989\day of defeat source\hl2.exe:hl2
"{B42F0EFB-E432-4EF9-A98E-601388E6C6A4}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{6CE028A1-B0B4-42DE-9BFB-2C7FD6FAD32B}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"TCP Query User{C11CA77A-6FC0-497D-B355-6D6F1A8734F2}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{514BF26F-83F5-438F-AA8D-F7BB5E3E0785}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{2D295FC3-BB19-4751-A037-543847669E9E}c:\\program files\\steam\\steamapps\\adam19894\\zombie panic! source\\hl2.exe"= UDP:c:\program files\steam\steamapps\adam19894\zombie panic! source\hl2.exe:hl2
"UDP Query User{972ED2A3-9022-46A0-AF02-EAFAE49018AC}c:\\program files\\steam\\steamapps\\adam19894\\zombie panic! source\\hl2.exe"= TCP:c:\program files\steam\steamapps\adam19894\zombie panic! source\hl2.exe:hl2
"TCP Query User{3CB9128B-B345-493F-BDBF-54DF022FB1AF}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{BA0E928B-03C5-40FF-925D-FBC26D7F665B}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{B6C59E01-5800-4336-93A8-0350544EA525}c:\\program files\\steam\\steamapps\\adam19894\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\adam19894\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{D07E4663-DDCD-4DEE-8DBC-0C66F36A1911}c:\\program files\\steam\\steamapps\\adam19894\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\adam19894\condition zero\hl.exe:Half-Life Launcher
"TCP Query User{816ECC20-DAA8-47CF-BF29-ABA148FA4867}c:\\program files\\steam\\steamapps\\adam19894\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\adam19894\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{D40CECCF-13A9-42A7-B4AF-0F8A66114A95}c:\\program files\\steam\\steamapps\\adam19894\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\adam19894\condition zero\hl.exe:Half-Life Launcher
"TCP Query User{470E22D4-06E1-48CD-9E39-3968B613463B}c:\\program files\\steam\\steamapps\\adam19894\\condition zero deleted scenes\\hl.exe"= UDP:c:\program files\steam\steamapps\adam19894\condition zero deleted scenes\hl.exe:Half-Life Launcher
"UDP Query User{424B924D-CC80-46E0-9C7A-2DB9F8D3C45C}c:\\program files\\steam\\steamapps\\adam19894\\condition zero deleted scenes\\hl.exe"= TCP:c:\program files\steam\steamapps\adam19894\condition zero deleted scenes\hl.exe:Half-Life Launcher
"TCP Query User{37617981-1816-4563-ACAF-5F57AA672497}c:\\program files\\steam\\steamapps\\adam19894\\counter-strike beta\\hl.exe"= UDP:c:\program files\steam\steamapps\adam19894\counter-strike beta\hl.exe:Half-Life Launcher
"UDP Query User{95CBFBA6-1BBA-42B1-A179-8E850082ABB8}c:\\program files\\steam\\steamapps\\adam19894\\counter-strike beta\\hl.exe"= TCP:c:\program files\steam\steamapps\adam19894\counter-strike beta\hl.exe:Half-Life Launcher
"TCP Query User{D79DC117-E9B5-4B14-AC3F-974585E709E8}c:\\program files\\steam\\steamapps\\adam19894\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\adam19894\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{7C47E839-2190-41C3-A273-129F4EE0FD97}c:\\program files\\steam\\steamapps\\adam19894\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\adam19894\counter-strike\hl.exe:Half-Life Launcher
"{64449C1F-4636-4074-A4ED-EBD07A81C054}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{91FE0993-60B9-48C2-AA0D-8255FE2CE712}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{BFD02325-9603-4938-B3AD-49EC417FF376}c:\\program files\\world of warcraft\\repair.exe"= UDP:c:\program files\world of warcraft\repair.exe:Blizzard Repair Utility
"UDP Query User{DD91F2C8-00F6-46EB-B321-AC20B7F9CA4E}c:\\program files\\world of warcraft\\repair.exe"= TCP:c:\program files\world of warcraft\repair.exe:Blizzard Repair Utility
"{B40DD8D5-35B1-4E7C-B9C6-D4D912432F0B}"= UDP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player 
"{688CF5A5-DC3B-474F-B968-3BA5EB410893}"= TCP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player 
"{E027EFA3-8E1E-4A21-9046-B14004B153ED}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{B456225C-89D2-4558-B419-210B0241A266}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"TCP Query User{BE052329-0987-44CF-B02F-6F2CDA58F847}c:\\users\\alex\\program files\\dna\\btdna.exe"= UDP:c:\users\alex\program files\dna\btdna.exe:btdna.exe
"UDP Query User{2427E519-1712-4930-A575-81105BEC6390}c:\\users\\alex\\program files\\dna\\btdna.exe"= TCP:c:\users\alex\program files\dna\btdna.exe:btdna.exe
"TCP Query User{BD4C97F2-807F-4AF3-A95F-A29EC4FB72EB}c:\\program files\\curse\\curseclient.exe"= UDP:c:\program files\curse\curseclient.exe:CurseClient
"UDP Query User{67AD5A9C-E359-49E1-9F0D-0230A0D63369}c:\\program files\\curse\\curseclient.exe"= TCP:c:\program files\curse\curseclient.exe:CurseClient
"{B3FB6012-C87D-41D1-B657-CB8CDAB20293}"= UDP:c:\program files\Curse\CurseClient.exe:Curse Client
"{FE17F6E4-12EC-496D-A634-849E85B6A0FA}"= TCP:c:\program files\Curse\CurseClient.exe:Curse Client
"{8C3ED538-99D6-4661-93BA-9661ED41EE03}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{F9CEA04A-2C0A-484D-88F4-27222FED99F5}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [13.08.2008 23:28 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [13.08.2008 23:28 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [13.08.2008 23:28 51792]
R2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe [07.11.2007 00:36 554352]
R2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [03.09.2006 11:32 208896]
R2 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [07.11.2007 00:28 198240]
R2 TeamViewer;TeamViewer 3;c:\program files\TeamViewer3\TeamViewer_Host.exe [20.06.2008 13:14 181544]
R3 cmudau32;C-Media USB UDA Sound Interface;c:\windows\System32\drivers\cmudaxu.sys [11.07.2009 11:54 1391040]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\System32\drivers\netr73.sys [26.02.2008 09:17 493568]
R3 PAC207;Trust WB-1400T Webcam;c:\windows\System32\drivers\PFC027.SYS [14.05.2007 10:26 508288]
S2 gupdate1c9ca04c94c1f2e;Google Update Service (gupdate1c9ca04c94c1f2e);c:\program files\Google\Update\GoogleUpdate.exe [01.05.2009 04:30 133104]
S2 IntelDHSvcConf;Intel DH Service;c:\program files\Intel\IntelDH\Intel Media Server\tools\IntelDHSvcConf.exe [10.05.2006 10:13 29696]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\drivers\ASPI32.SYS [30.11.2008 13:34 84832]
S3 avmeject;AVM Eject;c:\windows\System32\drivers\avmeject.sys [20.12.2007 01:04 4352]
S3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\System32\drivers\fwlanusb.sys [20.12.2007 01:04 265088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners

2009-07-11 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-02 02:29]

2009-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-01 02:30]

2009-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-01 02:30]

2009-07-09 c:\windows\Tasks\NeroLiveEpgUpdate-Alex-PC_Alex.job
- c:\program files\Nero\Nero 9\Nero Live\NeroLive.exe [2008-09-18 12:51]
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

HKCU-Run-LightScribe Control Panel - c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
HKLM-Run-CmUsbSound - cmcnfgu.cpl


.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=74&bd=Pavilion&pf=desktop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=74&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\vdvadogf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://aontacht-chaos.forencity.eu/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\programdata\NexonUS\NGM\npNxGameUS.dll
FF - plugin: c:\users\Alex\Program Files\DNA\plugins\npbtdna.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

---- FIREFOX Richtlinien ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota",      5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history",     true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata",    true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords",   false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads",   true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies",     true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache",       true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions",    true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history",                 true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata",                true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords",               false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads",               true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies",                 true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache",                   true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions",                true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps",             false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings",            false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs",    false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-11 17:14
Windows 6.0.6001 Service Pack 1 NTFS

Scanne versteckte Prozesse... 

Scanne versteckte Autostarteinträge... 

Scanne versteckte Dateien... 

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2009-07-11 17:15
ComboFix-quarantined-files.txt  2009-07-11 15:15

Vor Suchlauf: 12 Verzeichnis(se), 383.691.481.088 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 383.683.317.760 Bytes frei

401	--- E O F ---	2009-07-09 16:06