Aus Sicherheitsgründen wurde Ihr Windows-System blockiert...

mamt1982 · 21.12.2011, 22:13

Sorry...den dritten schritt verstehe ich nicht ganz.kannst du ihn mit bitte nochmal erklären.

Würde dich gern darum bitten,mir zu sagen,auf welchem stand wir uns gerade befinden und was die Konvertierung nun bringen soll.

Viele Grüße

cosinus · 21.12.2011, 22:21

Zitat:

kannst du ihn mit bitte nochmal erklären.

Was ist denn daran nicht zu verstehen? convert will die Bezeichnung vom Laufwerk wissen und die sieht man im Arbeitsplatz!

Zitat:

und was die Konvertierung nun bringen soll.

FAT32 ist ein Uralt-DOS Dateisystem und hat auf einer Systempartition (auf der wo Windows installiert ist) NICHTS verloren

mamt1982 · 21.12.2011, 22:27

Super..alles klar.danke!

mamt1982 · 22.12.2011, 00:04

so..erledigt.

warte auf weitere instruktionen

danke

cosinus · 22.12.2011, 10:37

Mach ein neues OTL Log

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

mamt1982 · 22.12.2011, 21:14

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 22.12.2011 20:59:21 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Dokumente und Einstellungen\Kiss\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1022,04 Mb Total Physical Memory | 531,23 Mb Available Physical Memory | 51,98% Memory free
2,40 Gb Paging File | 1,98 Gb Available in Paging File | 82,50% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 53,21 Gb Total Space | 13,20 Gb Free Space | 24,81% Space Free | Partition Type: NTFS
Drive D: | 53,70 Gb Total Space | 14,77 Gb Free Space | 27,50% Space Free | Partition Type: NTFS
 
Computer Name: JK | User Name: Kiss | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.12.22 20:56:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Kiss\Desktop\OTL.exe
PRC - [2011.12.21 18:06:14 | 000,500,224 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Dokumente und Einstellungen\Kiss\Lokale Einstellungen\temp\RtkBtMnt.exe
PRC - [2011.11.22 14:20:34 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.11.22 14:20:18 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.11.22 14:20:06 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.11.22 14:20:06 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2009.10.07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008.04.14 03:22:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.04.03 16:18:08 | 001,516,584 | ---- | M] (Cisco Systems, Inc.) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2006.05.09 11:54:26 | 000,352,256 | ---- | M] (Acer Incorporated) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2006.02.17 15:26:32 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
PRC - [2006.01.24 18:00:08 | 000,397,312 | ---- | M] (acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe
PRC - [2005.10.24 16:40:52 | 001,314,816 | ---- | M] (Avocent Inc.) -- C:\Acer\Empowering Technology\admServ.exe
PRC - [2003.06.20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.12.08 21:32:00 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_db202c66\mscorlib.dll
MOD - [2011.12.08 21:31:56 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_bf0e143b\system.drawing.dll
MOD - [2011.12.08 21:31:16 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_0cb47c7c\system.windows.forms.dll
MOD - [2011.12.08 21:30:38 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_f6eff8d4\system.dll
MOD - [2011.12.08 21:30:26 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2011.11.22 14:20:20 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011.02.04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2008.04.14 03:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.04.03 16:18:26 | 000,197,672 | ---- | M] () -- C:\WINDOWS\system32\vpnapi.dll
MOD - [2007.03.06 16:40:04 | 000,118,784 | ---- | M] () -- C:\Programme\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2006.01.20 15:56:00 | 000,208,896 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\DialogDLL.dll
MOD - [2006.01.20 15:56:00 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll
MOD - [2005.10.19 10:17:58 | 000,073,728 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\atiacmxx.dll
MOD - [2005.09.05 16:31:56 | 000,229,472 | ---- | M] () -- C:\Acer\Empowering Technology\NetMonitor.dll
MOD - [2005.08.03 22:32:08 | 000,125,440 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2003.06.14 19:40:18 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2003.06.14 19:40:18 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2003.06.14 19:39:36 | 000,233,472 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] --  -- (AviraUpgradeService)
SRV - [2011.11.22 14:20:18 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.11.22 14:20:06 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.10.07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007.04.03 16:18:08 | 001,516,584 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2007.02.08 16:13:46 | 000,212,480 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006.11.23 16:45:46 | 000,024,072 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2006.02.17 15:26:32 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005.11.14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005.10.24 16:40:52 | 001,314,816 | ---- | M] (Avocent Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\admServ.exe -- (AWService)
SRV - [2004.01.05 11:47:48 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)
SRV - [2003.07.28 13:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.06.20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.11.22 14:20:34 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.11.22 14:20:34 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.11.22 14:20:34 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.09.21 10:25:34 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2010.06.17 14:14:28 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.02.11 13:02:16 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009.10.07 10:49:50 | 000,023,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009.10.07 10:49:38 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam E3500(UVC)
DRV - [2009.10.07 10:47:54 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009.10.07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008.04.13 19:56:50 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008.04.13 19:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008.02.28 21:44:56 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007.06.02 18:07:58 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV07.sys -- (ACEDRV07)
DRV - [2007.04.27 04:01:34 | 002,203,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2007.04.03 16:17:08 | 000,306,295 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2007.02.21 12:16:12 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007.02.08 12:56:20 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sea1unic.sys -- (sea1unic) Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM)
DRV - [2007.02.08 12:56:06 | 000,086,432 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sea1obex.sys -- (sea1obex)
DRV - [2007.02.08 12:56:02 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sea1nd5.sys -- (sea1nd5) Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS)
DRV - [2007.02.08 12:56:00 | 000,088,624 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sea1mgmt.sys -- (sea1mgmt) Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM)
DRV - [2007.02.08 12:55:52 | 000,097,088 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sea1mdm.sys -- (sea1mdm)
DRV - [2007.02.08 12:55:50 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sea1mdfl.sys -- (sea1mdfl)
DRV - [2007.02.08 12:55:40 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sea1bus.sys -- (sea1bus) Sony Ericsson Device 0A1 driver (WDM)
DRV - [2007.01.31 13:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2007.01.18 14:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2007.01.14 01:01:10 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2006.05.03 21:50:54 | 001,522,688 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.04.05 23:20:44 | 004,258,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.01.23 12:41:04 | 000,078,208 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-shd.sys -- (EpmShd)
DRV - [2006.01.23 12:41:04 | 000,004,096 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-psd.sys -- (EpmPsd)
DRV - [2005.12.12 20:12:02 | 000,049,664 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2005.12.06 17:50:10 | 000,015,744 | ---- | M] (SMSC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidsmsc.sys -- (SMCB000)
DRV - [2005.11.30 05:28:58 | 001,088,896 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lv321av.sys -- (lv321av) Logitech USB PC Camera (VC0321)
DRV - [2005.11.30 05:25:06 | 000,039,424 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2005.11.26 16:36:08 | 001,427,968 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2005.11.08 00:12:18 | 000,997,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005.11.08 00:11:34 | 000,202,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005.11.08 00:11:30 | 000,723,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005.11.03 15:40:08 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.10.15 18:20:44 | 000,012,106 | ---- | M] (OSA Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OsaFsLoc.sys -- (OsaFsLoc)
DRV - [2005.09.13 15:34:40 | 000,004,392 | ---- | M] (OSA Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NdisFilt.sys -- (NdisFilt)
DRV - [2005.08.25 20:10:02 | 000,509,312 | ---- | M] (AVerMedia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVerE506.sys -- (AVerE506)
DRV - [2005.08.24 07:07:24 | 000,692,992 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVerM115.sys -- (AVerM115)
DRV - [2005.08.10 13:44:06 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.06.30 16:58:24 | 000,007,296 | ---- | M] (OSA Technologies, An Avocent Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osaio.sys -- (osaio)
DRV - [2005.06.22 18:16:08 | 000,162,176 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005.05.16 14:20:40 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.05.02 12:13:42 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETMNT.sys -- (NETMNT)
DRV - [2005.04.05 01:38:32 | 000,132,352 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005.02.11 11:24:24 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2005.02.11 11:22:48 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005.02.11 11:21:10 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005.02.11 11:21:02 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005.02.11 11:19:20 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2005.01.14 15:57:16 | 000,004,010 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osanbm.sys -- (osanbm)
DRV - [2005.01.13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys)
DRV - [2004.12.09 14:54:12 | 000,046,592 | ---- | M] (SMSC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2004.08.10 20:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004.08.10 20:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 E0 BB 44 03 C0 CC 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=de"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.3
FF - prefs.js..extensions.enabledItems: videofinder@veoh.com:1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohPlayer: C:\Programme\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll (Veoh Networks Inc)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2007.01.14 13:04:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2007.01.14 13:04:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\videofinder@veoh.com: C:\Programme\Veoh Networks\Veoh\Plugins\noreg\VideoFinder4 [2008.08.10 00:10:04 | 000,000,000 | ---D | M]
 
[2008.06.30 08:35:06 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Extensions
[2007.01.14 13:05:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla\Firefox\Profiles\ov2d0eu9.default\extensions
[2007.01.14 13:04:44 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.11.08 18:26:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\KISS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\OV2D0EU9.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\KISS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\OV2D0EU9.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\KISS\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\OV2D0EU9.DEFAULT\EXTENSIONS\UNPLUG@COMPUNACH.XPI
[2011.03.23 16:11:00 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.12.08 17:39:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.11.09 22:41:22 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.06 11:50:18 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.06 11:50:18 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2011.10.06 11:50:18 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.06 11:50:18 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.06 11:50:18 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.06 11:50:18 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.12.19 20:32:38 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Veoh Browser Plug-in) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Programme\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Incorporated)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VPN Client.lnk = C:\WINDOWS\Installer\{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}\Icon3E5562ED7.ico ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: iOpus iMacros - {0483894E-2422-45E0-8384-021AFF1AF3CD} - C:\Programme\iMacros\imacros.dll (iOpus Software GmbH)
O9 - Extra 'Tools' menuitem : iMacros Web Automation - {0483894E-2422-45E0-8384-021AFF1AF3CD} - Reg Error: Value error. File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A43C6FA-536F-4D6B-9BF4-3F137FEF8627}: NameServer = 134.245.1.36,134.245.10.7
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Programme\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Kiss\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Kiss\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - Services: "wuauserv"
MsConfig - Services: "SharedAccess"
MsConfig - Services: "wscsvc"
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^Kiss^Startmenü^Programme^Autostart^PowerReg Scheduler.exe -  - File not found
MsConfig - StartUpReg: Acer ePower Management - hkey= - key= - C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe (Acer Value Labs, Taiwan)
MsConfig - StartUpReg: ADMTray.exe - hkey= - key= - C:\Acer\Empowering Technology\admtray.exe (Avocent Inc.)
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: ATICCC - hkey= - key= - C:\Programme\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
MsConfig - StartUpReg: AzMixerSel - hkey= - key= - C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: DAEMON Tools Pro Agent - hkey= - key= - C:\Programme\DAEMON Tools Pro\DTProAgent.exe (DT Soft Ltd.)
MsConfig - StartUpReg: ePower_DMC - hkey= - key= - C:\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Incorporated)
MsConfig - StartUpReg: eRecoveryService - hkey= - key= - C:\Acer\Empowering Technology\eRecovery\Monitor.exe (acer Inc.)
MsConfig - StartUpReg: LogitechQuickCamRibbon - hkey= - key= - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
MsConfig - StartUpReg: ntiMUI - hkey= - key= - C:\Programme\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe ()
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Programme\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
MsConfig - StartUpReg: SynTPLpr - hkey= - key= - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} - Microsoft .NET Framework 1.0 Hotfix (KB887998)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904)
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4F00D11B-8327-4C55-B7DA-B8D8C10F28A8} - Microsoft .NET Framework 1.0 Hotfix (KB2572066)
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295)
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3
ActiveX: {EFCE7BE0-510E-4932-9475-F44CD90DE16A} - Microsoft .NET Framework 1.1 Security Update (KB2572067)
ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: KB910393 - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.VP62 - C:\WINDOWS\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.22 20:56:51 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Kiss\Desktop\OTL.exe
[2011.12.22 20:51:09 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.12.21 18:08:56 | 000,000,000 | -HSD | C] -- C:\Recycled
[2011.12.21 17:39:31 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011.12.21 16:07:32 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.12.21 16:05:36 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.12.21 16:05:35 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.12.21 16:05:35 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.12.21 16:05:35 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.12.20 16:30:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.12.20 16:27:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.12.19 20:49:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\QuickTime
[2011.12.19 20:48:52 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Apple
[2011.12.19 20:48:38 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update
[2011.12.19 20:31:12 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.12.15 20:28:25 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2011.12.15 19:29:43 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2011.12.15 18:42:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Malwarebytes
[2011.12.15 18:39:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2011.12.15 18:39:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2011.12.15 18:39:01 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.12.15 18:38:59 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.12.11 15:21:42 | 000,021,992 | ---- | C] (CPUID) -- C:\WINDOWS\System32\drivers\cpuz135_x32.sys
[2011.12.11 15:21:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CPUID
[2011.12.11 15:21:41 | 000,000,000 | ---D | C] -- C:\Programme\CPUID
[2011.12.08 20:39:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Avira
[2011.12.08 20:28:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
[2011.12.08 20:27:54 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011.12.08 20:27:51 | 000,134,856 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011.12.08 20:27:51 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011.12.08 20:27:51 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2011.12.08 20:27:50 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2011.12.08 20:27:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2011.12.08 19:30:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011.12.08 18:46:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2011.12.08 18:08:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011.12.08 18:08:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de
[2011.12.08 18:08:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011.12.08 18:01:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011.12.08 17:54:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011.12.08 17:36:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011.12.08 17:36:43 | 000,000,000 | ---D | C] -- C:\Programme\MSBuild
[2011.12.08 17:36:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2011.12.08 17:36:29 | 000,000,000 | ---D | C] -- C:\Programme\Reference Assemblies
[2011.12.08 17:15:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011.12.08 17:14:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2011.12.08 16:47:43 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 6.0
[2011.12.08 16:41:44 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0
[2011.12.01 00:32:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Kiss\Desktop\nightchords
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.22 20:56:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Kiss\Desktop\OTL.exe
[2011.12.22 20:52:35 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\eRLog.ini
[2011.12.22 20:51:20 | 000,002,423 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VPN Client.lnk
[2011.12.22 20:50:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.12.22 20:50:23 | 1071,763,456 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.21 18:03:38 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2011.12.21 16:51:32 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.12.21 15:59:12 | 000,000,209 | ---- | M] () -- C:\Boot.bak
[2011.12.20 22:40:48 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.12.15 20:15:06 | 000,465,722 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011.12.15 20:15:06 | 000,446,794 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.12.15 20:15:06 | 000,087,530 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011.12.15 20:15:06 | 000,073,808 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.12.15 17:34:42 | 000,372,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.12.15 12:02:42 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.12.10 21:32:04 | 000,011,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Kiss\Desktop\max 05.03. 2011.jpg
[2011.12.10 09:32:36 | 000,002,241 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2011.12.09 17:19:40 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job
[2011.12.08 18:00:46 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2011.12.06 17:48:06 | 000,116,736 | ---- | M] () -- C:\Dokumente und Einstellungen\Kiss\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.29 01:04:48 | 000,014,599 | ---- | M] () -- C:\Dokumente und Einstellungen\Kiss\Desktop\12.Texto_9._Ejercicio_6.pdf
[2011.11.29 01:04:00 | 000,012,839 | ---- | M] () -- C:\Dokumente und Einstellungen\Kiss\Desktop\13._DEBERES_-_Texto_10.pdf
 
========== Files Created - No Company Name ==========
 
[2011.12.21 16:07:38 | 000,000,209 | ---- | C] () -- C:\Boot.bak
[2011.12.21 16:07:35 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2011.12.21 16:05:36 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.12.21 16:05:35 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.12.21 16:05:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.12.21 16:05:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.12.21 16:05:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.12.19 20:48:41 | 000,001,830 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Apple Software Update.lnk
[2011.12.15 20:10:26 | 1071,763,456 | -HS- | C] () -- C:\hiberfil.sys
[2011.12.10 21:32:03 | 000,011,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Kiss\Desktop\max 05.03. 2011.jpg
[2011.12.08 17:44:11 | 000,001,950 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2011.12.08 17:43:43 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2011.12.08 17:43:39 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2011.12.08 17:43:39 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2011.11.29 01:04:46 | 000,014,599 | ---- | C] () -- C:\Dokumente und Einstellungen\Kiss\Desktop\12.Texto_9._Ejercicio_6.pdf
[2011.11.29 01:03:53 | 000,012,839 | ---- | C] () -- C:\Dokumente und Einstellungen\Kiss\Desktop\13._DEBERES_-_Texto_10.pdf
[2011.01.10 13:46:18 | 000,081,876 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.09.16 20:53:38 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.10.07 01:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009.10.07 01:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2008.09.07 16:20:09 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2008.08.10 21:47:39 | 000,038,879 | ---- | C] () -- C:\WINDOWS\hpomdl03.dat.temp
[2008.08.10 21:47:39 | 000,029,432 | ---- | C] () -- C:\WINDOWS\hpoins03.dat.temp
[2008.07.14 19:17:40 | 000,000,316 | ---- | C] () -- C:\WINDOWS\Sampler.INI
[2008.07.14 19:17:39 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Robota.INI
[2008.07.14 19:17:38 | 000,000,316 | ---- | C] () -- C:\WINDOWS\BeatBox.INI
[2008.07.13 01:12:52 | 000,502,784 | ---- | C] () -- C:\WINDOWS\x2.64.exe
[2008.07.13 01:12:52 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\x.264.exe
[2008.07.13 01:12:52 | 000,217,073 | ---- | C] () -- C:\WINDOWS\meta4.exe
[2008.07.13 01:12:52 | 000,066,560 | ---- | C] () -- C:\WINDOWS\MOTA113.exe
[2008.07.13 01:12:52 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008.06.15 16:55:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\KTEL.INI
[2008.06.11 02:07:20 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.05.23 00:18:54 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008.03.26 19:43:46 | 000,000,075 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2008.03.24 17:21:31 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2008.03.11 15:27:51 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2008.03.10 19:53:37 | 000,000,551 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2008.02.28 22:49:34 | 000,000,540 | ---- | C] () -- C:\WINDOWS\Tcsofla.ini
[2008.02.28 21:48:47 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008.02.28 02:17:51 | 000,245,112 | ---- | C] () -- C:\WINDOWS\System32\iimds.dll
[2008.02.28 02:17:51 | 000,232,824 | ---- | C] () -- C:\WINDOWS\System32\IMImage.dll
[2008.02.28 02:17:51 | 000,056,696 | ---- | C] () -- C:\WINDOWS\System32\imsys.dll
[2007.12.23 14:50:39 | 001,355,903 | ---- | C] () -- C:\WINDOWS\UnInstallSiemensAdsl.dll
[2007.11.27 14:56:06 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ezsid.dat
[2007.11.11 14:57:54 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2007.10.24 13:05:43 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.08.23 14:01:41 | 000,000,145 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2007.08.23 13:34:39 | 000,002,890 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.07.19 13:27:24 | 000,029,432 | ---- | C] () -- C:\WINDOWS\hpoins03.dat
[2007.07.19 13:27:18 | 000,038,879 | ---- | C] () -- C:\WINDOWS\hpomdl03.dat
[2007.07.11 17:44:00 | 000,000,046 | ---- | C] () -- C:\WINDOWS\mxcdr.INI
[2007.06.15 21:31:58 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007.06.02 18:12:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MusicStudio.INI
[2007.06.02 18:03:42 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\mgxasio2.dll
[2007.05.26 14:47:50 | 000,000,197 | ---- | C] () -- C:\WINDOWS\musicmaker.INI
[2007.05.26 14:36:15 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\mgxasio.dll
[2007.05.10 22:45:16 | 000,000,102 | ---- | C] () -- C:\WINDOWS\muma7dlx.INI
[2007.05.10 22:44:44 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007.05.10 22:43:43 | 000,000,036 | ---- | C] () -- C:\WINDOWS\magix.ini
[2007.05.10 22:33:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hiphopmaker.INI
[2007.05.10 22:29:48 | 000,001,188 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2007.04.03 16:18:26 | 000,197,672 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2007.04.03 16:18:06 | 000,193,576 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2007.03.05 19:20:33 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.02.25 12:23:17 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2007.02.23 17:02:18 | 000,000,122 | ---- | C] () -- C:\WINDOWS\telephon.ini
[2007.02.23 17:02:18 | 000,000,055 | ---- | C] () -- C:\WINDOWS\comundo.dat
[2007.01.30 22:32:00 | 000,002,064 | ---- | C] () -- C:\WINDOWS\LNL_DEV.bin
[2007.01.30 22:32:00 | 000,000,419 | ---- | C] () -- C:\WINDOWS\hardware.ini
[2007.01.27 19:11:48 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2007.01.27 18:59:21 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2007.01.14 15:15:35 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.01.14 13:04:42 | 000,003,826 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007.01.14 06:33:28 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007.01.14 01:01:08 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2007.01.14 00:49:11 | 000,116,736 | ---- | C] () -- C:\Dokumente und Einstellungen\Kiss\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.01.14 00:06:11 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini
[2007.01.13 23:59:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MCE.INI
[2007.01.13 23:50:48 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\Kiss\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2007.01.12 16:48:16 | 000,071,208 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007.01.05 22:23:06 | 000,058,920 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.01.05 22:23:06 | 000,058,920 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.01.05 22:23:04 | 000,058,920 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.01.05 22:23:04 | 000,058,920 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.01.05 22:23:02 | 000,058,920 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.01.05 22:23:02 | 000,058,920 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.01.05 22:23:02 | 000,058,920 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.01.05 22:23:02 | 000,058,920 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.01.05 22:23:02 | 000,058,920 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.11.26 03:05:27 | 000,159,821 | ---- | C] () -- C:\WINDOWS\EMEAPAGE.EXE
[2006.11.26 03:05:27 | 000,000,084 | ---- | C] () -- C:\WINDOWS\EMEAPAGE.INI
[2005.12.22 02:44:30 | 000,121,995 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005.12.14 20:59:52 | 000,000,038 | ---- | C] () -- C:\WINDOWS\Acer.ini
[2005.11.30 04:48:46 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2005.10.31 03:17:38 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005.10.25 23:59:46 | 000,037,774 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005.08.05 14:26:04 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2005.07.15 01:48:00 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2005.05.02 12:13:42 | 000,009,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\NETMNT.sys
[2005.03.28 00:45:26 | 000,000,093 | ---- | C] () -- C:\WINDOWS\alaunch.ini
[2004.12.17 01:14:44 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2004.08.10 20:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.10 20:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.10 20:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004.08.10 20:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.08.10 20:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.10 20:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004.08.10 20:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.10 20:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.10 20:00:00 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004.08.10 20:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004.08.10 20:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004.01.13 03:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2004.01.05 11:47:52 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2003.09.26 01:58:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2003.09.26 01:49:20 | 000,465,722 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2003.09.26 01:49:20 | 000,446,794 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003.09.26 01:49:20 | 000,087,530 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2003.09.26 01:49:20 | 000,073,808 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003.09.26 00:54:58 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2003.09.26 00:53:56 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2003.09.26 00:53:56 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2003.09.26 00:53:56 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2003.09.26 00:53:56 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2003.06.14 21:06:38 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2003.06.14 19:53:46 | 000,372,872 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003.06.14 04:46:36 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003.06.14 03:58:36 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003.06.14 03:55:14 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2003.02.26 19:07:20 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2003.02.20 14:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.05.24 01:34:46 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe
[2001.12.26 15:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001.09.03 22:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001.08.26 02:04:08 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.08.26 02:02:42 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.07.30 15:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001.07.23 21:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
 
========== LOP Check ==========
 
[2003.09.26 00:50:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acer
[2008.02.26 23:51:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Azureus
[2011.05.29 05:18:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Easybits GO
[2009.08.10 18:45:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2007.12.31 02:29:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Insight Software
[2007.12.31 02:29:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Insight Software Solutions
[2007.06.02 18:05:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2008.01.04 03:42:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MailFrontier
[2008.08.05 20:32:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MP3Find
[2008.03.14 12:27:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NexonUS
[2008.02.07 19:18:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia
[2008.02.07 19:18:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2007.02.21 21:49:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2003.06.14 21:07:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2011.01.10 13:38:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2008.01.02 03:10:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\.ABC
[2003.09.26 00:51:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Acer
[2008.02.26 23:48:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Azureus
[2007.11.24 14:37:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\BitTorrent
[2008.03.24 17:21:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\concept design
[2008.02.28 21:50:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\DAEMON Tools Pro
[2011.05.29 05:18:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\go
[2007.02.23 16:54:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\ICQLite
[2007.01.14 13:41:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Leadertech
[2007.01.27 20:11:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\LimeWire
[2007.05.10 22:38:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\MAGIX
[2007.01.21 07:26:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\My Battle for Middle-earth Files
[2008.02.07 19:18:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Nokia
[2008.02.07 19:46:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Nokia Multimedia Player
[2008.02.07 19:35:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\NSeries
[2008.03.09 23:00:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\OtakuSoftware
[2007.11.20 17:25:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Participatory Culture Foundation
[2008.02.07 19:16:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\PC Suite
[2008.07.04 17:52:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\QIP
[2008.06.15 16:55:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\rondomedia
[2008.03.10 21:06:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Soldat
[2008.03.10 14:10:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Teleca
[2007.08.13 14:19:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\TMNT
[2007.02.21 21:49:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\TuneUp Software
[2011.12.09 17:19:40 | 000,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\1-Klick-Wartung.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
[2008.02.28 21:49:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Application Data\DAEMON Tools Pro
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2008.01.02 03:10:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\.ABC
[2008.03.03 16:36:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\ABBYY
[2003.09.26 00:51:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Acer
[2007.01.14 15:32:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Adobe
[2007.01.14 18:46:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\AdobeUM
[2007.03.03 16:06:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Ahead
[2003.06.14 21:07:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\AOL
[2011.01.10 13:39:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Apple Computer
[2007.01.13 23:57:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\ATI
[2011.12.08 20:39:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Avira
[2008.02.26 23:48:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Azureus
[2007.11.24 14:37:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\BitTorrent
[2008.03.24 17:21:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\concept design
[2007.01.14 00:50:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\CyberLink
[2008.02.28 21:50:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\DAEMON Tools Pro
[2007.01.14 19:03:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\DivX
[2007.02.12 21:05:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\DVD Shrink
[2007.01.24 17:56:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\dvdcss
[2011.05.29 05:18:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\go
[2007.10.31 13:18:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Google
[2007.02.23 16:54:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\ICQLite
[2003.06.14 04:09:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Identities
[2008.09.23 17:34:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\InstallShield
[2007.11.06 14:18:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Intel
[2007.01.14 13:41:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Leadertech
[2007.01.27 20:11:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\LimeWire
[2007.01.13 23:51:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Macromedia
[2007.05.10 22:38:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\MAGIX
[2011.12.15 18:42:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Malwarebytes
[2003.06.14 03:47:10 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Microsoft
[2007.01.14 13:04:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Mozilla
[2007.01.21 07:26:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\My Battle for Middle-earth Files
[2008.02.07 19:18:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Nokia
[2008.02.07 19:46:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Nokia Multimedia Player
[2008.02.07 19:35:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\NSeries
[2008.03.09 23:00:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\OtakuSoftware
[2007.11.20 17:25:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Participatory Culture Foundation
[2008.02.07 19:16:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\PC Suite
[2008.07.04 17:52:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\QIP
[2007.10.24 13:03:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Real
[2008.06.15 16:55:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\rondomedia
[2007.02.15 22:32:46 | 000,000,000 | RH-D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\SecuROM
[2010.09.16 20:50:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Skype
[2007.11.27 14:56:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\skypePM
[2008.03.10 21:06:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Soldat
[2008.03.10 14:09:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Sony Ericsson
[2007.08.27 18:19:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Sun
[2007.01.14 13:05:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Talkback
[2007.03.20 19:20:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\teamspeak2
[2008.03.10 14:10:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Teleca
[2007.08.13 14:19:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\TMNT
[2007.02.21 21:49:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\TuneUp Software
[2011.03.22 10:30:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\vlc
[2008.03.24 16:40:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\WinRAR
[2003.06.14 21:07:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\You've Got Pictures Screensaver
 
< %APPDATA%\*.exe /s >
[2008.02.26 23:53:30 | 005,456,862 | ---- | M] () -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Azureus\plugins\azemp\azmplay.exe
[2007.12.14 19:04:24 | 003,381,280 | ---- | M] (Lime Wire LLC) -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\LimeWire\.NetworkShare\Incomplete\T-3381280-LimeWireWin4.14.12.exe
[2008.02.21 08:41:50 | 000,329,264 | ---- | M] (RealNetworks, Inc.) -- C:\Dokumente und Einstellungen\Kiss\Anwendungsdaten\Real\RealPlayer\Update\RealPlayer11GOLD.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2004.08.10 20:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2011.12.08 17:54:28 | 023,898,261 | ---- | M] () .cab file -- C:\i386\sp3.cab:AGP440.sys
[2004.08.10 20:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011.12.08 17:54:28 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2011.12.08 17:54:28 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.10 20:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2011.12.08 17:54:28 | 023,898,261 | ---- | M] () .cab file -- C:\i386\sp3.cab:atapi.sys
[2004.08.10 20:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011.12.08 17:54:28 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2011.12.08 17:54:28 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.10 20:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.10 20:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 03:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 03:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 03:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\eventlog.dll
[2008.04.14 03:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.10 20:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 03:22:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 03:22:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 03:22:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\netlogon.dll
[2008.04.14 03:22:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.10 20:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtUninstallKB968389_0$\netlogon.dll
[2009.02.06 19:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009.02.06 19:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtUninstallKB975467_0$\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 03:22:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 03:22:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 03:22:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\scecli.dll
[2008.04.14 03:22:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.10 20:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2005.03.02 19:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2005.03.02 19:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
[2004.08.10 20:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtUninstallKB890859$\user32.dll
[2008.04.14 03:22:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ERDNT\cache\user32.dll
[2008.04.14 03:22:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 03:22:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\user32.dll
[2008.04.14 03:22:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 03:23:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 03:23:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 03:23:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\userinit.exe
[2008.04.14 03:23:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.10 20:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.10 20:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 03:23:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 03:23:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 03:23:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\winlogon.exe
[2008.04.14 03:23:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.10 20:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.10 20:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2007.01.14 01:01:10 | 000,223,128 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dtscsi.sys
[2008.02.28 21:44:56 | 000,685,816 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
 
< %systemroot%\System32\config\*.sav >
[2003.06.14 03:46:28 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2003.06.14 03:46:28 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2003.06.14 03:46:28 | 000,446,464 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >

--- --- ---

cosinus · 22.12.2011, 22:23

Ok. Alles NTFS nun

Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

mamt1982 · 23.12.2011, 12:44

gmer:

GMER Logfile:

Code:

ATTFilter

GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2011-12-23 00:01:58
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST9120821AS rev.3.06
Running: edsj8bod.exe; Driver: C:\DOKUME~1\Kiss\LOKALE~1\Temp\ugldypob.sys


---- System - GMER 1.0.15 ----

SSDT                                                                      F7C506FC                                                                                                             ZwClose
SSDT                                                                      F7C506B6                                                                                                             ZwCreateKey
SSDT                                                                      F7C50706                                                                                                             ZwCreateSection
SSDT                                                                      F7C506AC                                                                                                             ZwCreateThread
SSDT                                                                      F7C506BB                                                                                                             ZwDeleteKey
SSDT                                                                      F7C506C5                                                                                                             ZwDeleteValueKey
SSDT                                                                      F7C506F7                                                                                                             ZwDuplicateObject
SSDT                                                                      sptd.sys                                                                                                             ZwEnumerateKey [0xF73ADFB2]
SSDT                                                                      sptd.sys                                                                                                             ZwEnumerateValueKey [0xF73AE340]
SSDT                                                                      F7C506CA                                                                                                             ZwLoadKey
SSDT                                                                      sptd.sys                                                                                                             ZwOpenKey [0xF73A80B0]
SSDT                                                                      F7C50698                                                                                                             ZwOpenProcess
SSDT                                                                      F7C5069D                                                                                                             ZwOpenThread
SSDT                                                                      sptd.sys                                                                                                             ZwQueryKey [0xF73AE418]
SSDT                                                                      F7C5071F                                                                                                             ZwQueryValueKey
SSDT                                                                      F7C506D4                                                                                                             ZwReplaceKey
SSDT                                                                      F7C50710                                                                                                             ZwRequestWaitReplyPort
SSDT                                                                      F7C506CF                                                                                                             ZwRestoreKey
SSDT                                                                      F7C5070B                                                                                                             ZwSetContextThread
SSDT                                                                      F7C50715                                                                                                             ZwSetSecurityObject
SSDT                                                                      F7C506C0                                                                                                             ZwSetValueKey
SSDT                                                                      F7C5071A                                                                                                             ZwSystemDebugControl
SSDT                                                                      F7C506A7                                                                                                             ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

?                                                                         C:\WINDOWS\system32\drivers\sptd.sys                                                                                 Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
.sfrelocÿÿÿÿsfsync04unknown last section [0xF734E000, 0xBC8, 0x40000040]  C:\WINDOWS\system32\drivers\sfsync04.sys                                                                             unknown last section [0xF734E000, 0xBC8, 0x40000040]
.text                                                                     USBPORT.SYS!DllUnload                                                                                                F6BD78AC 5 Bytes  JMP 86F833F0 
init                                                                      C:\WINDOWS\system32\drivers\tifm21.sys                                                                               entry point in "init" section [0xF6BBBDBF]
?                                                                         System32\Drivers\akurztyh.SYS                                                                                        Das System kann den angegebenen Pfad nicht finden. !
.text                                                                     dtscsi.sys!A0DB34FC6FE35D429A28ADDE5467D4D7                                                                          F69F44D0 22 Bytes  [5C, 68, 6D, D2, 7A, 6B, 8C, ...]
.text                                                                     dtscsi.sys!A0DB34FC6FE35D429A28ADDE5467D4D7 + 17                                                                     F69F44E7 25 Bytes  CALL AEFECC08 
?                                                                         C:\WINDOWS\System32\Drivers\dtscsi.sys                                                                               Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
.text                                                                     C:\WINDOWS\system32\drivers\ACEDRV07.sys                                                                             section is writeable [0xEBCFE000, 0x328BA, 0xE8000020]
.pklstb                                                                   C:\WINDOWS\system32\drivers\ACEDRV07.sys                                                                             entry point in ".pklstb" section [0xEBD42000]
.relo2                                                                    C:\WINDOWS\system32\drivers\ACEDRV07.sys                                                                             unknown last section [0xEBD5E000, 0x8E, 0x42000040]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT                                                                       atapi.sys[HAL.dll!READ_PORT_UCHAR]                                                                                   [F73A8AD4] sptd.sys
IAT                                                                       atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT]                                                                           [F73A8C1A] sptd.sys
IAT                                                                       atapi.sys[HAL.dll!READ_PORT_USHORT]                                                                                  [F73A8B9C] sptd.sys
IAT                                                                       atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT]                                                                          [F73A9748] sptd.sys
IAT                                                                       atapi.sys[HAL.dll!WRITE_PORT_UCHAR]                                                                                  [F73A961E] sptd.sys
IAT                                                                       \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR]                                                   [F73BE29A] sptd.sys

---- User IAT/EAT - GMER 1.0.15 ----

IAT                                                                       C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                            [00F02F20] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT                                                                       C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                   [00F02C90] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT                                                                       C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                 [00F02CF0] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT                                                                       C:\WINDOWS\Explorer.EXE[1196] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                       [00F02CC0] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)

---- Devices - GMER 1.0.15 ----

Device                                                                    \FileSystem\Ntfs \Ntfs                                                                                               871391E8

AttachedDevice                                                            \FileSystem\Ntfs \Ntfs                                                                                               OsaFsLoc.sys (Filesystem Lock driver/OSA Technologies)

Device                                                                    \FileSystem\Fastfat \FatCdrom                                                                                        8525A1E8
Device                                                                    \Driver\PCI_NTPNP1352 \Device\0000009d                                                                               sptd.sys

AttachedDevice                                                            \Driver\Kbdclass \Device\KeyboardClass0                                                                              SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device                                                                    \Driver\PCI_NTPNP1352 \Device\0000009e                                                                               sptd.sys

AttachedDevice                                                            \Driver\Kbdclass \Device\KeyboardClass1                                                                              SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device                                                                    \Driver\NetBT \Device\NetBT_Tcpip_{D862162E-0BE6-47B3-A429-571740C33C85}                                             86A1E1E8
Device                                                                    \Driver\usbuhci \Device\USBPDO-0                                                                                     870D4410
Device                                                                    \Driver\usbuhci \Device\USBPDO-1                                                                                     870D4410
Device                                                                    \Driver\usbuhci \Device\USBPDO-2                                                                                     870D4410
Device                                                                    \Driver\usbuhci \Device\USBPDO-3                                                                                     870D4410
Device                                                                    \Driver\usbehci \Device\USBPDO-4                                                                                     86F735D0
Device                                                                    \Driver\Ftdisk \Device\HarddiskVolume1                                                                               871571E8
Device                                                                    \Driver\Ftdisk \Device\HarddiskVolume2                                                                               871571E8
Device                                                                    \Driver\Cdrom \Device\CdRom0                                                                                         OsaFsLoc.sys (Filesystem Lock driver/OSA Technologies)
Device                                                                    \Driver\Cdrom \Device\CdRom0                                                                                         86F72418
Device                                                                    \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3                                                                          [F72F1B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device                                                                    \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3                                                                          sfsync04.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device                                                                    \Driver\atapi \Device\Ide\IdePort0                                                                                   [F72F1B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device                                                                    \Driver\atapi \Device\Ide\IdePort0                                                                                   sfsync04.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device                                                                    \Driver\atapi \Device\Ide\IdePort1                                                                                   [F72F1B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device                                                                    \Driver\atapi \Device\Ide\IdePort1                                                                                   sfsync04.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device                                                                    \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e                                                                          [F72F1B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device                                                                    \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e                                                                          sfsync04.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device                                                                    \Driver\Ftdisk \Device\HarddiskVolume3                                                                               871571E8
Device                                                                    \Driver\Cdrom \Device\CdRom1                                                                                         OsaFsLoc.sys (Filesystem Lock driver/OSA Technologies)
Device                                                                    \Driver\Cdrom \Device\CdRom1                                                                                         86F72418
Device                                                                    \Driver\Cdrom \Device\CdRom2                                                                                         OsaFsLoc.sys (Filesystem Lock driver/OSA Technologies)
Device                                                                    \Driver\Cdrom \Device\CdRom2                                                                                         86F72418
Device                                                                    \Driver\Cdrom \Device\CdRom3                                                                                         OsaFsLoc.sys (Filesystem Lock driver/OSA Technologies)
Device                                                                    \Driver\Cdrom \Device\CdRom3                                                                                         86F72418
Device                                                                    \Driver\Cdrom \Device\CdRom4                                                                                         OsaFsLoc.sys (Filesystem Lock driver/OSA Technologies)
Device                                                                    \Driver\Cdrom \Device\CdRom4                                                                                         86F72418
Device                                                                    \Driver\Cdrom \Device\CdRom5                                                                                         OsaFsLoc.sys (Filesystem Lock driver/OSA Technologies)
Device                                                                    \Driver\Cdrom \Device\CdRom5                                                                                         86F72418
Device                                                                    \Driver\NetBT \Device\NetBt_Wins_Export                                                                              86A1E1E8
Device                                                                    \Driver\NetBT \Device\NetBT_Tcpip_{1A43C6FA-536F-4D6B-9BF4-3F137FEF8627}                                             86A1E1E8
Device                                                                    \Driver\NetBT \Device\NetbiosSmb                                                                                     86A1E1E8
Device                                                                    \Driver\usbuhci \Device\USBFDO-0                                                                                     870D4410
Device                                                                    \Driver\usbuhci \Device\USBFDO-1                                                                                     870D4410
Device                                                                    \FileSystem\MRxSmb \Device\LanmanDatagramReceiver                                                                    853351E8
Device                                                                    \Driver\usbuhci \Device\USBFDO-2                                                                                     870D4410
Device                                                                    \FileSystem\MRxSmb \Device\LanmanRedirector                                                                          853351E8
Device                                                                    \Driver\usbuhci \Device\USBFDO-3                                                                                     870D4410
Device                                                                    \Driver\Ftdisk \Device\FtControl                                                                                     871571E8
Device                                                                    \Driver\usbehci \Device\USBFDO-4                                                                                     86F735D0
Device                                                                    \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target1Lun0                                                             86EF51E8
Device                                                                    \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target1Lun0                                                             sfsync04.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device                                                                    \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0                                                             86EF51E8
Device                                                                    \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0                                                             sfsync04.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device                                                                    \Driver\akurztyh \Device\Scsi\akurztyh1Port3Path0Target0Lun0                                                         86F3B790
Device                                                                    \Driver\akurztyh \Device\Scsi\akurztyh1Port3Path0Target0Lun0                                                         sfsync04.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device                                                                    \Driver\akurztyh \Device\Scsi\akurztyh1                                                                              86F3B790
Device                                                                    \Driver\akurztyh \Device\Scsi\akurztyh1                                                                              sfsync04.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device                                                                    \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target2Lun0                                                             86EF51E8
Device                                                                    \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target2Lun0                                                             sfsync04.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device                                                                    \Driver\dtscsi \Device\Scsi\dtscsi1                                                                                  86EF51E8
Device                                                                    \Driver\dtscsi \Device\Scsi\dtscsi1                                                                                  sfsync04.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device                                                                    \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target3Lun0                                                             86EF51E8
Device                                                                    \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target3Lun0                                                             sfsync04.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device                                                                    \FileSystem\Fastfat \Fat                                                                                             8525A1E8

AttachedDevice                                                            \FileSystem\Fastfat \Fat                                                                                             OsaFsLoc.sys (Filesystem Lock driver/OSA Technologies)
AttachedDevice                                                            \FileSystem\Fastfat \Fat                                                                                             fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device                                                                    \FileSystem\Cdfs \Cdfs                                                                                               86A1D1E8

---- Registry - GMER 1.0.15 ----

Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1                                                                   -1020143404
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2                                                                   1284206259
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0                                                                   2
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                     
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                  C:\Programme\DAEMON Tools Pro\
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                  1
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                               0x9A 0xC6 0x16 0x0C ...
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                            
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                         0x20 0x01 0x00 0x00 ...
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                      0x5A 0x73 0x1E 0x4B ...
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                       
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                 0x2D 0x83 0x7C 0x1F ...
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4                                     
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                  C:\Programme\DAEMON Tools\
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                  0
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                               0xBC 0x70 0x2A 0xB8 ...
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001                            
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                         0x20 0x01 0x00 0x00 ...
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                      0xD0 0x5D 0xAE 0x22 ...
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40                      
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                0x70 0x20 0xCA 0xD5 ...
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41                      
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh                0xAD 0x8C 0x1B 0xC8 ...
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42                      
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh                0x0B 0xBA 0x28 0xC2 ...
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43                      
Reg                                                                       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh                0xED 0xA0 0xF5 0x90 ...
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                 
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                      C:\Programme\DAEMON Tools Pro\
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                      1
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                   0x9A 0xC6 0x16 0x0C ...
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)        
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                             0x20 0x01 0x00 0x00 ...
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                          0x5A 0x73 0x1E 0x4B ...
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)   
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                     0x2D 0x83 0x7C 0x1F ...
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)                 
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                      C:\Programme\DAEMON Tools\
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                      0
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                                   0xBC 0x70 0x2A 0xB8 ...
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)        
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                             0x20 0x01 0x00 0x00 ...
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                          0xD0 0x5D 0xAE 0x22 ...
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)  
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                    0x70 0x20 0xCA 0xD5 ...
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 (not active ControlSet)  
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh                    0xAD 0x8C 0x1B 0xC8 ...
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 (not active ControlSet)  
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh                    0x0B 0xBA 0x28 0xC2 ...
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 (not active ControlSet)  
Reg                                                                       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh                    0xED 0xA0 0xF5 0x90 ...
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                 
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                      C:\Programme\DAEMON Tools Pro\
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                      1
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                   0x9A 0xC6 0x16 0x0C ...
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)        
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                             0x20 0x01 0x00 0x00 ...
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                          0x5A 0x73 0x1E 0x4B ...
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)   
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                     0x2D 0x83 0x7C 0x1F ...
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)                 
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                      C:\Programme\DAEMON Tools\
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                      0
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                                   0xBC 0x70 0x2A 0xB8 ...
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)        
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                             0x20 0x01 0x00 0x00 ...
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                          0xD0 0x5D 0xAE 0x22 ...
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)  
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                    0x70 0x20 0xCA 0xD5 ...
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 (not active ControlSet)  
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh                    0xAD 0x8C 0x1B 0xC8 ...
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 (not active ControlSet)  
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh                    0x0B 0xBA 0x28 0xC2 ...
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 (not active ControlSet)  
Reg                                                                       HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh                    0xED 0xA0 0xF5 0x90 ...

---- EOF - GMER 1.0.15 ----

--- --- ---

osam:

OSAM Logfile:

Code:

ATTFilter

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 11:35:02 on 23.12.2011

OS: Windows XP Professional Service Pack 3 (Build 2600)
Default Browser: Microsoft Corporation Internet Explorer 8.00.6001.18702

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"1-Klick-Wartung.job" - "TuneUp Software GmbH" - C:\Programme\TuneUp Utilities 2007\SystemOptimizer.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"PhysX.cpl" - ? - C:\WINDOWS\system32\PhysX.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Avira AntiVir PersonalEdition Classic" - ? - C:\PROGRA~1\ANTIVI~1\avconfig.cpl  (File not found)
"Nero BurnRights" - "Ahead Software AG" - C:\Programme\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl
"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"ACEDRV07" (ACEDRV07) - "Protect Software GmbH" - C:\WINDOWS\system32\drivers\ACEDRV07.sys
"Acer EPM Power Scheme Driver" (EpmPsd) - "Acer Value Labs, USA" - C:\WINDOWS\system32\drivers\epm-psd.sys
"Acer EPM System Hardware Driver" (EpmShd) - "Acer Value Labs, USA" - C:\WINDOWS\system32\drivers\epm-shd.sys
"Acer NetMonitor Protocol" (NETMNT) - ? - C:\WINDOWS\System32\DRIVERS\NETMNT.sys  (File found, but it contains no detailed information)
"AEGIS Protocol (IEEE 802.1x) v3.6.0.0" (AegisP) - "Meetinghouse Data Communications" - C:\WINDOWS\System32\DRIVERS\AegisP.sys
"aeswbfwx" (aeswbfwx) - ? - C:\WINDOWS\system32\drivers\aeswbfwx.sys  (Hidden registry entry, rootkit activity | File not found)
"Apple Mobile USB Driver" (USBAAPL) - ? - C:\WINDOWS\System32\Drivers\usbaapl.sys  (File not found)
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avkmgr.sys
"Bluetooth-Audiogerät" (btaudio) - ? - C:\WINDOWS\System32\drivers\btaudio.sys  (File not found)
"Bluetooth-Bus-Enumerator" (BTKRNL) - ? - C:\WINDOWS\System32\DRIVERS\btkrnl.sys  (File not found)
"Bluetooth-LAN-Zugangsserver" (BTWDNDIS) - ? - C:\WINDOWS\System32\DRIVERS\btwdndis.sys  (File not found)
"catchme" (catchme) - ? - C:\DOKUME~1\Kiss\LOKALE~1\Temp\catchme.sys  (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)
"Cisco Systems Inc. IPSec Driver" (CVPNDRVA) - "Cisco Systems, Inc." - C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
"cpuz135" (cpuz135) - "CPUID" - C:\WINDOWS\system32\drivers\cpuz135_x32.sys
"dtscsi" (dtscsi) - "DT Soft Ltd." - C:\WINDOWS\System32\Drivers\dtscsi.sys  (File is exclusively opened, access blocked)
"ENTECH" (ENTECH) - "EnTech Taiwan" - C:\WINDOWS\system32\DRIVERS\ENTECH.sys
"InCD Reader" (InCDRm) - ? - C:\WINDOWS\System32\drivers\InCDRm.sys  (File not found)
"InCDPass" (InCDPass) - ? - C:\WINDOWS\System32\drivers\InCDPass.sys  (File not found)
"int15.sys" (int15.sys) - ? - C:\Acer\Empowering Technology\eRecovery\int15.sys  (File found, but it contains no detailed information)
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)
"MBAMSwissArmy" (MBAMSwissArmy) - ? - C:\WINDOWS\system32\drivers\mbamswissarmy.sys  (File not found)
"MHN-Treiber" (MHNDRV) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mhndrv.sys
"OSA NdisFilter Protocol" (NdisFilt) - "OSA Technologies" - C:\WINDOWS\System32\Drivers\NdisFilt.sys
"OsaFsLoc" (OsaFsLoc) - "OSA Technologies" - C:\WINDOWS\system32\drivers\OsaFsLoc.sys
"osaio" (osaio) - "OSA Technologies, An Avocent Company" - C:\WINDOWS\system32\drivers\osaio.sys
"osanbm" (osanbm) - "Windows (R) 2000 DDK provider" - C:\WINDOWS\system32\drivers\osanbm.sys
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"Sony Ericsson 750 driver (WDM)" (k750bus) - "MCCI" - C:\WINDOWS\System32\DRIVERS\k750bus.sys
"Sony Ericsson 750 USB WMC Device Management Drivers" (k750mgmt) - "MCCI" - C:\WINDOWS\System32\DRIVERS\k750mgmt.sys
"Sony Ericsson 750 USB WMC Modem Drivers" (k750mdm) - "MCCI" - C:\WINDOWS\System32\DRIVERS\k750mdm.sys
"Sony Ericsson 750 USB WMC Modem Filter" (k750mdfl) - "MCCI" - C:\WINDOWS\System32\DRIVERS\k750mdfl.sys
"Sony Ericsson 750 USB WMC OBEX Interface Drivers" (k750obex) - "MCCI" - C:\WINDOWS\System32\DRIVERS\k750obex.sys
"Sony Ericsson Device 0A1 driver (WDM)" (sea1bus) - "MCCI" - C:\WINDOWS\System32\DRIVERS\sea1bus.sys
"Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS)" (sea1nd5) - "MCCI" - C:\WINDOWS\System32\DRIVERS\sea1nd5.sys
"Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM)" (sea1unic) - "MCCI" - C:\WINDOWS\System32\DRIVERS\sea1unic.sys
"Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM)" (sea1mgmt) - "MCCI" - C:\WINDOWS\System32\DRIVERS\sea1mgmt.sys
"Sony Ericsson Device 0A1 USB WMC Modem Driver" (sea1mdm) - "MCCI" - C:\WINDOWS\System32\DRIVERS\sea1mdm.sys
"Sony Ericsson Device 0A1 USB WMC Modem Filter" (sea1mdfl) - "MCCI" - C:\WINDOWS\System32\DRIVERS\sea1mdfl.sys
"Sony Ericsson Device 0A1 USB WMC OBEX Interface" (sea1obex) - "MCCI" - C:\WINDOWS\System32\DRIVERS\sea1obex.sys
"sptd" (sptd) - "Duplex Secure Ltd." - C:\WINDOWS\System32\Drivers\sptd.sys  (File is exclusively opened, access blocked)
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"StarForce Protection Environment Driver (version 1.x)" (sfdrv01) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfdrv01.sys
"StarForce Protection Helper Driver (version 2.x)" (sfhlp02) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfhlp02.sys
"StarForce Protection Synchronization Driver (version 4.x)" (sfsync04) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfsync04.sys
"StarForce Protection VFS Driver (version 2.x)" (sfvfs02) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfvfs02.sys
"STYLEXPHELPER" (STYLEXPHELPER) - ? - C:\Dokumente und Einstellungen\Kiss\Desktop\MyStuff\Progs\StyleXP\STYLEXPHELPER.EXE  (File not found)
"SYMIDSCO" (SYMIDSCO) - ? - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SymcData\IDS-DI~1\20050901.036\symidsco.sys  (File not found)
"UBHelper" (UBHelper) - ? - C:\WINDOWS\system32\drivers\UBHelper.sys  (File found, but it contains no detailed information)
"Upper Class Filter Driver" (NTIDrvr) - "NewTech Infosystems, Inc." - C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys
"Virtueller Bluetooth-Kommunikationstreiber" (BTDriver) - ? - C:\WINDOWS\System32\DRIVERS\btport.sys  (File not found)
"WAN Miniport (ATW)" (wanatw) - ? - C:\WINDOWS\System32\DRIVERS\wanatw4.sys  (File not found)
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)
"WLAN-Transport" (s24trans) - "Intel Corporation" - C:\WINDOWS\System32\DRIVERS\s24trans.sys
"zlportio" (zlportio) - ? - D:\Ultrastar\SingStar\SingStar\ultrastar-dx-100\zlportio.sys  (File not found)

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\lib\NeroDigitalExt.dll
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{CF184AD3-CDCB-4168-A3F7-8E447D129300} "CZipHandler Object" - "Hewlett-Packard Company" - C:\Programme\HP\hpcoretech\comp\hpuiprot.dll
{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL
{CD00020A-8B95-11D1-82DB-00C04FB1625D} "Microsoft PKM KnowledgePluggable Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL
{91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Programme\7-Zip\7-zip.dll
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? -   (File not found | COM-object registry key not found)
{2b45bd21-71f8-4c8c-a87a-7eeb25a1a3e0} "EPM-PO Shell Extensions" - "Acer Labs USA" - C:\WINDOWS\system32\epm-po.dll
{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{73B24247-042E-4EF5-ADC2-42F62E6FD654} "ICQ Lite Shell Extension" - ? -   (File not found | COM-object registry key not found)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\OFFICE11\msohev.dll
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
{D9872D13-7651-4471-9EEE-F0A00218BEBB} "Multiscan" - ? -   (File not found | COM-object registry key not found)
{B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\lib\NeroDigitalExt.dll
{7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\lib\NeroDigitalExt.dll
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - C:\Program Files\Real\RealPlayer\rpshell.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - C:\Programme\ATI Technologies\ATI.ACE\atiacmxx.dll
{738D66C6-0149-4D40-84E4-A7BB2D0CE949} "Sony Ericsson File Manager" - ? -   (File not found | COM-object registry key not found)
{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software GmbH" - C:\Programme\TuneUp Utilities 2007\SDShelEx-win32.dll
{44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software GmbH" - C:\WINDOWS\system32\uxtuneup.dll
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll  (File found, but it contains no detailed information)

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_29.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_29.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_29.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? -   (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} "{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"ICQ Lite" - ? - C:\Programme\ICQLite\ICQLite.exe  (File not found)
{0483894E-2422-45E0-8384-021AFF1AF3CD} "iOpus iMacros" - ? - C:\Programme\iMacros\imacros.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Plug-In" - "Skype Technologies S.A." - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{D0943516-5076-4020-A3B5-AEFAF26AB263} "Veoh Browser Plug-in" - "Veoh Networks Inc" - C:\Programme\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
"Microsoft Office.lnk" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\OSA.EXE  (Shortcut exists | File exists)
"VPN Client.lnk" - "Cisco Systems, Inc." - C:\Programme\Cisco Systems\VPN Client\vpngui.exe  (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\Kiss\Startmenü\Programme\Autostart\desktop.ini
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"ePower_DMC" - "Acer Incorporated" - C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
"LaunchApp" - "Acer Inc." - Alaunch
"MSPY2002" - ? - C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC  (File signed by Microsoft | File found, but it contains no detailed information)
"NeroFilterCheck" - "Ahead Software Gmbh" - C:\WINDOWS\system32\NeroCheck.exe
"QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\qttask.exe" -atboottime
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\mdimon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"AdminWorks Agent X6" (AWService) - "Avocent Inc." - C:\Acer\Empowering Technology\admServ.exe
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"Avira Upgrade Service" (AviraUpgradeService) - ? - "C:\WINDOWS\TEMP\AVSETUP_4ee10b84\avupgsvc.exe" /TEMPSTART:""C:\WINDOWS\TEMP\AVSETUP_4ee10b84\setup.exe" /NOTEMPCLEANUP /CROSSUPGRADE"  (File not found)
"Cisco Systems, Inc. VPN Service" (CVPND) - "Cisco Systems, Inc." - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
"Intel(R) PROSet/Wireless Event Log" (EvtEng) - "Intel Corporation" - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
"Intel(R) PROSet/Wireless Registry Service" (RegSrvc) - "Intel Corporation" - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
"Intel(R) PROSet/Wireless Service" (S24EventMonitor) - "Intel Corporation " - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
"Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
"MHN" (MHN) - "Microsoft Corporation" - C:\WINDOWS\System32\mhn.dll
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
"Process Monitor" (LVPrcSrv) - "Logitech Inc." - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
"ServiceLayer" (ServiceLayer) - "Nokia." - C:\Programme\PC Connectivity Solution\ServiceLayer.exe
"TuneUp Designerweiterung" (UxTuneUp) - "TuneUp Software GmbH" - C:\WINDOWS\System32\uxtuneup.dll
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

mamt1982 · 23.12.2011, 12:44

aswMBR version 0.9.9.1116 Copyright(c) 2011 AVAST Software
Run date: 2011-12-23 12:02:14
-----------------------------
12:02:14.328 OS Version: Windows 5.1.2600 Service Pack 3
12:02:14.328 Number of processors: 2 586 0xE08
12:02:14.328 ComputerName: JK UserName:
12:02:22.671 Initialize success
12:02:40.328 AVAST engine defs: 11122300
12:02:46.437 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
12:02:46.437 Disk 0 Vendor: ST9120821AS 3.06 Size: 114473MB BusType: 3
12:02:48.468 Disk 0 MBR read successfully
12:02:48.484 Disk 0 MBR scan
12:02:48.640 Disk 0 unknown MBR code
12:02:48.656 Disk 0 Partition 1 00 12 Compaq diag MSWIN4.1 4996 MB offset 63
12:02:48.703 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 54486 MB offset 10233405
12:02:48.734 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 54988 MB offset 121820895
12:02:48.765 Disk 0 scanning sectors +234436545
12:02:48.968 Disk 0 scanning C:\WINDOWS\system32\drivers
12:03:55.937 Service scanning
12:04:00.500 Service dtscsi C:\WINDOWS\System32\Drivers\dtscsi.sys **LOCKED** 32
12:04:00.687 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
12:04:01.281 Modules scanning
12:04:45.828 Disk 0 trace - called modules:
12:04:45.859 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll sfsync04.sys atapi.sys sptd.sys >>UNKNOWN [0x871838ac]<<
12:04:45.875 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86fee030]
12:04:45.875 3 CLASSPNP.SYS[f7672fd7] -> nt!IofCallDriver -> \Device\000000d1[0x86fef318]
12:04:45.890 5 ACPI.sys[f7366620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x870b8940]
12:04:45.906 \Driver\atapi[0x87074a38] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> sfsync04.sys[0xf733ea6c]
12:04:53.515 AVAST engine scan C:\WINDOWS
12:05:51.671 AVAST engine scan C:\WINDOWS\system32
12:17:41.984 AVAST engine scan C:\WINDOWS\system32\drivers
12:19:25.578 AVAST engine scan C:\Dokumente und Einstellungen\Kiss
12:37:51.000 AVAST engine scan C:\Dokumente und Einstellungen\All Users
12:39:46.062 Scan finished successfully
12:40:01.734 Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\Kiss\Desktop\MBR.dat"
12:40:01.750 The log file has been saved successfully to "C:\Dokumente und Einstellungen\Kiss\Desktop\aswMBR.txt"

mamt1982 · 23.12.2011, 13:01

tut mir leid. habe das mit dem Überspringen der Online-Abfrage beim ersten Mal verplant..
habe noch ein Log ohne Abfrage erstellt:

OSAM Logfile:

Code:

ATTFilter

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 12:59:49 on 23.12.2011

OS: Windows XP Professional Service Pack 3 (Build 2600)
Default Browser: Microsoft Corporation Internet Explorer 8.00.6001.18702

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"1-Klick-Wartung.job" - "TuneUp Software GmbH" - C:\Programme\TuneUp Utilities 2007\SystemOptimizer.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"PhysX.cpl" - ? - C:\WINDOWS\system32\PhysX.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Avira AntiVir PersonalEdition Classic" - ? - C:\PROGRA~1\ANTIVI~1\avconfig.cpl  (File not found)
"Nero BurnRights" - "Ahead Software AG" - C:\Programme\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl
"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"ACEDRV07" (ACEDRV07) - "Protect Software GmbH" - C:\WINDOWS\system32\drivers\ACEDRV07.sys
"Acer EPM Power Scheme Driver" (EpmPsd) - "Acer Value Labs, USA" - C:\WINDOWS\system32\drivers\epm-psd.sys
"Acer EPM System Hardware Driver" (EpmShd) - "Acer Value Labs, USA" - C:\WINDOWS\system32\drivers\epm-shd.sys
"Acer NetMonitor Protocol" (NETMNT) - ? - C:\WINDOWS\System32\DRIVERS\NETMNT.sys  (File found, but it contains no detailed information)
"AEGIS Protocol (IEEE 802.1x) v3.6.0.0" (AegisP) - "Meetinghouse Data Communications" - C:\WINDOWS\System32\DRIVERS\AegisP.sys
"aeswbfwx" (aeswbfwx) - ? - C:\WINDOWS\system32\drivers\aeswbfwx.sys  (Hidden registry entry, rootkit activity | File not found)
"Apple Mobile USB Driver" (USBAAPL) - ? - C:\WINDOWS\System32\Drivers\usbaapl.sys  (File not found)
"aswMBR" (aswMBR) - ? - C:\DOKUME~1\Kiss\LOKALE~1\Temp\aswMBR.sys  (Hidden registry entry, rootkit activity | File not found)
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avkmgr.sys
"Bluetooth-Audiogerät" (btaudio) - ? - C:\WINDOWS\System32\drivers\btaudio.sys  (File not found)
"Bluetooth-Bus-Enumerator" (BTKRNL) - ? - C:\WINDOWS\System32\DRIVERS\btkrnl.sys  (File not found)
"Bluetooth-LAN-Zugangsserver" (BTWDNDIS) - ? - C:\WINDOWS\System32\DRIVERS\btwdndis.sys  (File not found)
"catchme" (catchme) - ? - C:\DOKUME~1\Kiss\LOKALE~1\Temp\catchme.sys  (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)
"Cisco Systems Inc. IPSec Driver" (CVPNDRVA) - "Cisco Systems, Inc." - C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
"cpuz135" (cpuz135) - "CPUID" - C:\WINDOWS\system32\drivers\cpuz135_x32.sys
"dtscsi" (dtscsi) - "DT Soft Ltd." - C:\WINDOWS\System32\Drivers\dtscsi.sys  (File is exclusively opened, access blocked)
"ENTECH" (ENTECH) - "EnTech Taiwan" - C:\WINDOWS\system32\DRIVERS\ENTECH.sys
"InCD Reader" (InCDRm) - ? - C:\WINDOWS\System32\drivers\InCDRm.sys  (File not found)
"InCDPass" (InCDPass) - ? - C:\WINDOWS\System32\drivers\InCDPass.sys  (File not found)
"int15.sys" (int15.sys) - ? - C:\Acer\Empowering Technology\eRecovery\int15.sys  (File found, but it contains no detailed information)
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)
"MBAMSwissArmy" (MBAMSwissArmy) - ? - C:\WINDOWS\system32\drivers\mbamswissarmy.sys  (File not found)
"MHN-Treiber" (MHNDRV) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mhndrv.sys
"OSA NdisFilter Protocol" (NdisFilt) - "OSA Technologies" - C:\WINDOWS\System32\Drivers\NdisFilt.sys
"OsaFsLoc" (OsaFsLoc) - "OSA Technologies" - C:\WINDOWS\system32\drivers\OsaFsLoc.sys
"osaio" (osaio) - "OSA Technologies, An Avocent Company" - C:\WINDOWS\system32\drivers\osaio.sys
"osanbm" (osanbm) - "Windows (R) 2000 DDK provider" - C:\WINDOWS\system32\drivers\osanbm.sys
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"Sony Ericsson 750 driver (WDM)" (k750bus) - "MCCI" - C:\WINDOWS\System32\DRIVERS\k750bus.sys
"Sony Ericsson 750 USB WMC Device Management Drivers" (k750mgmt) - "MCCI" - C:\WINDOWS\System32\DRIVERS\k750mgmt.sys
"Sony Ericsson 750 USB WMC Modem Drivers" (k750mdm) - "MCCI" - C:\WINDOWS\System32\DRIVERS\k750mdm.sys
"Sony Ericsson 750 USB WMC Modem Filter" (k750mdfl) - "MCCI" - C:\WINDOWS\System32\DRIVERS\k750mdfl.sys
"Sony Ericsson 750 USB WMC OBEX Interface Drivers" (k750obex) - "MCCI" - C:\WINDOWS\System32\DRIVERS\k750obex.sys
"Sony Ericsson Device 0A1 driver (WDM)" (sea1bus) - "MCCI" - C:\WINDOWS\System32\DRIVERS\sea1bus.sys
"Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS)" (sea1nd5) - "MCCI" - C:\WINDOWS\System32\DRIVERS\sea1nd5.sys
"Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM)" (sea1unic) - "MCCI" - C:\WINDOWS\System32\DRIVERS\sea1unic.sys
"Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM)" (sea1mgmt) - "MCCI" - C:\WINDOWS\System32\DRIVERS\sea1mgmt.sys
"Sony Ericsson Device 0A1 USB WMC Modem Driver" (sea1mdm) - "MCCI" - C:\WINDOWS\System32\DRIVERS\sea1mdm.sys
"Sony Ericsson Device 0A1 USB WMC Modem Filter" (sea1mdfl) - "MCCI" - C:\WINDOWS\System32\DRIVERS\sea1mdfl.sys
"Sony Ericsson Device 0A1 USB WMC OBEX Interface" (sea1obex) - "MCCI" - C:\WINDOWS\System32\DRIVERS\sea1obex.sys
"sptd" (sptd) - "Duplex Secure Ltd." - C:\WINDOWS\System32\Drivers\sptd.sys  (File is exclusively opened, access blocked)
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"StarForce Protection Environment Driver (version 1.x)" (sfdrv01) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfdrv01.sys
"StarForce Protection Helper Driver (version 2.x)" (sfhlp02) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfhlp02.sys
"StarForce Protection Synchronization Driver (version 4.x)" (sfsync04) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfsync04.sys
"StarForce Protection VFS Driver (version 2.x)" (sfvfs02) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfvfs02.sys
"STYLEXPHELPER" (STYLEXPHELPER) - ? - C:\Dokumente und Einstellungen\Kiss\Desktop\MyStuff\Progs\StyleXP\STYLEXPHELPER.EXE  (File not found)
"SYMIDSCO" (SYMIDSCO) - ? - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SymcData\IDS-DI~1\20050901.036\symidsco.sys  (File not found)
"UBHelper" (UBHelper) - ? - C:\WINDOWS\system32\drivers\UBHelper.sys  (File found, but it contains no detailed information)
"Upper Class Filter Driver" (NTIDrvr) - "NewTech Infosystems, Inc." - C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys
"Virtueller Bluetooth-Kommunikationstreiber" (BTDriver) - ? - C:\WINDOWS\System32\DRIVERS\btport.sys  (File not found)
"WAN Miniport (ATW)" (wanatw) - ? - C:\WINDOWS\System32\DRIVERS\wanatw4.sys  (File not found)
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)
"WLAN-Transport" (s24trans) - "Intel Corporation" - C:\WINDOWS\System32\DRIVERS\s24trans.sys
"zlportio" (zlportio) - ? - D:\Ultrastar\SingStar\SingStar\ultrastar-dx-100\zlportio.sys  (File not found)

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\lib\NeroDigitalExt.dll
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{CF184AD3-CDCB-4168-A3F7-8E447D129300} "CZipHandler Object" - "Hewlett-Packard Company" - C:\Programme\HP\hpcoretech\comp\hpuiprot.dll
{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL
{CD00020A-8B95-11D1-82DB-00C04FB1625D} "Microsoft PKM KnowledgePluggable Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL
{91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Programme\7-Zip\7-zip.dll
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? -   (File not found | COM-object registry key not found)
{2b45bd21-71f8-4c8c-a87a-7eeb25a1a3e0} "EPM-PO Shell Extensions" - "Acer Labs USA" - C:\WINDOWS\system32\epm-po.dll
{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{73B24247-042E-4EF5-ADC2-42F62E6FD654} "ICQ Lite Shell Extension" - ? -   (File not found | COM-object registry key not found)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\OFFICE11\msohev.dll
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
{D9872D13-7651-4471-9EEE-F0A00218BEBB} "Multiscan" - ? -   (File not found | COM-object registry key not found)
{B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\lib\NeroDigitalExt.dll
{7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\lib\NeroDigitalExt.dll
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - C:\Program Files\Real\RealPlayer\rpshell.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - C:\Programme\ATI Technologies\ATI.ACE\atiacmxx.dll
{738D66C6-0149-4D40-84E4-A7BB2D0CE949} "Sony Ericsson File Manager" - ? -   (File not found | COM-object registry key not found)
{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software GmbH" - C:\Programme\TuneUp Utilities 2007\SDShelEx-win32.dll
{44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software GmbH" - C:\WINDOWS\system32\uxtuneup.dll
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll  (File found, but it contains no detailed information)

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_29.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_29.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_29.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? -   (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} "{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"ICQ Lite" - ? - C:\Programme\ICQLite\ICQLite.exe  (File not found)
{0483894E-2422-45E0-8384-021AFF1AF3CD} "iOpus iMacros" - ? - C:\Programme\iMacros\imacros.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Plug-In" - "Skype Technologies S.A." - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{D0943516-5076-4020-A3B5-AEFAF26AB263} "Veoh Browser Plug-in" - "Veoh Networks Inc" - C:\Programme\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
"Microsoft Office.lnk" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\OSA.EXE  (Shortcut exists | File exists)
"VPN Client.lnk" - "Cisco Systems, Inc." - C:\Programme\Cisco Systems\VPN Client\vpngui.exe  (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\Kiss\Startmenü\Programme\Autostart\desktop.ini
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"ePower_DMC" - "Acer Incorporated" - C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
"LaunchApp" - "Acer Inc." - Alaunch
"MSPY2002" - ? - C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC  (File signed by Microsoft | File found, but it contains no detailed information)
"NeroFilterCheck" - "Ahead Software Gmbh" - C:\WINDOWS\system32\NeroCheck.exe
"QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\qttask.exe" -atboottime
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\mdimon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"AdminWorks Agent X6" (AWService) - "Avocent Inc." - C:\Acer\Empowering Technology\admServ.exe
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"Avira Upgrade Service" (AviraUpgradeService) - ? - "C:\WINDOWS\TEMP\AVSETUP_4ee10b84\avupgsvc.exe" /TEMPSTART:""C:\WINDOWS\TEMP\AVSETUP_4ee10b84\setup.exe" /NOTEMPCLEANUP /CROSSUPGRADE"  (File not found)
"Cisco Systems, Inc. VPN Service" (CVPND) - "Cisco Systems, Inc." - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
"Intel(R) PROSet/Wireless Event Log" (EvtEng) - "Intel Corporation" - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
"Intel(R) PROSet/Wireless Registry Service" (RegSrvc) - "Intel Corporation" - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
"Intel(R) PROSet/Wireless Service" (S24EventMonitor) - "Intel Corporation " - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
"Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
"MHN" (MHN) - "Microsoft Corporation" - C:\WINDOWS\System32\mhn.dll
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
"Process Monitor" (LVPrcSrv) - "Logitech Inc." - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
"ServiceLayer" (ServiceLayer) - "Nokia." - C:\Programme\PC Connectivity Solution\ServiceLayer.exe
"TuneUp Designerweiterung" (UxTuneUp) - "TuneUp Software GmbH" - C:\WINDOWS\System32\uxtuneup.dll
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

cosinus · 23.12.2011, 17:30

Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht.

Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar.

Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR.
Anschließend Windows neu starten und ein neues Log mit aswMBR machen.

mamt1982 · 24.12.2011, 16:23

So..Frohe Weihnachten erstmal

Laptop ist erstmal weg,da meine Freundin verreist ist und ihn mitgenommen hat.

Sie hat vorhin angerufen und meinte,dass sie keine Youtube-Clips mehr abspielen kann bzw sie kriegt sie zum Laufen,aber sie bleiben immer wieder hängen mit einem knarrenden Geräusch,als würde eine CD beim Spielen hängen bleiben.das gilt übrigens auch für mp3-Dateien,die sich auf der Platte befinden.vor der Konvertierung hatten wir das Problem nicht.wüsstest du da vielleicht Rat?

cosinus · 24.12.2011, 16:31

Wir waren noch nicht durch mit der Bereinigung....wieso nimmt die den einfach so mit wenn wir nich nicht druch waren?

mamt1982 · 24.12.2011, 16:41

Sie muss über die Ferien für eine Präsi recherchieren.ging leider nicht anders.
Hatte gehofft,vor der Abreise alles durchzubekommen,aber die Datensicherung fürs fixen hätte zu lange beansprucht bzw habe ich nur die Hälfte davon geschafft und eine spätere Mitfahrgelegenheit gabs leider nicht

mamt1982 · 24.12.2011, 19:16

Die Bereinigung mal beiseite.kann es denn mit der Konvertierung zu tun haben,dass es Probleme mit Flash Player und dem abspielen von mp3 gibt?
Da ja trotz der nicht kompletten Bereinigung vor der Konvertierung keinerlei probs gab.

24.12.2011, 16:31	#28
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Aus Sicherheitsgründen wurde Ihr Windows-System blockiert... Wir waren noch nicht durch mit der Bereinigung....wieso nimmt die den einfach so mit wenn wir nich nicht druch waren? __________________ Logfiles bitte immer in CODE-Tags posten

Aus Sicherheitsgründen wurde Ihr Windows-System blockiert...

Log-Analyse und Auswertung: Aus Sicherheitsgründen wurde Ihr Windows-System blockiert...