Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Hitman durch Samsung Recovery gestoppt?

Hitman durch Samsung Recovery gestoppt?


Log-Analyse und Auswertung: Hitman durch Samsung Recovery gestoppt?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 30.01.2013, 15:44   #1
Ksiem
 
Hitman durch Samsung Recovery gestoppt? - Icon32

Hitman durch Samsung Recovery gestoppt?


Guten Tag zusammen,
Ich habe folgendes Problem:
Auf dem Laptop meiner Freundin tauchte vorgestern das bekannte Fenster auf sie hätte pornographische Inhalte heruntergeladen und könnte gegen Gebühr entsperrt werden.
Sie zeigte mir das und fragte was das solle. Habe sofort den Lappy "hart" ausgeschaltet und mich
mit meinem eigenen Laptop auf Recherche Tour begeben, da sie ihre Prüfungsunterlagen auf dem guten Stück hat und Backups von vor einem Jahr
Bin hier auf passende Threats gestoßen (Fahndungsfoto müsste auf eine recht neue Version passen soweit ich das in Erinnerung habe) und habe mir Hitman gezogen.

http://www.trojaner-board.de/129891-...te-nichts.html

Leider kam ich schon beim Systemstart nicht weiter, weil Samsung Recovery dazwischen funkt -->Black Screen
Habe mich weiter eingelesen, mich angemeldet und mir die Hinweise usw. angesehen:
Nun also keine eigenmächtigen Schritte mehr von mir und die Bitte um Hilfe


Stats des Lappys meiner Freundin soweit bekannt:
Vista 32 bit
Servicepacks: unbekannt

Ich danke wem auch immer für Tips und Hinweise!
Ksiem

Alt 31.01.2013, 02:52   #2
t'john
/// Helfer-Team
 
Hitman durch Samsung Recovery gestoppt? - Standard

Hitman durch Samsung Recovery gestoppt?




Mit einem sauberen 2. Rechner eine OTLPE-CD erstellen und den infizierten Rechner dann von dieser CD booten:


Falls Du kein Brennprogramm installiert hast, lade dir bitte ISOBurner herunter. Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen. Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD.
  • Lade OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop. Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.
  • Wenn der Download fertig ist, mache einen Doppelklick auf die Datei und beantworte die Frage "Do you want to burn the CD?" mit Yes.
  • Lege eine leere CD in Deinen Brenner.
  • ImgBurn (oder Dein Brennprogramm) wird das Archiv extrahieren und OTLPE Network auf die CD brennen.
  • Wenn der Brenn-Vorgang abgeschlossen ist, wirst Du eine Dialogbox sehen => "Operation successfully completed".
  • Du kannst nun die Fenster des Brennprogramms schließen.
Nun boote von der OTLPE CD. Hinweis: Wie boote ich von CD
  • Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen.
  • Mache einen Doppelklick auf das OTLPE Icon.
  • Hinweis: Damit OTLPE auch das richtige installierte Windows scant, musst du den Windows-Ordner des auf der Platte installierten Windows auswählen, einfach nur C: auswählen gibt einen Fehler!
  • Wenn Du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
  • Wenn Du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
  • Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.
  • OTLpe sollte nun starten.
  • Drücke Run Scan, um den Scan zu starten.
  • Wenn der Scan fertig ist, werden die Dateien C:\OTL.Txt und C:\Extras.Txt erstellt
  • Kopiere diese Datei auf Deinen USB-Stick, wenn Du keine Internetverbindung auf diesem System hast.
  • Bitte poste den Inhalt von C:\OTL.Txt und Extras.Txt.
__________________

__________________
Alt 31.01.2013, 21:04   #3
Ksiem
 
Hitman durch Samsung Recovery gestoppt? - Standard

Hitman durch Samsung Recovery gestoppt?


Wow... Antwort nachts um 2.30....
Vielen Dank!

Downloade und poste dann hier sobald ich weiter bin.

Vorne weg- klappte nach einem 20 Minütigen Blackscreen erst beim zweiten Versuch zu booten.
Habe dann nur eine otl und keine extra datei bekommen.
Auswahl otlpe bei extra Registry war auf None -habe ich auf Use Safelist gesetzt -nun gabs auch eine Extra Datei...

Inhalt otl.txtOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 1/31/2013 10:26:38 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144.09 Gb Total Space | 83.74 Gb Free Space | 58.11% Space Free | Partition Type: NTFS
Drive D: | 144.00 Gb Total Space | 29.88 Gb Free Space | 20.75% Space Free | Partition Type: NTFS
Drive E: | 29.81 Gb Total Space | 29.81 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto] --  -- (XS Stick Service)
SRV - File not found [Auto] --  -- (wudfsvc)
SRV - File not found [Auto] --  -- (wuauserv)
SRV - File not found [Auto] --  -- (WTGService)
SRV - File not found [Auto] --  -- (WSearch)
SRV - File not found [On_Demand] --  -- (WPFFontCache_v0400)
SRV - File not found [Auto] --  -- (WPDBusEnum)
SRV - File not found [On_Demand] --  -- (WPCSvc)
SRV - File not found [Auto] --  -- (WMPNetworkSvc)
SRV - File not found [On_Demand] --  -- (wmiApSrv)
SRV - File not found [Auto] --  -- (wlidsvc)
SRV - File not found [Auto] --  -- (Wlansvc)
SRV - File not found [On_Demand] --  -- (WinRM)
SRV - File not found [Auto] --  -- (Winmgmt)
SRV - File not found [On_Demand] --  -- (WinHttpAutoProxySvc)
SRV - File not found [Auto] --  -- (WerSvc)
SRV - File not found [On_Demand] --  -- (wercplsupport)
SRV - File not found [On_Demand] --  -- (Wecsvc)
SRV - File not found [Auto] --  -- (WebClient)
SRV - File not found [On_Demand] --  -- (WdiSystemHost)
SRV - File not found [On_Demand] --  -- (WdiServiceHost)
SRV - File not found [On_Demand] --  -- (WcsPlugInService)
SRV - File not found [On_Demand] --  -- (wcncsvc)
SRV - File not found [Auto] --  -- (W32Time)
SRV - File not found [On_Demand] --  -- (VSS)
SRV - File not found [On_Demand] --  -- (vds)
SRV - File not found [Auto] --  -- (UxSms)
SRV - File not found [Auto] --  -- (upnphost)
SRV - File not found [On_Demand] --  -- (UI0Detect)
SRV - File not found [On_Demand] --  -- (TrustedInstaller)
SRV - File not found [Auto] --  -- (TrkWks)
SRV - File not found [On_Demand] --  -- (THREADORDER)
SRV - File not found [Auto] --  -- (Themes)
SRV - File not found [Auto] --  -- (TermService)
SRV - File not found [Auto] --  -- (TBS)
SRV - File not found [On_Demand] --  -- (TapiSrv)
SRV - File not found [Auto] --  -- (TabletInputService)
SRV - File not found [Auto] --  -- (SysMain)
SRV - File not found [On_Demand] --  -- (swprv)
SRV - File not found [Auto] --  -- (stisvc)
SRV - File not found [On_Demand] --  -- (SstpSvc)
SRV - File not found [On_Demand] --  -- (SSDPSRV)
SRV - File not found [Auto] --  -- (Spooler)
SRV - File not found [On_Demand] --  -- (SNMPTRAP)
SRV - File not found [On_Demand] --  -- (SLUINotify)
SRV - File not found [Auto] --  -- (slsvc)
SRV - File not found [Auto] --  -- (SkypeUpdate)
SRV - File not found [Auto] --  -- (ShellHWDetection)
SRV - File not found [Disabled] --  -- (SharedAccess)
SRV - File not found [On_Demand] --  -- (SessionEnv)
SRV - File not found [Auto] --  -- (SENS)
SRV - File not found [On_Demand] --  -- (SDRSVC)
SRV - File not found [On_Demand] --  -- (SCPolicySvc)
SRV - File not found [Auto] --  -- (Schedule)
SRV - File not found [On_Demand] --  -- (SCardSvr)
SRV - File not found [Auto] --  -- (SamSs)
SRV - File not found [Auto] --  -- (RpcSs)
SRV - File not found [On_Demand] --  -- (RpcLocator)
SRV - File not found [On_Demand] --  -- (RemoteRegistry)
SRV - File not found [Disabled] --  -- (RemoteAccess)
SRV - File not found [On_Demand] --  -- (RasMan)
SRV - File not found [On_Demand] --  -- (RasAuto)
SRV - File not found [On_Demand] --  -- (ProtectedStorage)
SRV - File not found [Auto] --  -- (ProfSvc)
SRV - File not found [Auto] --  -- (PolicyAgent)
SRV - File not found [On_Demand] --  -- (PNRPsvc)
SRV - File not found [On_Demand] --  -- (PNRPAutoReg)
SRV - File not found [Auto] --  -- (PlugPlay)
SRV - File not found [On_Demand] --  -- (pla)
SRV - File not found [Auto] --  -- (PcaSvc)
SRV - File not found [On_Demand] --  -- (p2psvc)
SRV - File not found [On_Demand] --  -- (p2pimsvc)
SRV - File not found [On_Demand] --  -- (osppsvc)
SRV - File not found [On_Demand] --  -- (ose)
SRV - File not found [Auto] --  -- (nvsvc)
SRV - File not found [Auto] --  -- (nsi)
SRV - File not found [Auto] --  -- (NlaSvc)
SRV - File not found [Disabled] --  -- (NetTcpPortSharing)
SRV - File not found [Auto] --  -- (netprofm)
SRV - File not found [On_Demand] --  -- (Netman)
SRV - File not found [On_Demand] --  -- (Netlogon)
SRV - File not found [On_Demand] --  -- (napagent)
SRV - File not found [On_Demand] --  -- (msiserver)
SRV - File not found [On_Demand] --  -- (MSiSCSI)
SRV - File not found [On_Demand] --  -- (MSDTC)
SRV - File not found [On_Demand] --  -- (MozillaMaintenance)
SRV - File not found [Auto] --  -- (MMCSS)
SRV - File not found [Disabled] --  -- (Mcx2Svc)
SRV - File not found [Auto] --  -- (lmhosts)
SRV - File not found [On_Demand] --  -- (lltdsvc)
SRV - File not found [Auto] --  -- (LanmanWorkstation)
SRV - File not found [Auto] --  -- (LanmanServer)
SRV - File not found [Auto] --  -- (KtmRm)
SRV - File not found [On_Demand] --  -- (KeyIso)
SRV - File not found [Auto] --  -- (IPBusEnum)
SRV - File not found [Auto] --  -- (IKEEXT)
SRV - File not found [On_Demand] --  -- (idsvc)
SRV - File not found [On_Demand] --  -- (hkmsvc)
SRV - File not found [Auto] --  -- (hidserv)
SRV - File not found [On_Demand] --  -- (gupdatem) Google Update-Dienst (gupdatem)
SRV - File not found [Auto] --  -- (gupdate) Google Update-Dienst (gupdate)
SRV - File not found [Auto] --  -- (gpsvc)
SRV - File not found [On_Demand] --  -- (FontCache3.0.0.0)
SRV - File not found [Auto] --  -- (FontCache)
SRV - File not found [Auto] --  -- (FDResPub)
SRV - File not found [On_Demand] --  -- (fdPHost)
SRV - File not found [Auto] --  -- (EventSystem)
SRV - File not found [Auto] --  -- (Eventlog)
SRV - File not found [Auto] --  -- (EMDMgmt)
SRV - File not found [Auto] --  -- (ehstart)
SRV - File not found [On_Demand] --  -- (ehSched)
SRV - File not found [On_Demand] --  -- (ehRecvr)
SRV - File not found [On_Demand] --  -- (EapHost)
SRV - File not found [Auto] --  -- (DPS)
SRV - File not found [On_Demand] --  -- (dot3svc)
SRV - File not found [Auto] --  -- (Dnscache)
SRV - File not found [Auto] --  -- (Dhcp)
SRV - File not found [On_Demand] --  -- (DFSR)
SRV - File not found [Auto] --  -- (DcomLaunch)
SRV - File not found [Auto] --  -- (CryptSvc)
SRV - File not found [On_Demand] --  -- (COMSysApp)
SRV - File not found [Auto] --  -- (clr_optimization_v4.0.30319_32)
SRV - File not found [Disabled] --  -- (clr_optimization_v2.0.50727_32)
SRV - File not found [On_Demand] --  -- (CertPropSvc)
SRV - File not found [Auto] --  -- (Browser)
SRV - File not found [On_Demand] --  -- (Boonty Games)
SRV - File not found [Auto] --  -- (Bonjour Service)
SRV - File not found [Auto] --  -- (BITS)
SRV - File not found [Disabled] --  -- (BFE)
SRV - File not found [Auto] --  -- (Audiosrv)
SRV - File not found [Auto] --  -- (AudioEndpointBuilder)
SRV - File not found [Auto] --  -- (Apple Mobile Device)
SRV - File not found [On_Demand] --  -- (Appinfo)
SRV - File not found [Disabled] --  -- (AntiVirService)
SRV - File not found [Auto] --  -- (AntiVirSchedulerService)
SRV - File not found [On_Demand] --  -- (ALG)
SRV - File not found [Auto] --  -- (AeLookupSvc)
SRV - File not found [On_Demand] --  -- (AdobeFlashPlayerUpdateSvc)
SRV - File not found [Auto] --  -- (AdobeARMservice)
SRV - [2008/01/20 21:24:35 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2008/01/20 21:23:31 | 000,243,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\qwave.dll -- (QWAVE)
SRV - [2008/01/20 21:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/20 21:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (yukonwlh)
DRV - File not found [Kernel | On_Demand] --  -- (WUDFRd)
DRV - File not found [Kernel | On_Demand] --  -- (WudfPf)
DRV - File not found [Kernel | On_Demand] --  -- (WSDPrintDevice)
DRV - File not found [Kernel | On_Demand] --  -- (WpdUsb)
DRV - File not found [Kernel | On_Demand] --  -- (winusb)
DRV - File not found [Adapter | On_Demand] --  -- (Winsock)
DRV - File not found [Kernel | Boot] --  -- (Wdf01000)
DRV - File not found [Kernel | System] --  -- (Wanarpv6)
DRV - File not found [Kernel | On_Demand] --  -- (Wanarp)
DRV - File not found [Kernel | On_Demand] --  -- (VsmRWDriver)
DRV - File not found [Kernel | Boot] --  -- (volsnap)
DRV - File not found [Kernel | Boot] --  -- (volmgrx)
DRV - File not found [Kernel | Boot] --  -- (volmgr)
DRV - File not found [Kernel | On_Demand] --  -- (viaagp)
DRV - File not found [Kernel | System] --  -- (VgaSave)
DRV - File not found [Kernel | On_Demand] --  -- (vga)
DRV - File not found [Kernel | On_Demand] --  -- (usbvideo) USB-Videogerät (WDM)
DRV - File not found [Kernel | On_Demand] --  -- (usbuhci)
DRV - File not found [Kernel | On_Demand] --  -- (USBSTOR)
DRV - File not found [Kernel | On_Demand] --  -- (usbprint)
DRV - File not found [Kernel | On_Demand] --  -- (usbhub)
DRV - File not found [Kernel | On_Demand] --  -- (usbehci)
DRV - File not found [Kernel | On_Demand] --  -- (usbccgp)
DRV - File not found [Kernel | On_Demand] --  -- (usb_rndisx)
DRV - File not found [Kernel | On_Demand] --  -- (umbus)
DRV - File not found [Kernel | On_Demand] --  -- (uliagpkx)
DRV - File not found [Kernel | On_Demand] --  -- (uagp35)
DRV - File not found [Kernel | On_Demand] --  -- (tunnel)
DRV - File not found [Kernel | On_Demand] --  -- (tunmp)
DRV - File not found [Kernel | On_Demand] --  -- (tssecsrv)
DRV - File not found [Kernel | System] --  -- (TermDD)
DRV - File not found [Kernel | System] --  -- (tdx)
DRV - File not found [Kernel | On_Demand] --  -- (TDTCP)
DRV - File not found [Kernel | On_Demand] --  -- (TDPIPE)
DRV - File not found [Kernel | Auto] --  -- (tcpipreg)
DRV - File not found [Kernel | On_Demand] --  -- (Tcpip6)
DRV - File not found [Kernel | Boot] --  -- (Tcpip)
DRV - File not found [Kernel | On_Demand] --  -- (SynTP)
DRV - File not found [Kernel | On_Demand] --  -- (swenum)
DRV - File not found [Kernel | On_Demand] --  -- (StillCam)
DRV - File not found [File_System | System] --  -- (StarOpen)
DRV - File not found [Kernel | System] --  -- (ssmdrv)
DRV - File not found [File_System | On_Demand] --  -- (srvnet)
DRV - File not found [File_System | On_Demand] --  -- (srv2)
DRV - File not found [File_System | On_Demand] --  -- (srv)
DRV - File not found [Kernel | Boot] --  -- (sptd)
DRV - File not found [Kernel | Boot] --  -- (spldr)
DRV - File not found [Kernel | System] --  -- (Smb)
DRV - File not found [Kernel | On_Demand] --  -- (sisagp)
DRV - File not found [Kernel | On_Demand] --  -- (sffp_sd)
DRV - File not found [Kernel | On_Demand] --  -- (sffp_mmc)
DRV - File not found [Kernel | On_Demand] --  -- (Serial)
DRV - File not found [Kernel | On_Demand] --  -- (Serenum)
DRV - File not found [Kernel | Auto] --  -- (secdrv)
DRV - File not found [Kernel | Auto] --  -- (rspndr)
DRV - File not found [Kernel | On_Demand] --  -- (RDPWD)
DRV - File not found [Kernel | System] --  -- (RDPENCDD)
DRV - File not found [Kernel | System] --  -- (RDPCDD)
DRV - File not found [File_System | System] --  -- (rdbss)
DRV - File not found [Kernel | On_Demand] --  -- (RasSstp)
DRV - File not found [Kernel | On_Demand] --  -- (RasPppoe)
DRV - File not found [Kernel | On_Demand] --  -- (Rasl2tp)
DRV - File not found [Kernel | System] --  -- (RasAcd)
DRV - File not found [Kernel | On_Demand] --  -- (QWAVEdrv)
DRV - File not found [Kernel | System] --  -- (PSched)
DRV - File not found [Kernel | On_Demand] --  -- (PptpMiniport)
DRV - File not found [Kernel | Auto] --  -- (PEAUTH)
DRV - File not found [Kernel | Boot] --  -- (pci)
DRV - File not found [Kernel | Auto] --  -- (Parvdm)
DRV - File not found [Kernel | Boot] --  -- (partmgr)
DRV - File not found [Kernel | On_Demand] --  -- (Parport)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] --  -- (nvlddmkm)
DRV - File not found [Kernel | On_Demand] --  -- (NVHDA)
DRV - File not found [Kernel | On_Demand] --  -- (nv_agp)
DRV - File not found [Kernel | System] --  -- (Null)
DRV - File not found [File_System | On_Demand] --  -- (Ntfs)
DRV - File not found [Kernel | System] --  -- (nsiproxy)
DRV - File not found [File_System | System] --  -- (Npfs)
DRV - File not found [Kernel | On_Demand] --  -- (NETw5v32) Intel(R)
DRV - File not found [Kernel | System] --  -- (netbt)
DRV - File not found [File_System | System] --  -- (NetBIOS)
DRV - File not found [Kernel | On_Demand] --  -- (NDProxy)
DRV - File not found [Kernel | On_Demand] --  -- (NdisWan)
DRV - File not found [Kernel | On_Demand] --  -- (Ndisuio)
DRV - File not found [Kernel | On_Demand] --  -- (NdisTapi)
DRV - File not found [Kernel | Boot] --  -- (NDIS)
DRV - File not found [Kernel | On_Demand] --  -- (NativeWifiP)
DRV - File not found [File_System | Boot] --  -- (Mup)
DRV - File not found [Kernel | On_Demand] --  -- (MSTEE)
DRV - File not found [Kernel | On_Demand] --  -- (mssmbios)
DRV - File not found [Kernel | On_Demand] --  -- (MsRPC)
DRV - File not found [Kernel | On_Demand] --  -- (MSPQM)
DRV - File not found [Kernel | On_Demand] --  -- (MSPCLOCK)
DRV - File not found [Kernel | On_Demand] --  -- (MSKSSRV)
DRV - File not found [Kernel | Boot] --  -- (msisadrv)
DRV - File not found [File_System | System] --  -- (Msfs)
DRV - File not found [Kernel | Boot] --  -- (msahci)
DRV - File not found [File_System | On_Demand] --  -- (mrxsmb20)
DRV - File not found [File_System | On_Demand] --  -- (mrxsmb10)
DRV - File not found [File_System | On_Demand] --  -- (mrxsmb)
DRV - File not found [File_System | On_Demand] --  -- (MRxDAV)
DRV - File not found [Kernel | On_Demand] --  -- (mpsdrv)
DRV - File not found [Kernel | Boot] --  -- (MountMgr)
DRV - File not found [Kernel | On_Demand] --  -- (mouhid)
DRV - File not found [Kernel | System] --  -- (mouclass)
DRV - File not found [Kernel | On_Demand] --  -- (monitor)
DRV - File not found [Kernel | On_Demand] --  -- (Modem)
DRV - File not found [File_System | Auto] --  -- (luafv)
DRV - File not found [Kernel | Auto] --  -- (lltdio)
DRV - File not found [Kernel | Auto] --  -- (lirsgt)
DRV - File not found [Kernel | Boot] --  -- (KSecDD)
DRV - File not found [Kernel | System] --  -- (kbdhid)
DRV - File not found [Kernel | System] --  -- (kbdclass)
DRV - File not found [Kernel | On_Demand] --  -- (iScsiPrt)
DRV - File not found [Kernel | On_Demand] --  -- (IRENUM)
DRV - File not found [Kernel | On_Demand] --  -- (IPNAT)
DRV - File not found [Kernel | On_Demand] --  -- (IpInIp)
DRV - File not found [Kernel | On_Demand] --  -- (IpFilterDriver)
DRV - File not found [Kernel | On_Demand] --  -- (intelppm)
DRV - File not found [Kernel | System] --  -- (i8042prt)
DRV - File not found [Kernel | On_Demand] --  -- (HTTP)
DRV - File not found [Kernel | On_Demand] --  -- (HidUsb)
DRV - File not found [Kernel | On_Demand] --  -- (HDAudBus)
DRV - File not found [Kernel | On_Demand] --  -- (HdAudAddService)
DRV - File not found [Kernel | On_Demand] --  -- (gagp30kx)
DRV - File not found [Recognizer | System] --  -- (Fs_Rec)
DRV - File not found [File_System | Boot] --  -- (FltMgr)
DRV - File not found [File_System | On_Demand] --  -- (Filetrace)
DRV - File not found [File_System | Boot] --  -- (FileInfo)
DRV - File not found [File_System | On_Demand] --  -- (fastfat)
DRV - File not found [File_System | On_Demand] --  -- (exfat)
DRV - File not found [Kernel | Boot] --  -- (Ecache)
DRV - File not found [Kernel | On_Demand] --  -- (E1G60) Intel(R)
DRV - File not found [Kernel | On_Demand] --  -- (DXGKrnl)
DRV - File not found [Kernel | On_Demand] --  -- (drmkaud)
DRV - File not found [Kernel | Boot] --  -- (disk)
DRV - File not found [File_System | System] --  -- (DfsC)
DRV - File not found [Kernel | Boot] --  -- (crcdisk)
DRV - File not found [Kernel | Boot] --  -- (Compbatt)
DRV - File not found [Kernel | On_Demand] --  -- (cmnsusbser)
DRV - File not found [Kernel | On_Demand] --  -- (CmBatt)
DRV - File not found [Kernel | Boot] --  -- (CLFS) Common Log (CLFS)
DRV - File not found [Kernel | System] --  -- (cdrom)
DRV - File not found [Kernel | On_Demand] --  -- (BrUsbSer)
DRV - File not found [Kernel | On_Demand] --  -- (BrFiltUp)
DRV - File not found [Kernel | On_Demand] --  -- (BrFiltLo)
DRV - File not found [File_System | On_Demand] --  -- (bowser)
DRV - File not found [Kernel | System] --  -- (Beep)
DRV - File not found [Kernel | System] --  -- (avkmgr)
DRV - File not found [Kernel | System] --  -- (avipbb)
DRV - File not found [Kernel | Auto] --  -- (atksgt)
DRV - File not found [Kernel | Boot] --  -- (atapi)
DRV - File not found [Kernel | On_Demand] --  -- (AsyncMac)
DRV - File not found [Kernel | On_Demand] --  -- (amdagp)
DRV - File not found [Kernel | On_Demand] --  -- (agp440)
DRV - File not found [Kernel | System] --  -- (AFD)
DRV - File not found [Kernel | Boot] --  -- (ACPI)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Gast_ON_D\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} -  File not found
IE - HKU\Gast_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\LocalService_ON_D\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} -  File not found
 
IE - HKU\Mel_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = SPIEGEL ONLINE - Nachrichten
IE - HKU\Mel_ON_D\Software\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\Mel_ON_D\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\Mel_ON_D\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} -  File not found
IE - HKU\Mel_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Mel_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\NetworkService_ON_D\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} -  File not found
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer:  File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin:  File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2:  File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader:  File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
 
Hosts file not found
O2 - BHO: (flvdome) - {18b882fe-56fa-0f27-68f5-0f7df0f34f38} -  File not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -  File not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} -  File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} -  File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  File not found
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} -  File not found
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} -  File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  File not found
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -  File not found
O3 - HKU\Mel_ON_D\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM]  File not found
O4 - HKLM..\Run: [avgnt]  File not found
O4 - HKLM..\Run: [DivXUpdate]  File not found
O4 - HKLM..\Run: [HP Software Update]  File not found
O4 - HKLM..\Run: [NeroCheck]  File not found
O4 - HKLM..\Run: [NvCplDaemon]  File not found
O4 - HKLM..\Run: [NvMediaCenter]  File not found
O4 - HKLM..\Run: [QuickTime Task]  File not found
O4 - HKLM..\Run: [starter4g]  File not found
O4 - HKLM..\Run: [SunJavaUpdateSched]  File not found
O4 - HKLM..\Run: [SynTPEnh]  File not found
O4 - HKLM..\Run: [Windows Mobile-based device management] D:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\Gast_ON_D..\Run: [Sidebar]  File not found
O4 - HKU\LocalService_ON_D..\Run: [Sidebar]  File not found
O4 - HKU\LocalService_ON_D..\Run: [WindowsWelcomeCenter]  File not found
O4 - HKU\Mel_ON_D..\Run: [DAEMON Tools Lite]  File not found
O4 - HKU\Mel_ON_D..\Run: [EmbMachineComms.exe]  File not found
O4 - HKU\Mel_ON_D..\Run: [HP Officejet Pro 8600 (NET)]  File not found
O4 - HKU\Mel_ON_D..\Run: [icq]  File not found
O4 - HKU\Mel_ON_D..\Run: [Sidebar]  File not found
O4 - HKU\Mel_ON_D..\Run: [SpybotSD TeaTimer]  File not found
O4 - HKU\Mel_ON_D..\Run: [WMPNSCFG]  File not found
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar]  File not found
O4 - HKU\NetworkService_ON_D..\Run: [WindowsWelcomeCenter]  File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} -  File not found
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} -  File not found
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -  File not found
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -  File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 -  File not found
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} -  File not found
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} -  File not found
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} -  File not found
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} -  File not found
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} -  File not found
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} -  File not found
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} -  File not found
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} -  File not found
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} -  File not found
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} -  File not found
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} -  File not found
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} -  File not found
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} -  File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} -  File not found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} -  File not found
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} -  File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  File not found
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} -  File not found
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} -  File not found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  File not found
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} -  File not found
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} -  File not found
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -  File not found
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -  File not found
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -  File not found
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -  File not found
O20 - HKU\Mel_ON_D Winlogon: Shell - (explorer.exe) -  File not found
O20 - HKU\Mel_ON_D Winlogon: Shell - (C:\Users\Mel\AppData\Roaming\skype.dat) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  File not found
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon -  File not found
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O29 - HKLM SecurityProviders - (credssp.dll) -  File not found
O30 - LSA: Authentication Packages - (msv1_0) -  File not found
O30 - LSA: Security Packages - (kerberos) -  File not found
O30 - LSA: Security Packages - (msv1_0) -  File not found
O30 - LSA: Security Packages - (schannel) -  File not found
O30 - LSA: Security Packages - (wdigest) -  File not found
O30 - LSA: Security Packages - (tspkg) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
 
========== Files - Modified Within 30 Days ==========
 
 
========== Files Created - No Company Name ==========
 
 
========== LOP Check ==========
 
 
========== Purity Check ==========
 
 
< End of report >
--- --- ---


Inhalt Extras.txt

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 1/31/2013 10:26:39 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144.09 Gb Total Space | 83.74 Gb Free Space | 58.11% Space Free | Partition Type: NTFS
Drive D: | 144.00 Gb Total Space | 29.88 Gb Free Space | 20.75% Space Free | Partition Type: NTFS
Drive E: | 29.81 Gb Total Space | 29.81 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- %SystemRoot%\System32\control.exe "%1",%*
.hlp [@ = hlpfile] -- %SystemRoot%\winhlp32.exe %1
.hta [@ = htafile] -- C:\Windows\system32\mshta.exe "%1" %*
.html [@ = htmlfile] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
.inf [@ = inffile] -- %SystemRoot%\system32\NOTEPAD.EXE %1
.ini [@ = inifile] -- %SystemRoot%\system32\NOTEPAD.EXE %1
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.jse [@ = JSEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.reg [@ = regfile] -- regedit.exe "%1"
.txt [@ = txtfile] -- %SystemRoot%\system32\NOTEPAD.EXE %1
.vbe [@ = VBEFile] -- "%SystemRoot%\System32\WScript.exe" "%1" %*
.vbs [@ = VBSFile] -- "%SystemRoot%\System32\WScript.exe" "%1" %*
.wsf [@ = WSFFile] -- "%SystemRoot%\System32\WScript.exe" "%1" %*
.wsh [@ = WSHFile] -- "%SystemRoot%\System32\WScript.exe" "%1" %*
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1"
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1"
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1"
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1"
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4"
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %*
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %*
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %*
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %*
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1"
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L
Drive [find] -- %SystemRoot%\Explorer.exe
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe"
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A138994-04B3-4AE2-AB89-74B818AFB1B3}" = Samsung PC Studio 3
"{1D619FC4-4F88-406C-9E78-B948BFC998FA}" = AtlantisQuest
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2C26B97F-698E-4E04-B398-8203B147859B}_is1" = TOPP Vorlagen-Druckstudio (5156)
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7730D510-6DE2-4CD4-8F58-0B04680AEFE6}" = Mysteryville 2
"{7DEC2F16-99AF-4DF2-9468-AC3D20CA7CC4}" = Revolution Dreamcard Player
"{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}" = HP Update
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8DD32D05-002D-4771-94F4-5E91377A402C}" = 5D Embroidery Machine Communication
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{915431C1-6023-4330-A111-5B7A5521E9D7}_is1" = TOPP Vorlagen-Druckstudio (5641)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95DE5A0D-DA93-40B2-BD6E-F0F8698BA2D7}" = 5D 32-bit VSM Device Drivers 8.2
"{98D64F70-1BE2-4E06-A58E-50FF642B3F24}" = HP Officejet Pro 8600 - Grundlegende Software für das Gerät
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AA179F5-EAE2-4997-B03E-989068643DBF}" = Brickshooter Egypt
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A33598C4-1357-4A71-B322-BE6F1DFBBF5A}" = MagicMaps Tour Explorer Deutschland Demo
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}" = HP Officejet Pro 8600 Hilfe
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF26A5F6-6760-495B-AE45-E7B37A3836A1}" = passt
"1t_xZGA-j__N" = LoudMo Contextual Ad Assistant
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"Audiograbber" = Audiograbber 1.83 SE 
"Avira AntiVir Desktop" = Avira Free Antivirus
"Broken Sword 2.5_is1" = Broken Sword 2.5
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CCleaner" = CCleaner
"CellFiver_is1" = CellFiver
"Clever" = Clever
"Der Stein der Weisen" = Der Stein der Weisen
"DivX Setup" = DivX-Setup
"Free FLV Converter_is1" = Free FLV Converter V 6.7.4
"Luxor 2_is1" = Luxor 2 en
"Luxor 3" = Luxor 3
"MagicJewels" = MagicJewels (remove only)
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"Mozilla Thunderbird 17.0.2 (x86 de)" = Mozilla Thunderbird 17.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPE" = MyPhoneExplorer
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PhotoStitch" = Canon Utilities PhotoStitch
"PirateVille" = PirateVille
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TheLastRipper" = TheLastRipper 1.4
"Treasures Of Mystery Island" = Treasures Of Mystery Island
"Um die Welt in 80 Tagen_is1" = Um die Welt in 80 Tagen 1.0
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 0.9.8a
"Winamp" = Winamp
"XSManager" = XSManager
"YTdetect" = Yahoo! Detect
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\Mel_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ActiveTouchMeetingClient" = Cisco WebEx Meetings
"ICQ" = ICQ 8.0 (build 5981, für aktuellen Benutzer)
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
< End of report >
--- --- ---

Vorne weg- klappte nach einem 20 Minütigen Blackscreen erst beim zweiten Versuch zu booten.
Habe dann nur eine otl und keine extra datei bekommen.
Auswahl otlpe bei extra Registry war auf None -habe ich auf Use Safelist gesetzt -nun gabs auch eine Extra Datei...

Inhalt otl.txtOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 1/31/2013 10:26:38 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144.09 Gb Total Space | 83.74 Gb Free Space | 58.11% Space Free | Partition Type: NTFS
Drive D: | 144.00 Gb Total Space | 29.88 Gb Free Space | 20.75% Space Free | Partition Type: NTFS
Drive E: | 29.81 Gb Total Space | 29.81 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto] --  -- (XS Stick Service)
SRV - File not found [Auto] --  -- (wudfsvc)
SRV - File not found [Auto] --  -- (wuauserv)
SRV - File not found [Auto] --  -- (WTGService)
SRV - File not found [Auto] --  -- (WSearch)
SRV - File not found [On_Demand] --  -- (WPFFontCache_v0400)
SRV - File not found [Auto] --  -- (WPDBusEnum)
SRV - File not found [On_Demand] --  -- (WPCSvc)
SRV - File not found [Auto] --  -- (WMPNetworkSvc)
SRV - File not found [On_Demand] --  -- (wmiApSrv)
SRV - File not found [Auto] --  -- (wlidsvc)
SRV - File not found [Auto] --  -- (Wlansvc)
SRV - File not found [On_Demand] --  -- (WinRM)
SRV - File not found [Auto] --  -- (Winmgmt)
SRV - File not found [On_Demand] --  -- (WinHttpAutoProxySvc)
SRV - File not found [Auto] --  -- (WerSvc)
SRV - File not found [On_Demand] --  -- (wercplsupport)
SRV - File not found [On_Demand] --  -- (Wecsvc)
SRV - File not found [Auto] --  -- (WebClient)
SRV - File not found [On_Demand] --  -- (WdiSystemHost)
SRV - File not found [On_Demand] --  -- (WdiServiceHost)
SRV - File not found [On_Demand] --  -- (WcsPlugInService)
SRV - File not found [On_Demand] --  -- (wcncsvc)
SRV - File not found [Auto] --  -- (W32Time)
SRV - File not found [On_Demand] --  -- (VSS)
SRV - File not found [On_Demand] --  -- (vds)
SRV - File not found [Auto] --  -- (UxSms)
SRV - File not found [Auto] --  -- (upnphost)
SRV - File not found [On_Demand] --  -- (UI0Detect)
SRV - File not found [On_Demand] --  -- (TrustedInstaller)
SRV - File not found [Auto] --  -- (TrkWks)
SRV - File not found [On_Demand] --  -- (THREADORDER)
SRV - File not found [Auto] --  -- (Themes)
SRV - File not found [Auto] --  -- (TermService)
SRV - File not found [Auto] --  -- (TBS)
SRV - File not found [On_Demand] --  -- (TapiSrv)
SRV - File not found [Auto] --  -- (TabletInputService)
SRV - File not found [Auto] --  -- (SysMain)
SRV - File not found [On_Demand] --  -- (swprv)
SRV - File not found [Auto] --  -- (stisvc)
SRV - File not found [On_Demand] --  -- (SstpSvc)
SRV - File not found [On_Demand] --  -- (SSDPSRV)
SRV - File not found [Auto] --  -- (Spooler)
SRV - File not found [On_Demand] --  -- (SNMPTRAP)
SRV - File not found [On_Demand] --  -- (SLUINotify)
SRV - File not found [Auto] --  -- (slsvc)
SRV - File not found [Auto] --  -- (SkypeUpdate)
SRV - File not found [Auto] --  -- (ShellHWDetection)
SRV - File not found [Disabled] --  -- (SharedAccess)
SRV - File not found [On_Demand] --  -- (SessionEnv)
SRV - File not found [Auto] --  -- (SENS)
SRV - File not found [On_Demand] --  -- (SDRSVC)
SRV - File not found [On_Demand] --  -- (SCPolicySvc)
SRV - File not found [Auto] --  -- (Schedule)
SRV - File not found [On_Demand] --  -- (SCardSvr)
SRV - File not found [Auto] --  -- (SamSs)
SRV - File not found [Auto] --  -- (RpcSs)
SRV - File not found [On_Demand] --  -- (RpcLocator)
SRV - File not found [On_Demand] --  -- (RemoteRegistry)
SRV - File not found [Disabled] --  -- (RemoteAccess)
SRV - File not found [On_Demand] --  -- (RasMan)
SRV - File not found [On_Demand] --  -- (RasAuto)
SRV - File not found [On_Demand] --  -- (ProtectedStorage)
SRV - File not found [Auto] --  -- (ProfSvc)
SRV - File not found [Auto] --  -- (PolicyAgent)
SRV - File not found [On_Demand] --  -- (PNRPsvc)
SRV - File not found [On_Demand] --  -- (PNRPAutoReg)
SRV - File not found [Auto] --  -- (PlugPlay)
SRV - File not found [On_Demand] --  -- (pla)
SRV - File not found [Auto] --  -- (PcaSvc)
SRV - File not found [On_Demand] --  -- (p2psvc)
SRV - File not found [On_Demand] --  -- (p2pimsvc)
SRV - File not found [On_Demand] --  -- (osppsvc)
SRV - File not found [On_Demand] --  -- (ose)
SRV - File not found [Auto] --  -- (nvsvc)
SRV - File not found [Auto] --  -- (nsi)
SRV - File not found [Auto] --  -- (NlaSvc)
SRV - File not found [Disabled] --  -- (NetTcpPortSharing)
SRV - File not found [Auto] --  -- (netprofm)
SRV - File not found [On_Demand] --  -- (Netman)
SRV - File not found [On_Demand] --  -- (Netlogon)
SRV - File not found [On_Demand] --  -- (napagent)
SRV - File not found [On_Demand] --  -- (msiserver)
SRV - File not found [On_Demand] --  -- (MSiSCSI)
SRV - File not found [On_Demand] --  -- (MSDTC)
SRV - File not found [On_Demand] --  -- (MozillaMaintenance)
SRV - File not found [Auto] --  -- (MMCSS)
SRV - File not found [Disabled] --  -- (Mcx2Svc)
SRV - File not found [Auto] --  -- (lmhosts)
SRV - File not found [On_Demand] --  -- (lltdsvc)
SRV - File not found [Auto] --  -- (LanmanWorkstation)
SRV - File not found [Auto] --  -- (LanmanServer)
SRV - File not found [Auto] --  -- (KtmRm)
SRV - File not found [On_Demand] --  -- (KeyIso)
SRV - File not found [Auto] --  -- (IPBusEnum)
SRV - File not found [Auto] --  -- (IKEEXT)
SRV - File not found [On_Demand] --  -- (idsvc)
SRV - File not found [On_Demand] --  -- (hkmsvc)
SRV - File not found [Auto] --  -- (hidserv)
SRV - File not found [On_Demand] --  -- (gupdatem) Google Update-Dienst (gupdatem)
SRV - File not found [Auto] --  -- (gupdate) Google Update-Dienst (gupdate)
SRV - File not found [Auto] --  -- (gpsvc)
SRV - File not found [On_Demand] --  -- (FontCache3.0.0.0)
SRV - File not found [Auto] --  -- (FontCache)
SRV - File not found [Auto] --  -- (FDResPub)
SRV - File not found [On_Demand] --  -- (fdPHost)
SRV - File not found [Auto] --  -- (EventSystem)
SRV - File not found [Auto] --  -- (Eventlog)
SRV - File not found [Auto] --  -- (EMDMgmt)
SRV - File not found [Auto] --  -- (ehstart)
SRV - File not found [On_Demand] --  -- (ehSched)
SRV - File not found [On_Demand] --  -- (ehRecvr)
SRV - File not found [On_Demand] --  -- (EapHost)
SRV - File not found [Auto] --  -- (DPS)
SRV - File not found [On_Demand] --  -- (dot3svc)
SRV - File not found [Auto] --  -- (Dnscache)
SRV - File not found [Auto] --  -- (Dhcp)
SRV - File not found [On_Demand] --  -- (DFSR)
SRV - File not found [Auto] --  -- (DcomLaunch)
SRV - File not found [Auto] --  -- (CryptSvc)
SRV - File not found [On_Demand] --  -- (COMSysApp)
SRV - File not found [Auto] --  -- (clr_optimization_v4.0.30319_32)
SRV - File not found [Disabled] --  -- (clr_optimization_v2.0.50727_32)
SRV - File not found [On_Demand] --  -- (CertPropSvc)
SRV - File not found [Auto] --  -- (Browser)
SRV - File not found [On_Demand] --  -- (Boonty Games)
SRV - File not found [Auto] --  -- (Bonjour Service)
SRV - File not found [Auto] --  -- (BITS)
SRV - File not found [Disabled] --  -- (BFE)
SRV - File not found [Auto] --  -- (Audiosrv)
SRV - File not found [Auto] --  -- (AudioEndpointBuilder)
SRV - File not found [Auto] --  -- (Apple Mobile Device)
SRV - File not found [On_Demand] --  -- (Appinfo)
SRV - File not found [Disabled] --  -- (AntiVirService)
SRV - File not found [Auto] --  -- (AntiVirSchedulerService)
SRV - File not found [On_Demand] --  -- (ALG)
SRV - File not found [Auto] --  -- (AeLookupSvc)
SRV - File not found [On_Demand] --  -- (AdobeFlashPlayerUpdateSvc)
SRV - File not found [Auto] --  -- (AdobeARMservice)
SRV - [2008/01/20 21:24:35 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2008/01/20 21:23:31 | 000,243,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\qwave.dll -- (QWAVE)
SRV - [2008/01/20 21:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/20 21:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (yukonwlh)
DRV - File not found [Kernel | On_Demand] --  -- (WUDFRd)
DRV - File not found [Kernel | On_Demand] --  -- (WudfPf)
DRV - File not found [Kernel | On_Demand] --  -- (WSDPrintDevice)
DRV - File not found [Kernel | On_Demand] --  -- (WpdUsb)
DRV - File not found [Kernel | On_Demand] --  -- (winusb)
DRV - File not found [Adapter | On_Demand] --  -- (Winsock)
DRV - File not found [Kernel | Boot] --  -- (Wdf01000)
DRV - File not found [Kernel | System] --  -- (Wanarpv6)
DRV - File not found [Kernel | On_Demand] --  -- (Wanarp)
DRV - File not found [Kernel | On_Demand] --  -- (VsmRWDriver)
DRV - File not found [Kernel | Boot] --  -- (volsnap)
DRV - File not found [Kernel | Boot] --  -- (volmgrx)
DRV - File not found [Kernel | Boot] --  -- (volmgr)
DRV - File not found [Kernel | On_Demand] --  -- (viaagp)
DRV - File not found [Kernel | System] --  -- (VgaSave)
DRV - File not found [Kernel | On_Demand] --  -- (vga)
DRV - File not found [Kernel | On_Demand] --  -- (usbvideo) USB-Videogerät (WDM)
DRV - File not found [Kernel | On_Demand] --  -- (usbuhci)
DRV - File not found [Kernel | On_Demand] --  -- (USBSTOR)
DRV - File not found [Kernel | On_Demand] --  -- (usbprint)
DRV - File not found [Kernel | On_Demand] --  -- (usbhub)
DRV - File not found [Kernel | On_Demand] --  -- (usbehci)
DRV - File not found [Kernel | On_Demand] --  -- (usbccgp)
DRV - File not found [Kernel | On_Demand] --  -- (usb_rndisx)
DRV - File not found [Kernel | On_Demand] --  -- (umbus)
DRV - File not found [Kernel | On_Demand] --  -- (uliagpkx)
DRV - File not found [Kernel | On_Demand] --  -- (uagp35)
DRV - File not found [Kernel | On_Demand] --  -- (tunnel)
DRV - File not found [Kernel | On_Demand] --  -- (tunmp)
DRV - File not found [Kernel | On_Demand] --  -- (tssecsrv)
DRV - File not found [Kernel | System] --  -- (TermDD)
DRV - File not found [Kernel | System] --  -- (tdx)
DRV - File not found [Kernel | On_Demand] --  -- (TDTCP)
DRV - File not found [Kernel | On_Demand] --  -- (TDPIPE)
DRV - File not found [Kernel | Auto] --  -- (tcpipreg)
DRV - File not found [Kernel | On_Demand] --  -- (Tcpip6)
DRV - File not found [Kernel | Boot] --  -- (Tcpip)
DRV - File not found [Kernel | On_Demand] --  -- (SynTP)
DRV - File not found [Kernel | On_Demand] --  -- (swenum)
DRV - File not found [Kernel | On_Demand] --  -- (StillCam)
DRV - File not found [File_System | System] --  -- (StarOpen)
DRV - File not found [Kernel | System] --  -- (ssmdrv)
DRV - File not found [File_System | On_Demand] --  -- (srvnet)
DRV - File not found [File_System | On_Demand] --  -- (srv2)
DRV - File not found [File_System | On_Demand] --  -- (srv)
DRV - File not found [Kernel | Boot] --  -- (sptd)
DRV - File not found [Kernel | Boot] --  -- (spldr)
DRV - File not found [Kernel | System] --  -- (Smb)
DRV - File not found [Kernel | On_Demand] --  -- (sisagp)
DRV - File not found [Kernel | On_Demand] --  -- (sffp_sd)
DRV - File not found [Kernel | On_Demand] --  -- (sffp_mmc)
DRV - File not found [Kernel | On_Demand] --  -- (Serial)
DRV - File not found [Kernel | On_Demand] --  -- (Serenum)
DRV - File not found [Kernel | Auto] --  -- (secdrv)
DRV - File not found [Kernel | Auto] --  -- (rspndr)
DRV - File not found [Kernel | On_Demand] --  -- (RDPWD)
DRV - File not found [Kernel | System] --  -- (RDPENCDD)
DRV - File not found [Kernel | System] --  -- (RDPCDD)
DRV - File not found [File_System | System] --  -- (rdbss)
DRV - File not found [Kernel | On_Demand] --  -- (RasSstp)
DRV - File not found [Kernel | On_Demand] --  -- (RasPppoe)
DRV - File not found [Kernel | On_Demand] --  -- (Rasl2tp)
DRV - File not found [Kernel | System] --  -- (RasAcd)
DRV - File not found [Kernel | On_Demand] --  -- (QWAVEdrv)
DRV - File not found [Kernel | System] --  -- (PSched)
DRV - File not found [Kernel | On_Demand] --  -- (PptpMiniport)
DRV - File not found [Kernel | Auto] --  -- (PEAUTH)
DRV - File not found [Kernel | Boot] --  -- (pci)
DRV - File not found [Kernel | Auto] --  -- (Parvdm)
DRV - File not found [Kernel | Boot] --  -- (partmgr)
DRV - File not found [Kernel | On_Demand] --  -- (Parport)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] --  -- (nvlddmkm)
DRV - File not found [Kernel | On_Demand] --  -- (NVHDA)
DRV - File not found [Kernel | On_Demand] --  -- (nv_agp)
DRV - File not found [Kernel | System] --  -- (Null)
DRV - File not found [File_System | On_Demand] --  -- (Ntfs)
DRV - File not found [Kernel | System] --  -- (nsiproxy)
DRV - File not found [File_System | System] --  -- (Npfs)
DRV - File not found [Kernel | On_Demand] --  -- (NETw5v32) Intel(R)
DRV - File not found [Kernel | System] --  -- (netbt)
DRV - File not found [File_System | System] --  -- (NetBIOS)
DRV - File not found [Kernel | On_Demand] --  -- (NDProxy)
DRV - File not found [Kernel | On_Demand] --  -- (NdisWan)
DRV - File not found [Kernel | On_Demand] --  -- (Ndisuio)
DRV - File not found [Kernel | On_Demand] --  -- (NdisTapi)
DRV - File not found [Kernel | Boot] --  -- (NDIS)
DRV - File not found [Kernel | On_Demand] --  -- (NativeWifiP)
DRV - File not found [File_System | Boot] --  -- (Mup)
DRV - File not found [Kernel | On_Demand] --  -- (MSTEE)
DRV - File not found [Kernel | On_Demand] --  -- (mssmbios)
DRV - File not found [Kernel | On_Demand] --  -- (MsRPC)
DRV - File not found [Kernel | On_Demand] --  -- (MSPQM)
DRV - File not found [Kernel | On_Demand] --  -- (MSPCLOCK)
DRV - File not found [Kernel | On_Demand] --  -- (MSKSSRV)
DRV - File not found [Kernel | Boot] --  -- (msisadrv)
DRV - File not found [File_System | System] --  -- (Msfs)
DRV - File not found [Kernel | Boot] --  -- (msahci)
DRV - File not found [File_System | On_Demand] --  -- (mrxsmb20)
DRV - File not found [File_System | On_Demand] --  -- (mrxsmb10)
DRV - File not found [File_System | On_Demand] --  -- (mrxsmb)
DRV - File not found [File_System | On_Demand] --  -- (MRxDAV)
DRV - File not found [Kernel | On_Demand] --  -- (mpsdrv)
DRV - File not found [Kernel | Boot] --  -- (MountMgr)
DRV - File not found [Kernel | On_Demand] --  -- (mouhid)
DRV - File not found [Kernel | System] --  -- (mouclass)
DRV - File not found [Kernel | On_Demand] --  -- (monitor)
DRV - File not found [Kernel | On_Demand] --  -- (Modem)
DRV - File not found [File_System | Auto] --  -- (luafv)
DRV - File not found [Kernel | Auto] --  -- (lltdio)
DRV - File not found [Kernel | Auto] --  -- (lirsgt)
DRV - File not found [Kernel | Boot] --  -- (KSecDD)
DRV - File not found [Kernel | System] --  -- (kbdhid)
DRV - File not found [Kernel | System] --  -- (kbdclass)
DRV - File not found [Kernel | On_Demand] --  -- (iScsiPrt)
DRV - File not found [Kernel | On_Demand] --  -- (IRENUM)
DRV - File not found [Kernel | On_Demand] --  -- (IPNAT)
DRV - File not found [Kernel | On_Demand] --  -- (IpInIp)
DRV - File not found [Kernel | On_Demand] --  -- (IpFilterDriver)
DRV - File not found [Kernel | On_Demand] --  -- (intelppm)
DRV - File not found [Kernel | System] --  -- (i8042prt)
DRV - File not found [Kernel | On_Demand] --  -- (HTTP)
DRV - File not found [Kernel | On_Demand] --  -- (HidUsb)
DRV - File not found [Kernel | On_Demand] --  -- (HDAudBus)
DRV - File not found [Kernel | On_Demand] --  -- (HdAudAddService)
DRV - File not found [Kernel | On_Demand] --  -- (gagp30kx)
DRV - File not found [Recognizer | System] --  -- (Fs_Rec)
DRV - File not found [File_System | Boot] --  -- (FltMgr)
DRV - File not found [File_System | On_Demand] --  -- (Filetrace)
DRV - File not found [File_System | Boot] --  -- (FileInfo)
DRV - File not found [File_System | On_Demand] --  -- (fastfat)
DRV - File not found [File_System | On_Demand] --  -- (exfat)
DRV - File not found [Kernel | Boot] --  -- (Ecache)
DRV - File not found [Kernel | On_Demand] --  -- (E1G60) Intel(R)
DRV - File not found [Kernel | On_Demand] --  -- (DXGKrnl)
DRV - File not found [Kernel | On_Demand] --  -- (drmkaud)
DRV - File not found [Kernel | Boot] --  -- (disk)
DRV - File not found [File_System | System] --  -- (DfsC)
DRV - File not found [Kernel | Boot] --  -- (crcdisk)
DRV - File not found [Kernel | Boot] --  -- (Compbatt)
DRV - File not found [Kernel | On_Demand] --  -- (cmnsusbser)
DRV - File not found [Kernel | On_Demand] --  -- (CmBatt)
DRV - File not found [Kernel | Boot] --  -- (CLFS) Common Log (CLFS)
DRV - File not found [Kernel | System] --  -- (cdrom)
DRV - File not found [Kernel | On_Demand] --  -- (BrUsbSer)
DRV - File not found [Kernel | On_Demand] --  -- (BrFiltUp)
DRV - File not found [Kernel | On_Demand] --  -- (BrFiltLo)
DRV - File not found [File_System | On_Demand] --  -- (bowser)
DRV - File not found [Kernel | System] --  -- (Beep)
DRV - File not found [Kernel | System] --  -- (avkmgr)
DRV - File not found [Kernel | System] --  -- (avipbb)
DRV - File not found [Kernel | Auto] --  -- (atksgt)
DRV - File not found [Kernel | Boot] --  -- (atapi)
DRV - File not found [Kernel | On_Demand] --  -- (AsyncMac)
DRV - File not found [Kernel | On_Demand] --  -- (amdagp)
DRV - File not found [Kernel | On_Demand] --  -- (agp440)
DRV - File not found [Kernel | System] --  -- (AFD)
DRV - File not found [Kernel | Boot] --  -- (ACPI)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Gast_ON_D\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} -  File not found
IE - HKU\Gast_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\LocalService_ON_D\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} -  File not found
 
IE - HKU\Mel_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = SPIEGEL ONLINE - Nachrichten
IE - HKU\Mel_ON_D\Software\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\Mel_ON_D\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\Mel_ON_D\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} -  File not found
IE - HKU\Mel_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Mel_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\NetworkService_ON_D\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} -  File not found
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer:  File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin:  File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2:  File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader:  File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
 
Hosts file not found
O2 - BHO: (flvdome) - {18b882fe-56fa-0f27-68f5-0f7df0f34f38} -  File not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -  File not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} -  File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} -  File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  File not found
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} -  File not found
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} -  File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  File not found
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -  File not found
O3 - HKU\Mel_ON_D\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM]  File not found
O4 - HKLM..\Run: [avgnt]  File not found
O4 - HKLM..\Run: [DivXUpdate]  File not found
O4 - HKLM..\Run: [HP Software Update]  File not found
O4 - HKLM..\Run: [NeroCheck]  File not found
O4 - HKLM..\Run: [NvCplDaemon]  File not found
O4 - HKLM..\Run: [NvMediaCenter]  File not found
O4 - HKLM..\Run: [QuickTime Task]  File not found
O4 - HKLM..\Run: [starter4g]  File not found
O4 - HKLM..\Run: [SunJavaUpdateSched]  File not found
O4 - HKLM..\Run: [SynTPEnh]  File not found
O4 - HKLM..\Run: [Windows Mobile-based device management] D:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\Gast_ON_D..\Run: [Sidebar]  File not found
O4 - HKU\LocalService_ON_D..\Run: [Sidebar]  File not found
O4 - HKU\LocalService_ON_D..\Run: [WindowsWelcomeCenter]  File not found
O4 - HKU\Mel_ON_D..\Run: [DAEMON Tools Lite]  File not found
O4 - HKU\Mel_ON_D..\Run: [EmbMachineComms.exe]  File not found
O4 - HKU\Mel_ON_D..\Run: [HP Officejet Pro 8600 (NET)]  File not found
O4 - HKU\Mel_ON_D..\Run: [icq]  File not found
O4 - HKU\Mel_ON_D..\Run: [Sidebar]  File not found
O4 - HKU\Mel_ON_D..\Run: [SpybotSD TeaTimer]  File not found
O4 - HKU\Mel_ON_D..\Run: [WMPNSCFG]  File not found
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar]  File not found
O4 - HKU\NetworkService_ON_D..\Run: [WindowsWelcomeCenter]  File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} -  File not found
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} -  File not found
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -  File not found
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -  File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 -  File not found
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} -  File not found
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} -  File not found
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} -  File not found
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} -  File not found
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} -  File not found
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} -  File not found
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} -  File not found
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} -  File not found
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} -  File not found
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} -  File not found
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} -  File not found
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} -  File not found
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} -  File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} -  File not found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} -  File not found
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} -  File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  File not found
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} -  File not found
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} -  File not found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  File not found
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} -  File not found
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} -  File not found
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -  File not found
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -  File not found
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -  File not found
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -  File not found
O20 - HKU\Mel_ON_D Winlogon: Shell - (explorer.exe) -  File not found
O20 - HKU\Mel_ON_D Winlogon: Shell - (C:\Users\Mel\AppData\Roaming\skype.dat) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  File not found
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon -  File not found
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O29 - HKLM SecurityProviders - (credssp.dll) -  File not found
O30 - LSA: Authentication Packages - (msv1_0) -  File not found
O30 - LSA: Security Packages - (kerberos) -  File not found
O30 - LSA: Security Packages - (msv1_0) -  File not found
O30 - LSA: Security Packages - (schannel) -  File not found
O30 - LSA: Security Packages - (wdigest) -  File not found
O30 - LSA: Security Packages - (tspkg) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
 
========== Files - Modified Within 30 Days ==========
 
 
========== Files Created - No Company Name ==========
 
 
========== LOP Check ==========
 
 
========== Purity Check ==========
 
 
< End of report >
--- --- ---


Inhalt Extras.txt

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 1/31/2013 10:26:39 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144.09 Gb Total Space | 83.74 Gb Free Space | 58.11% Space Free | Partition Type: NTFS
Drive D: | 144.00 Gb Total Space | 29.88 Gb Free Space | 20.75% Space Free | Partition Type: NTFS
Drive E: | 29.81 Gb Total Space | 29.81 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- %SystemRoot%\System32\control.exe "%1",%*
.hlp [@ = hlpfile] -- %SystemRoot%\winhlp32.exe %1
.hta [@ = htafile] -- C:\Windows\system32\mshta.exe "%1" %*
.html [@ = htmlfile] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
.inf [@ = inffile] -- %SystemRoot%\system32\NOTEPAD.EXE %1
.ini [@ = inifile] -- %SystemRoot%\system32\NOTEPAD.EXE %1
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.jse [@ = JSEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.reg [@ = regfile] -- regedit.exe "%1"
.txt [@ = txtfile] -- %SystemRoot%\system32\NOTEPAD.EXE %1
.vbe [@ = VBEFile] -- "%SystemRoot%\System32\WScript.exe" "%1" %*
.vbs [@ = VBSFile] -- "%SystemRoot%\System32\WScript.exe" "%1" %*
.wsf [@ = WSFFile] -- "%SystemRoot%\System32\WScript.exe" "%1" %*
.wsh [@ = WSHFile] -- "%SystemRoot%\System32\WScript.exe" "%1" %*
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1"
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1"
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1"
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1"
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4"
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %*
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %*
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %*
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %*
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1"
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L
Drive [find] -- %SystemRoot%\Explorer.exe
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe"
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A138994-04B3-4AE2-AB89-74B818AFB1B3}" = Samsung PC Studio 3
"{1D619FC4-4F88-406C-9E78-B948BFC998FA}" = AtlantisQuest
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2C26B97F-698E-4E04-B398-8203B147859B}_is1" = TOPP Vorlagen-Druckstudio (5156)
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7730D510-6DE2-4CD4-8F58-0B04680AEFE6}" = Mysteryville 2
"{7DEC2F16-99AF-4DF2-9468-AC3D20CA7CC4}" = Revolution Dreamcard Player
"{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}" = HP Update
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8DD32D05-002D-4771-94F4-5E91377A402C}" = 5D Embroidery Machine Communication
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{915431C1-6023-4330-A111-5B7A5521E9D7}_is1" = TOPP Vorlagen-Druckstudio (5641)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95DE5A0D-DA93-40B2-BD6E-F0F8698BA2D7}" = 5D 32-bit VSM Device Drivers 8.2
"{98D64F70-1BE2-4E06-A58E-50FF642B3F24}" = HP Officejet Pro 8600 - Grundlegende Software für das Gerät
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AA179F5-EAE2-4997-B03E-989068643DBF}" = Brickshooter Egypt
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A33598C4-1357-4A71-B322-BE6F1DFBBF5A}" = MagicMaps Tour Explorer Deutschland Demo
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}" = HP Officejet Pro 8600 Hilfe
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF26A5F6-6760-495B-AE45-E7B37A3836A1}" = passt
"1t_xZGA-j__N" = LoudMo Contextual Ad Assistant
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"Audiograbber" = Audiograbber 1.83 SE 
"Avira AntiVir Desktop" = Avira Free Antivirus
"Broken Sword 2.5_is1" = Broken Sword 2.5
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CCleaner" = CCleaner
"CellFiver_is1" = CellFiver
"Clever" = Clever
"Der Stein der Weisen" = Der Stein der Weisen
"DivX Setup" = DivX-Setup
"Free FLV Converter_is1" = Free FLV Converter V 6.7.4
"Luxor 2_is1" = Luxor 2 en
"Luxor 3" = Luxor 3
"MagicJewels" = MagicJewels (remove only)
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"Mozilla Thunderbird 17.0.2 (x86 de)" = Mozilla Thunderbird 17.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPE" = MyPhoneExplorer
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PhotoStitch" = Canon Utilities PhotoStitch
"PirateVille" = PirateVille
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TheLastRipper" = TheLastRipper 1.4
"Treasures Of Mystery Island" = Treasures Of Mystery Island
"Um die Welt in 80 Tagen_is1" = Um die Welt in 80 Tagen 1.0
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 0.9.8a
"Winamp" = Winamp
"XSManager" = XSManager
"YTdetect" = Yahoo! Detect
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\Mel_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ActiveTouchMeetingClient" = Cisco WebEx Meetings
"ICQ" = ICQ 8.0 (build 5981, für aktuellen Benutzer)
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
< End of report >
--- --- ---
__________________
Alt 01.02.2013, 00:32   #4
t'john
/// Helfer-Team
 
Hitman durch Samsung Recovery gestoppt? - Standard

Hitman durch Samsung Recovery gestoppt?


Fixen mit OTLpe
  • Starte den unbootbaren Computer erneut mit der OTLPE-CD,
  • warte bis der Reatogo-X-Pe-Desktop erscheint und doppelklicke das OTLPE-Icon.

  • Kopiere folgendes Skript in das Textfeld unterhalb von Custom Scans/Fixes:
  • Sollte das mangels Internet-Verbindung nicht möglich sein,
  • kopiere den Text aus der folgenden Code-Box und speichere ihn als Fix.txt auf einen USB-Stick.
  • Schließe den USB-Stick an den Computer an und öffne Fix.txt mit dem Explorer auf dem Reatogo-Desktop.
  • Kopiere den Inhalt von Fix.txt in das Textfeld unterhalb von Custom Scans/Fixes:

Code:
ATTFilter
:OTL

O4 - HKLM..\Run: [Adobe ARM] File not found 
O20 - HKU\Mel_ON_D Winlogon: Shell - (C:\Users\Mel\AppData\Roaming\skype.dat) - File not found 

:Files 

ipconfig /flushdns /c
:Commands
[emptytemp]
Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Klick auf .
  • Kopiere den Inhalt hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\OTLpe\MovedFiles\<datum_nummer.log>
  • Teste, ob den Computer nun wieder in den normalen Windows-Modus booten kannst und berichte.
__________________
Mfg, t'john
Das TB unterstützen

Alt 02.02.2013, 00:46   #5
Ksiem
 
Hitman durch Samsung Recovery gestoppt? - Standard

Hitman durch Samsung Recovery gestoppt?


Danke mal wieder:
Habe dein Script wie gefordert eingefügt und verwendet
OT starten - dann Windowsverzeichnis auswählen und incl. Remoteusers bestätigen.
Script eingefügt- start fix- log file kopiert Rechner runtergefahren und neu ohne BooCD gestartet.

Nun erscheint ein Fenster erst von Windows, dass Windows nicht normal starten kann und ich nun die Starthilfe verwenden kann.
Nach auswahl Starthilfe läd es etwas hin und her, dann erscheint ein Samsung Logo, und eine Info man solle nun die Samsung Starthilfewiederherstellung starten- bestätigt man dies, dann erscheint folgendes:
"Windows cannot repair this computer automatically"
wenn ich vor kurzem ein device am computer isntalliert hätte wie camera oder portablen musikspieler solle ich sie entfernen und den Rechner neu starten, wenn ich weiterhin diesen Screen sehen würde solle ich den Administrator kontaktieren oder die Samsung Recovery Solution III starten.
nun kann ich zwischen finnisch und shut down wählen:
kann auch noch diagnostic and repair details einsehen bzw advanced options for system recovery
tja.. hier die Log von Otl

:
Zitat:
========== OTL ===========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM not found.
Error: Either could not set Winlogon\\Shell value or Explorer.exe is missing!
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
An internal error occurred: The system cannot find the file specified.

Please contact Microsoft Product Support Services for further help.
Additional information: Unable to open registry key for tcpip.
C:\cmd.bat deleted successfully.
C:\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes

Total Files Cleaned = 0.00 mb


OTLPE by OldTimer - Version 3.1.48.0 log created on 02022013_001127

und hier die "diagnostic and repair details" erschienen nach einem Ladebalken von Windows und der frage ob man die Starthilfe möchte (wie kann ich hier ein Video anhängen weil sich kein Log kopieren lässt)

die Anwendung teilt einem mit Windows hätte nicht repariert werden können.
Dann bei finnish läd Windows wieder- es kommt zur Benutzerabfrage, man kann schon seinen Desktophintergrund sehen- kommt dann aber auf einen white Screen.
Mauszeiger mittig vorhanden.

Nochmal neu gestartet- man kommt wieder auf den White Screen


Alt 02.02.2013, 12:06   #6
t'john
/// Helfer-Team
 
Hitman durch Samsung Recovery gestoppt? - Standard

Hitman durch Samsung Recovery gestoppt?


Ich habe wenig Erfarung mit der Besonderheit der Samsung Laptops, aber das was ich bis jetzt gelesen habe schlage ich dir vor:

den Laptop mit einer Ubuntu-Live CD zu starten und alle Daten zu sichern und danach Neuaufsetzen des Systems.

Alles andere waere Frickelei, weil unklar ist, was HitmanPro geloescht hat.

Zitat:
1. Datenrettung:
__________________
--> Hitman durch Samsung Recovery gestoppt?

Alt 30.03.2013, 08:44   #7
t'john
/// Helfer-Team
 
Hitman durch Samsung Recovery gestoppt? - Standard

Hitman durch Samsung Recovery gestoppt?


Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung?

Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen.

Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema.
http://www.trojaner-board.de/69886-a...-beachten.html


Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.
__________________
Mfg, t'john
Das TB unterstützen

Antwort

Themen zu Hitman durch Samsung Recovery gestoppt?
angemeldet, applaus, ausgeschaltet, backups, bekannte, black, folge, folgendes, funkt, hinweise, hitman, laptop, neue, neue version, problem, recht, recovery, samsung, samsung recovery solution iii, sofort, sperrt, systemstart, version, zusammen


« Im Firefox werden einige Seiten umgeleitet auf adf.ly | 1.Trojan.Gen.2 in C:\windows 2. Remote-System versucht Zugriff »


Ähnliche Themen: Hitman durch Samsung Recovery gestoppt?


  1. Partition nach Samsung Recovery Solution gelöscht
    Alles rund um Windows - 08.10.2015 (18)
  2. Hack gegen Looppay: Samsung betont Sicherheit von Samsung Pay
    Nachrichten - 08.10.2015 (0)
  3. Probleme mit Hitman.Pro.Alert
    Antiviren-, Firewall- und andere Schutzprogramme - 21.09.2015 (8)
  4. Hitman oder Spyhunter4
    Antiviren-, Firewall- und andere Schutzprogramme - 07.08.2015 (14)
  5. Hitman Pro Kickstart funktioniert unter win 7 als auch win 8 nicht
    Antiviren-, Firewall- und andere Schutzprogramme - 17.03.2015 (5)
  6. GVU-Trojaner: Systemwiederherstellung, Unlocker und Hitman funktionieren nicht
    Log-Analyse und Auswertung - 16.11.2014 (17)
  7. zeroaccess durch recovery cd beseitigen?
    Log-Analyse und Auswertung - 06.01.2014 (11)
  8. TR/Crypt.EPACK.Gen2 in Samsung Recovery Solution
    Log-Analyse und Auswertung - 14.10.2013 (7)
  9. Problem mit dem Internet nach Samsung PC-Recovery..
    Netzwerk und Hardware - 29.01.2012 (1)
  10. BOO/TDss.M im Masterbootsektor gefunden.(Antivir) Auch nach Systemrücksetzung mit Samsung Recovery
    Plagegeister aller Art und deren Bekämpfung - 03.11.2011 (36)
  11. Trojan Remover und Hitman Pro?
    Antiviren-, Firewall- und andere Schutzprogramme - 10.09.2011 (5)
  12. Windows XP Recovery - SurfBy-Infektion durch www.valait.ch
    Log-Analyse und Auswertung - 03.06.2011 (0)
  13. Leerer Desktop nach Entfernung von Windows Recovery durch Malewarebytes
    Log-Analyse und Auswertung - 01.05.2011 (7)
  14. Nach Virenbefall durch Microsoft Recovery kein Zugriff mehr auf C Platte.
    Plagegeister aller Art und deren Bekämpfung - 23.03.2011 (1)
  15. Samsung R519 "Recovery Solution 4 geht nicht"
    Alles rund um Windows - 05.09.2010 (1)
  16. Trojaner löschen mit Samsung Recovery
    Plagegeister aller Art und deren Bekämpfung - 19.10.2009 (2)
  17. Hitman Pro
    Antiviren-, Firewall- und andere Schutzprogramme - 07.02.2006 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Hitman durch Samsung Recovery gestoppt? - Guten Tag zusammen, Ich habe folgendes Problem: Auf dem Laptop meiner Freundin tauchte vorgestern das bekannte Fenster auf sie hätte pornographische Inhalte heruntergeladen und könnte gegen Gebühr entsperrt werden. Sie - Hitman durch Samsung Recovery gestoppt?...
Archiv
Du betrachtest: Hitman durch Samsung Recovery gestoppt? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131