Trojaner-Board - Offen Windows Media Player öffnet sich ab und an und ist nichtmehr schließbar!

Trojaner-Board (https://www.trojaner-board.de/)

- Alles rund um Windows (https://www.trojaner-board.de/alles-rund-um-windows/)

- -

Windows Media Player öffnet sich ab und an und ist nichtmehr schließbar! (https://www.trojaner-board.de/94404-windows-media-player-oeffnet-ab-nichtmehr-schliessbar.html)

Hm, ich hab mir das Tutorium durchgelesen und werde jetzt Combofix ausführen.
Neuer post kommt sofort wenn das Programm fertig ist :)

Noch ne Frage ( bin gerade dabei das program auszuführen [ atm fertiggestellt Stufe_32] )
Ich hab vergessen es um zu bennenen und glaube als ich das gestartet hatte war es noch in combofix.exe also nicht umbenannt, ist dies schlimm ?? oO
Wörterbuch trifft Osswald kritisch ( Schreibe dies gerade vom iPod aus, praktisch)

Hm, so glaube das das dann doch nicht so schlimm gewesen war, denn es ist fertig.

Hier das Ergebnis (Ich habe absichtlich den Namen meiner Dateiornder nicht zensiert, da mir das zu viel Arbeit wäre) :

Combofix Logfile:

Code:

ComboFix 11-01-06.02 - Niklas 06.01.2011  21:18:13.1.2 - x86

Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3069.2127 [GMT 1:00]

ausgeführt von:: c:\users\Niklas\Desktop\ComboFix.exe

AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

AV: Microsoft Security Essentials *Disabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}

SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

SP: Microsoft Security Essentials *Disabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.
 

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.
 

C:\-1841877980

C:\readme.txt

c:\users\Niklas\AppData\Local\wkqey.dat

c:\users\Niklas\AppData\Local\wkqey_nav.dat

c:\users\Niklas\AppData\Local\wkqey_navps.dat

c:\users\Niklas\AppData\Roaming\Microsoft\Windows\Recent\ZSNES.url

c:\users\Niklas\AppData\Roaming\Microsoft\Windows\Recent\ZSNES2.url

c:\users\Public\System

c:\users\Public\System\binkw32.dll

c:\users\Public\System\pb\dll\wa001403.dll

c:\users\Public\System\pb\dll\wa001404.dll

c:\users\Public\System\pb\dll\wc002085.dll

c:\users\Public\System\pb\dll\wc002086.dll

c:\users\Public\System\pb\dll\wc002123.dll

c:\users\Public\System\pbsign

c:\windows\system32\4286231.dll

c:\windows\Tasks\tobwvzsk.job
 

.

(((((((((((((((((((((((   Dateien erstellt von 2010-12-06 bis 2011-01-06  ))))))))))))))))))))))))))))))

.
 

2011-01-06 00:48 . 2010-11-10 04:33        6273872        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F97F78D9-B210-44EC-92C9-0353A4EE41A7}\mpengine.dll

2011-01-03 14:17 . 2010-12-20 17:09        38224        ----a-w-        c:\windows\system32\drivers\mbamswissarmy.sys

2011-01-03 14:17 . 2010-12-20 17:08        20952        ----a-w-        c:\windows\system32\drivers\mbam.sys

2011-01-03 14:17 . 2011-01-03 14:17        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware

2011-01-02 17:09 . 2011-01-02 17:23        --------        d-----w-        c:\program files\Wise Registry Cleaner

2011-01-02 16:15 . 2011-01-02 20:34        --------        d-----w-        C:\fcb3ea4ea8dd9f44a55ed16fbb

2010-12-28 00:35 . 2011-01-06 16:20        --------        d-----w-        c:\users\Public\World of Warcraft

2010-12-26 03:46 . 2010-12-26 03:46        --------        d-----w-        c:\program files\Rockstar Games

2010-12-26 03:16 . 2010-12-26 03:16        --------        d-----w-        c:\programdata\Razer

2010-12-26 03:14 . 2007-09-27 18:44        65536        ----a-w-        c:\windows\system32\Lycosa.cpl

2010-12-26 03:14 . 2010-12-26 03:14        --------        d-----w-        c:\program files\Razer

2010-12-26 03:14 . 2008-01-18 13:43        16128        ----a-w-        c:\windows\system32\drivers\Lycosa.sys

2010-12-26 03:14 . 2010-12-26 03:14        --------        d-----w-        c:\users\Niklas\AppData\Roaming\InstallShield

2010-12-23 09:03 . 2010-12-23 09:03        --------        d-----w-        c:\program files\iPod

2010-12-16 10:45 . 2010-10-12 13:41        66048        ----a-w-        c:\program files\Windows Mail\wabmig.exe

2010-12-16 10:45 . 2010-10-12 13:41        515584        ----a-w-        c:\program files\Windows Mail\wab.exe

2010-12-16 10:45 . 2010-10-12 15:53        33280        ----a-w-        c:\program files\Windows Mail\wabfind.dll

2010-12-16 10:45 . 2010-10-18 13:31        2038272        ----a-w-        c:\windows\system32\win32k.sys

2010-12-16 10:45 . 2010-11-04 18:55        352768        ----a-w-        c:\windows\system32\taskschd.dll

2010-12-16 10:45 . 2010-11-04 18:55        601600        ----a-w-        c:\windows\system32\schedsvc.dll

2010-12-16 10:45 . 2010-11-04 18:56        345600        ----a-w-        c:\windows\system32\wmicmiplugin.dll

2010-12-16 10:45 . 2010-11-04 16:34        171520        ----a-w-        c:\windows\system32\taskeng.exe

2010-12-16 10:45 . 2010-11-04 18:55        270336        ----a-w-        c:\windows\system32\taskcomp.dll

2010-12-16 10:43 . 2010-10-28 13:20        2048        ----a-w-        c:\windows\system32\tzres.dll

2010-12-16 10:43 . 2010-11-03 10:51        2409784        ----a-w-        c:\program files\Windows Mail\OESpamFilter.dat
 

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-11-29 16:38 . 2010-11-29 16:38        94208        ----a-w-        c:\windows\system32\QuickTimeVR.qtx

2010-11-29 16:38 . 2010-11-29 16:38        69632        ----a-w-        c:\windows\system32\QuickTime.qts

2010-11-23 12:49 . 2010-11-23 12:50        472808        ----a-w-        c:\windows\system32\deployJava1.dll

2010-11-10 04:33 . 2010-01-11 13:17        6273872        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2010-10-19 20:51 . 2009-10-03 11:59        222080        ------w-        c:\windows\system32\MpSigStub.exe

2009-06-14 08:25 . 2009-06-14 08:20        7349744        ----a-w-        c:\program files\FLV PlayerATBSetup.exe

2010-07-08 14:24 . 2010-01-04 18:17        119808        ----a-w-        c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll

.
 

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4
 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2009-10-19 187192]

"{9d81af43-de53-48d0-a199-42c2a226b24c}"= "c:\program files\Softonic_Deutsch_FF\tbSoft.dll" [2009-07-15 2224152]
 

[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]

[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]

[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]

[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
 

[HKEY_CLASSES_ROOT\clsid\{9d81af43-de53-48d0-a199-42c2a226b24c}]
 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]

2009-02-11 12:40        365960        ----a-w-        c:\program files\AskBarDis\bar\bin\askBar.dll
 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9d81af43-de53-48d0-a199-42c2a226b24c}]

2009-07-15 08:09        2224152        ----a-w-        c:\program files\Softonic_Deutsch_FF\tbSoft.dll
 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]

2009-10-19 15:15        1345336        ----a-w-        c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]

"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-02-11 365960]

"{9d81af43-de53-48d0-a199-42c2a226b24c}"= "c:\program files\Softonic_Deutsch_FF\tbSoft.dll" [2009-07-15 2224152]
 

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]

[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]

[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]

[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
 

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]

[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
 

[HKEY_CLASSES_ROOT\clsid\{9d81af43-de53-48d0-a199-42c2a226b24c}]
 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]

"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-02-11 365960]

"{9D81AF43-DE53-48D0-A199-42C2A226B24C}"= "c:\program files\Softonic_Deutsch_FF\tbSoft.dll" [2009-07-15 2224152]
 

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]

[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]

[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]

[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
 

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]

[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
 

[HKEY_CLASSES_ROOT\clsid\{9d81af43-de53-48d0-a199-42c2a226b24c}]
 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-03 39408]

"ClipIncSrvTray"="c:\program files\Tobit ClipInc\Player\ClipIncTray.exe" [2009-03-16 668424]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2009-03-25 1840424]

"BitTorrent DNA"="c:\users\Niklas\Program Files\DNA\btdna.exe" [2009-12-15 323392]

"Google Update"="c:\users\Niklas\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-02-26 135664]

"Steam"="c:\program files\Steam\steam.exe" [2010-11-17 1242448]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-05-07 178712]

"RtHDVCpl"="RtHDVCpl.exe" [2008-05-07 6139904]

"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-08 30192]

"toolbar_eula_launcher"="c:\program files\GoogleEULA\EULALauncher.exe" [2007-02-09 16896]

"PRISMSVR.EXE"="c:\program files\Siemens\Gigaset USB Adapter 54\PRISMSVR.EXE" [2004-07-02 295001]

"VMonitorVMUVC"="c:\program files\Vimicro\VMUVC\VMonitor.exe" [2008-03-26 135168]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

"Ask and Record FLV Service"="c:\program files\Ask & Record Toolbar\FLVSrvc.exe" [2009-03-10 156672]

"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1094224]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-21 47904]

"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-12-02 2221352]

"ACQTMOUSE"="c:\program files\Tech\Tilt Mouse Software\5.0\ACQTMAPP.exe" [2009-09-08 514560]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]

"Lycosa"="c:\program files\Razer\Lycosa\razerhid.exe" [2007-11-20 147456]
 

c:\users\Niklas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
 

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Gigaset WLAN Adapter Monitor.lnk - c:\program files\Siemens\Gigaset USB Adapter 54\GigasetUSBMonitor.exe [2005-2-16 323584]
 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

"HideFastUserSwitching"= 0 (0x0)
 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]

"DisableClock"= 0 (0x0)
 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"
 

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-27 136176]

R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2008-12-07 30088]

R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-08 30192]

R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]

R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2010-07-01 34896]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-06-11 108289]

S2 ClipInc001;ClipInc 001;c:\program files\Tobit ClipInc\Server\ClipInc-Server.exe 001 [x]

S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]

S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-10-19 2011944]

S3 LycoFltr;Lycosa Keyboard;c:\windows\system32\Drivers\Lycosa.sys [2008-01-18 16128]

S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]

S3 SE4501D;Gigaset USB Adapter 54 Driver;c:\windows\system32\DRIVERS\SE4501D.sys [2005-01-25 352032]

S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\Drivers\VMUVC.sys [2008-06-16 250240]

S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [2008-06-16 476160]
 
 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation        REG_MULTI_SZ           FontCache

.

Inhalt des "geplante Tasks" Ordners
 

2011-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-11 16:01]
 

2011-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-11 16:01]
 

2010-10-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3704707052-2540689425-1032157838-1002Core1cb6f17cba94470.job

- c:\users\Niklas\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-26 15:44]
 

2011-01-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3704707052-2540689425-1032157838-1002UA.job

- c:\users\Niklas\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-26 15:44]
 

2010-11-29 c:\windows\Tasks\SLOW-PCfighter-Niklas-Startup.job

- c:\program files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe [2010-10-05 15:04]
 

2011-01-06 c:\windows\Tasks\User_Feed_Synchronization-{A58B91F8-99FB-4CC3-899E-68375FA52BEC}.job

- c:\windows\system32\msfeedssync.exe [2010-12-16 04:25]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

IE: Free YouTube Download - c:\users\Niklas\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm

IE: Free YouTube to Mp3 Converter - c:\users\Niklas\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html

IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000

IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites

FF - ProfilePath - c:\users\Niklas\AppData\Roaming\Mozilla\Firefox\Profiles\t7sux7cw.default\

FF - prefs.js: browser.search.selectedEngine - ICQ Search

FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/

FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=

FF - prefs.js: network.proxy.type - 4

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Ext: Stylish: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - %profile%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}

FF - Ext: SweetIM Toolbar for Firefox: {EEE6C361-6118-11DC-9C72-001320C79847} - %profile%\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: Softonic Deutsch FF Toolbar: {9d81af43-de53-48d0-a199-42c2a226b24c} - %profile%\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}

FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

FF - Ext: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

.
 

**************************************************************************
 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-01-06 21:32

Windows 6.0.6002 Service Pack 2 NTFS
 

Scanne versteckte Prozesse... 
 

Scanne versteckte Autostarteinträge... 
 

Scanne versteckte Dateien... 
 

Scan erfolgreich abgeschlossen

versteckte Dateien: 0
 

**************************************************************************

.

--------------------- Gesperrte Registrierungsschluessel ---------------------
 

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1b,a8,30,ff,b6,4d,fa,4d,a3,ff,ff,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1b,a8,30,ff,b6,4d,fa,4d,a3,ff,ff,\
 

[HKEY_USERS\S-1-5-21-3704707052-2540689425-1032157838-1002\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

"??"=hex:95,77,3d,b6,bd,32,1e,e8,c4,04,6f,b2,d9,51,6e,f9,2a,b1,be,bb,e6,33,c9,

   c8,cf,e8,d2,02,2b,2f,3c,ac,7f,8e,26,ba,27,f8,b2,7d,2c,bd,73,8a,ef,e5,ca,16,\

"??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49
 

[HKEY_USERS\S-1-5-21-3704707052-2540689425-1032157838-1002\Software\SecuROM\License information*]

@Allowed: (Read) (RestrictedCode)

"datasecu"=hex:ba,9c,1e,93,9a,ee,6b,27,89,23,26,de,4d,98,91,ac,fa,1a,e7,10,1b,

   2a,56,50,0f,27,5f,ed,5a,a3,75,80,f9,a9,cc,c1,74,db,05,14,4b,28,44,62,be,5a,\

"rkeysecu"=hex:ff,1e,f9,74,d3,75,c3,e8,36,49,8d,f5,11,f3,20,cc

.

Zeit der Fertigstellung: 2011-01-06  21:36:54

ComboFix-quarantined-files.txt  2011-01-06 20:36
 

Vor Suchlauf: 12 Verzeichnis(se), 362.405.203.968 Bytes frei

Nach Suchlauf: 17 Verzeichnis(se), 368.634.400.768 Bytes frei
 

- - End Of File - - D37B34D98FAC8655FB95DB6339222529

--- --- ---

Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.

Doppelklick auf die MBRCheck.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Das Tool braucht nur einige Sekunden.
Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.

Poste mir bitte den Inhalt des .txt Dokumentes

Ok, hier schonmal der GMER:

GMER 1.0.15.15530 - GMER - Rootkit Detector and Remover
Rootkit quick scan 2011-01-06 22:42:23
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD64 rev.05.0
Running: nzmkvcw3.exe; Driver: C:\Users\Niklas\AppData\Local\Temp\uxldqpod.sys

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

(OSAM und MBRCheck folgen)

Hier der OSAM scan :
OSAM Logfile:

Code:

Report of OSAM: Autorun Manager v5.0.11926.0

Online Solutions. Complex Protection for Information Systems

Saved at 22:56:37 on 06.01.2011
 

OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit

Default Browser: Google Inc. Google Chrome 0.0.0.0
 

Scanner Settings

[x] Rootkits detection (hidden registry)

[x] Rootkits detection (hidden files)

[x] Retrieve files information

[x] Check Microsoft signatures
 

Filters

[ ] Trusted entries

[ ] Empty entries

[x] Hidden registry entries (rootkit activity)

[x] Exclusively opened files

[x] Not found files

[x] Files without detailed information

[x] Existing files

[ ] Non-startable services

[ ] Non-startable drivers

[x] Active entries

[x] Disabled entries
 
 

[AppInit DLLs]

-----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )-----

"AppInit_DLLs" - "Google" - C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
 

[Common]

-----( %SystemRoot%\Tasks )-----

"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

"GoogleUpdateTaskUserS-1-5-21-3704707052-2540689425-1032157838-1002Core1cb6f17cba94470.job" - "Google Inc." - C:\Users\Niklas\AppData\Local\Google\Update\GoogleUpdate.exe

"GoogleUpdateTaskUserS-1-5-21-3704707052-2540689425-1032157838-1002UA.job" - "Google Inc." - C:\Users\Niklas\AppData\Local\Google\Update\GoogleUpdate.exe

"SLOW-PCfighter-Niklas-Startup.job" - "SPAMfighter ApS" - C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe
 

[Control Panel Objects]

-----( %SystemRoot%\system32 )-----

"ddbaccpl.cpl" - "DataDesign AG" - C:\Windows\system32\ddbaccpl.cpl

"ddbacctm.cpl" - "DataDesign AG" - C:\Windows\system32\ddbacctm.cpl

"Lycosa.cpl" - "Razer Inc." - C:\Windows\system32\Lycosa.cpl

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----

"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl
 

[Drivers]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"AEGIS Protocol (IEEE 802.1x) v2.3.1.9" (MDC8021X) - "Meetinghouse Data Communications" - C:\Windows\System32\DRIVERS\mdc8021x.sys

"atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys  (File found, but it contains no detailed information)

"avgio" (avgio) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avgio.sys

"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys

"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys

"Bluetooth HID Bus Service" (BtHidBus) - ? - C:\Windows\System32\Drivers\BtHidBus.sys  (File not found)

"Bluetooth PAN Bus Service" (btnetBUs) - ? - C:\Windows\System32\Drivers\btnetBus.sys  (File signed by Microsoft | File found, but it contains no detailed information)

"Bluetooth PAN Network Adapter" (BT) - ? - C:\Windows\System32\DRIVERS\btnetdrv.sys  (File not found)

"Bluetooth VComm Manager Service" (VcommMgr) - ? - C:\Windows\System32\Drivers\VcommMgr.sys  (File not found)

"catchme" (catchme) - ? - C:\Users\Niklas\AppData\Local\Temp\catchme.sys  (File not found)

"EagleNT" (EagleNT) - ? - C:\Windows\system32\drivers\EagleNT.sys  (File not found)

"Gigaset USB Adapter 54 Driver" (SE4501D) - "Siemens AG" - C:\Windows\System32\DRIVERS\SE4501D.sys

"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)

"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)

"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)

"IVT Bluetooth Bus Service" (IvtBtBUs) - ? - C:\Windows\System32\Drivers\IvtBtBus.sys  (File not found)

"lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys  (File found, but it contains no detailed information)

"PPdus ASPI Shell" (Afc) - "Arcsoft, Inc." - C:\Windows\System32\drivers\Afc.sys

"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys

"Virtual Serial port driver" (VComm) - ? - C:\Windows\System32\DRIVERS\VComm.sys  (File not found)
 

[Explorer]

-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----

{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll

-----( HKLM\Software\Classes\Protocols\Filter )-----

{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

-----( HKLM\Software\Classes\Protocols\Handler )-----

{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll

{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----

{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----

{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)

{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)

{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)

{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll

{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)

{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.dll

{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)

{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)

{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll

{00020d75-0000-0000-c000-000000000046} "lnkfile" - ? -   (File not found | COM-object registry key not found)

{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll

{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\ONFILTER.DLL

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll

{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll

{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll

{FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.dll

{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)

{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)

{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll

{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe

{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe

{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll

{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll

{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll

{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe

{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll

{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)

{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files\WinRAR\rarext.dll

{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
 

[Internet Explorer]

-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----

"eBay - Der weltweite Online-Marktplatz" - ? - eBay - eine der größten deutschen Shopping-Websites  (HTTP value)

-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----

<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll

<binary data> "Ask Toolbar" - "Ask.com" - C:\Program Files\AskBarDis\bar\bin\askBar.dll

<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)

<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)

<binary data> "Softonic Deutsch FF Toolbar" - "Conduit Ltd." - C:\Program Files\Softonic_Deutsch_FF\tbSoft.dll

<binary data> "SweetIM Toolbar for Internet Explorer" - "SweetIM Technologies Ltd." - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----

{855F3B16-6D32-4fe6-8A56-BBB695989046} "ICQToolBar" - "ICQ" - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll

{9d81af43-de53-48d0-a199-42c2a226b24c} "Softonic Deutsch FF Toolbar" - "Conduit Ltd." - C:\Program Files\Softonic_Deutsch_FF\tbSoft.dll

{EEE6C35D-6118-11DC-9C72-001320C79847} "SweetIM ToolbarURLSearchHook Class" - "SweetIM Technologies Ltd." - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll

 "{855F3B16-6D32-4fe6-8A56-BBB695989046}" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----

{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_22.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

{C3F79A2B-B9B4-4A66-B012-3EE46475B072} "MessengerStatsClient Class" - "Microsoft Corporation" - C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll / hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

{D0C0F75C-683A-4390-A791-1ACFD5599AB8} "Oberon Flash Game Host" - "Oberon Media, Inc." - C:\Windows\Downloaded Program Files\OberonGameHost.dll / hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab

{233C1507-6A77-46A4-9443-F871F945D258} "Shockwave ActiveX Control" - "Adobe Systems, Inc." - C:\Windows\system32\Adobe\Director\SwDir.dll / hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

{1E54D648-B804-468d-BC78-4AFFED8E262F} "System Requirements Lab Class" - "Husdawg, LLC" - C:\Windows\Downloaded Program Files\sysreqlab_nvd.dll / hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

{17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\Windows\system32\LegitCheckControl.DLL / hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? -   (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----

{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

"eBay - Der weltweite Online-Marktplatz" - ? - eBay - eine der größten deutschen Shopping-Websites  (HTTP value)

"ICQ7.2" - "ICQ, LLC." - C:\Program Files\ICQ7.2\ICQ.exe

{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----

<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll

<binary data> "Ask Toolbar" - "Ask.com" - C:\Program Files\AskBarDis\bar\bin\askBar.dll

<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

{855F3B16-6D32-4fe6-8A56-BBB695989046} "ICQToolBar" - "ICQ" - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll

{9d81af43-de53-48d0-a199-42c2a226b24c} "Softonic Deutsch FF Toolbar" - "Conduit Ltd." - C:\Program Files\Softonic_Deutsch_FF\tbSoft.dll

<binary data> "SweetIM Toolbar for Internet Explorer" - "SweetIM Technologies Ltd." - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----

{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

{201f27d4-3704-41d6-89c1-aa35e39143ed} "AskBar BHO" - "Ask.com" - C:\Program Files\AskBarDis\bar\bin\askBar.dll

{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll

{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll

{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} "Search Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

{9d81af43-de53-48d0-a199-42c2a226b24c} "Softonic Deutsch FF Toolbar" - "Conduit Ltd." - C:\Program Files\Softonic_Deutsch_FF\tbSoft.dll

{EEE6C35C-6118-11DC-9C72-001320C79847} "SweetIM Toolbar Helper" - "SweetIM Technologies Ltd." - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} "Windows Live Toolbar Helper" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll

{5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? -   (File not found | COM-object registry key not found)
 

[Logon]

-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----

"OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE  (Shortcut exists | File exists)

"desktop.ini" - ? - C:\Users\Niklas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----

"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

"Gigaset WLAN Adapter Monitor.lnk" - ? - C:\Program Files\Siemens\Gigaset USB Adapter 54\GigasetUSBMonitor.exe  (Shortcut exists | File exists)

-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----

"BitTorrent DNA" - "BitTorrent, Inc." - "C:\Users\Niklas\Program Files\DNA\btdna.exe"

"ClipIncSrvTray" - "Tobit.Software" - "C:\Program Files\Tobit ClipInc\Player\ClipIncTray.exe"

"Google Update" - "Google Inc." - "C:\Users\Niklas\AppData\Local\Google\Update\GoogleUpdate.exe" /c

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" - "Nero AG" - "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

"Steam" - "Valve Corporation" - "C:\Program Files\Steam\steam.exe" -silent

"swg" - "Google Inc." - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----

"StartupPrograms" - ? - rdpclip  (File not found)

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----

"ACQTMOUSE" - ? - "C:\Program Files\Tech\Tilt Mouse Software\5.0\ACQTMAPP.exe"

"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"AppleSyncNotifier" - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

"Ask and Record FLV Service" - "Applian Technologies, Inc." - "C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe" /run

"avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

"Google Desktop Search" - "Google" - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

"IAAnotif" - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

"iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe"

"Lycosa" - "Razer USA Ltd." - "C:\Program Files\Razer\Lycosa\razerhid.exe"

"MSSE" - "Microsoft Corporation" - "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey

"NBKeyScan" - "Nero AG" - "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

"PRISMSVR.EXE" - "Conexant Systems, Inc." - "C:\Program Files\Siemens\Gigaset USB Adapter 54\PRISMSVR.EXE" /APPLY

"QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime

"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"toolbar_eula_launcher" - " " - C:\Program Files\GoogleEULA\EULALauncher.exe

"VMonitorVMUVC" - "Vimicro Corporation" - "C:\Program Files\Vimicro\VMUVC\VMonitor.exe" VMUVC
 

[Print Monitors]

-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----

"Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\Windows\system32\mdimon.dll

"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll
 

[Services]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe

"ClipInc 001" (ClipInc001) - ? - C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe

"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe

"Google Desktop Manager 5.9.1005.12335" (GoogleDesktopManager-051210-111108) - "Google" - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

"Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

"ICQ Service" (ICQ Service) - ? - C:\Program Files\ICQ6Toolbar\ICQ Service.exe

"Intel(R) Matrix Storage Event Monitor" (IAANTMON) - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe

"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

"Microsoft Antimalware Service" (MsMpSvc) - "Microsoft Corporation" - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe

"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

"Nero BackItUp Scheduler 3" (Nero BackItUp Scheduler 3) - "Nero AG" - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

"NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

"NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe

"NVIDIA Stereoscopic 3D Driver Service" (Stereo Service) - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

"PLFlash DeviceIoControl Service" (PLFlash DeviceIoControl Service) - "Prolific Technology Inc." - C:\Windows\system32\IoctlSvc.exe

"PnkBstrA" (PnkBstrA) - ? - C:\Windows\system32\PnkBstrA.exe  (File found, but it contains no detailed information)

"SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

"Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files\Common Files\Steam\SteamService.exe

"TeamViewer 5" (TeamViewer5) - "TeamViewer GmbH" - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
 

[Winsock Providers]

-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----

"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll
 

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---
If You have questions or want to get some help, You can visit Online Solutions :: Index

Hier der OSAM scan :

OSAM Logfile:

Code:

Report of OSAM: Autorun Manager v5.0.11926.0

Online Solutions. Complex Protection for Information Systems

Saved at 22:56:37 on 06.01.2011
 

OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit

Default Browser: Google Inc. Google Chrome 0.0.0.0
 

Scanner Settings

[x] Rootkits detection (hidden registry)

[x] Rootkits detection (hidden files)

[x] Retrieve files information

[x] Check Microsoft signatures
 

Filters

[ ] Trusted entries

[ ] Empty entries

[x] Hidden registry entries (rootkit activity)

[x] Exclusively opened files

[x] Not found files

[x] Files without detailed information

[x] Existing files

[ ] Non-startable services

[ ] Non-startable drivers

[x] Active entries

[x] Disabled entries
 
 

[AppInit DLLs]

-----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )-----

"AppInit_DLLs" - "Google" - C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
 

[Common]

-----( %SystemRoot%\Tasks )-----

"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

"GoogleUpdateTaskUserS-1-5-21-3704707052-2540689425-1032157838-1002Core1cb6f17cba94470.job" - "Google Inc." - C:\Users\Niklas\AppData\Local\Google\Update\GoogleUpdate.exe

"GoogleUpdateTaskUserS-1-5-21-3704707052-2540689425-1032157838-1002UA.job" - "Google Inc." - C:\Users\Niklas\AppData\Local\Google\Update\GoogleUpdate.exe

"SLOW-PCfighter-Niklas-Startup.job" - "SPAMfighter ApS" - C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe
 

[Control Panel Objects]

-----( %SystemRoot%\system32 )-----

"ddbaccpl.cpl" - "DataDesign AG" - C:\Windows\system32\ddbaccpl.cpl

"ddbacctm.cpl" - "DataDesign AG" - C:\Windows\system32\ddbacctm.cpl

"Lycosa.cpl" - "Razer Inc." - C:\Windows\system32\Lycosa.cpl

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----

"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl
 

[Drivers]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"AEGIS Protocol (IEEE 802.1x) v2.3.1.9" (MDC8021X) - "Meetinghouse Data Communications" - C:\Windows\System32\DRIVERS\mdc8021x.sys

"atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys  (File found, but it contains no detailed information)

"avgio" (avgio) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avgio.sys

"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys

"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys

"Bluetooth HID Bus Service" (BtHidBus) - ? - C:\Windows\System32\Drivers\BtHidBus.sys  (File not found)

"Bluetooth PAN Bus Service" (btnetBUs) - ? - C:\Windows\System32\Drivers\btnetBus.sys  (File signed by Microsoft | File found, but it contains no detailed information)

"Bluetooth PAN Network Adapter" (BT) - ? - C:\Windows\System32\DRIVERS\btnetdrv.sys  (File not found)

"Bluetooth VComm Manager Service" (VcommMgr) - ? - C:\Windows\System32\Drivers\VcommMgr.sys  (File not found)

"catchme" (catchme) - ? - C:\Users\Niklas\AppData\Local\Temp\catchme.sys  (File not found)

"EagleNT" (EagleNT) - ? - C:\Windows\system32\drivers\EagleNT.sys  (File not found)

"Gigaset USB Adapter 54 Driver" (SE4501D) - "Siemens AG" - C:\Windows\System32\DRIVERS\SE4501D.sys

"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)

"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)

"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)

"IVT Bluetooth Bus Service" (IvtBtBUs) - ? - C:\Windows\System32\Drivers\IvtBtBus.sys  (File not found)

"lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys  (File found, but it contains no detailed information)

"PPdus ASPI Shell" (Afc) - "Arcsoft, Inc." - C:\Windows\System32\drivers\Afc.sys

"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys

"Virtual Serial port driver" (VComm) - ? - C:\Windows\System32\DRIVERS\VComm.sys  (File not found)
 

[Explorer]

-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----

{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll

-----( HKLM\Software\Classes\Protocols\Filter )-----

{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

-----( HKLM\Software\Classes\Protocols\Handler )-----

{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll

{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----

{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----

{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)

{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)

{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)

{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll

{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)

{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.dll

{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)

{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)

{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll

{00020d75-0000-0000-c000-000000000046} "lnkfile" - ? -   (File not found | COM-object registry key not found)

{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll

{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\ONFILTER.DLL

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll

{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll

{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll

{FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.dll

{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)

{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)

{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll

{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe

{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe

{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll

{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll

{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll

{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe

{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll

{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)

{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files\WinRAR\rarext.dll

{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
 

[Internet Explorer]

-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----

"eBay - Der weltweite Online-Marktplatz" - ? - eBay - eine der größten deutschen Shopping-Websites  (HTTP value)

-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----

<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll

<binary data> "Ask Toolbar" - "Ask.com" - C:\Program Files\AskBarDis\bar\bin\askBar.dll

<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)

<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)

<binary data> "Softonic Deutsch FF Toolbar" - "Conduit Ltd." - C:\Program Files\Softonic_Deutsch_FF\tbSoft.dll

<binary data> "SweetIM Toolbar for Internet Explorer" - "SweetIM Technologies Ltd." - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----

{855F3B16-6D32-4fe6-8A56-BBB695989046} "ICQToolBar" - "ICQ" - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll

{9d81af43-de53-48d0-a199-42c2a226b24c} "Softonic Deutsch FF Toolbar" - "Conduit Ltd." - C:\Program Files\Softonic_Deutsch_FF\tbSoft.dll

{EEE6C35D-6118-11DC-9C72-001320C79847} "SweetIM ToolbarURLSearchHook Class" - "SweetIM Technologies Ltd." - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll

 "{855F3B16-6D32-4fe6-8A56-BBB695989046}" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----

{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_22.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

{C3F79A2B-B9B4-4A66-B012-3EE46475B072} "MessengerStatsClient Class" - "Microsoft Corporation" - C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll / hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

{D0C0F75C-683A-4390-A791-1ACFD5599AB8} "Oberon Flash Game Host" - "Oberon Media, Inc." - C:\Windows\Downloaded Program Files\OberonGameHost.dll / hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab

{233C1507-6A77-46A4-9443-F871F945D258} "Shockwave ActiveX Control" - "Adobe Systems, Inc." - C:\Windows\system32\Adobe\Director\SwDir.dll / hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

{1E54D648-B804-468d-BC78-4AFFED8E262F} "System Requirements Lab Class" - "Husdawg, LLC" - C:\Windows\Downloaded Program Files\sysreqlab_nvd.dll / hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

{17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\Windows\system32\LegitCheckControl.DLL / hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab

{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? -   (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----

{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

"eBay - Der weltweite Online-Marktplatz" - ? - eBay - eine der größten deutschen Shopping-Websites  (HTTP value)

"ICQ7.2" - "ICQ, LLC." - C:\Program Files\ICQ7.2\ICQ.exe

{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----

<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll

<binary data> "Ask Toolbar" - "Ask.com" - C:\Program Files\AskBarDis\bar\bin\askBar.dll

<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

{855F3B16-6D32-4fe6-8A56-BBB695989046} "ICQToolBar" - "ICQ" - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll

{9d81af43-de53-48d0-a199-42c2a226b24c} "Softonic Deutsch FF Toolbar" - "Conduit Ltd." - C:\Program Files\Softonic_Deutsch_FF\tbSoft.dll

<binary data> "SweetIM Toolbar for Internet Explorer" - "SweetIM Technologies Ltd." - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----

{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

{201f27d4-3704-41d6-89c1-aa35e39143ed} "AskBar BHO" - "Ask.com" - C:\Program Files\AskBarDis\bar\bin\askBar.dll

{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll

{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll

{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} "Search Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

{9d81af43-de53-48d0-a199-42c2a226b24c} "Softonic Deutsch FF Toolbar" - "Conduit Ltd." - C:\Program Files\Softonic_Deutsch_FF\tbSoft.dll

{EEE6C35C-6118-11DC-9C72-001320C79847} "SweetIM Toolbar Helper" - "SweetIM Technologies Ltd." - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} "Windows Live Toolbar Helper" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll

{5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? -   (File not found | COM-object registry key not found)
 

[Logon]

-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----

"OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE  (Shortcut exists | File exists)

"desktop.ini" - ? - C:\Users\Niklas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----

"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

"Gigaset WLAN Adapter Monitor.lnk" - ? - C:\Program Files\Siemens\Gigaset USB Adapter 54\GigasetUSBMonitor.exe  (Shortcut exists | File exists)

-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----

"BitTorrent DNA" - "BitTorrent, Inc." - "C:\Users\Niklas\Program Files\DNA\btdna.exe"

"ClipIncSrvTray" - "Tobit.Software" - "C:\Program Files\Tobit ClipInc\Player\ClipIncTray.exe"

"Google Update" - "Google Inc." - "C:\Users\Niklas\AppData\Local\Google\Update\GoogleUpdate.exe" /c

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" - "Nero AG" - "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

"Steam" - "Valve Corporation" - "C:\Program Files\Steam\steam.exe" -silent

"swg" - "Google Inc." - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----

"StartupPrograms" - ? - rdpclip  (File not found)

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----

"ACQTMOUSE" - ? - "C:\Program Files\Tech\Tilt Mouse Software\5.0\ACQTMAPP.exe"

"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"AppleSyncNotifier" - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

"Ask and Record FLV Service" - "Applian Technologies, Inc." - "C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe" /run

"avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

"Google Desktop Search" - "Google" - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

"IAAnotif" - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

"iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe"

"Lycosa" - "Razer USA Ltd." - "C:\Program Files\Razer\Lycosa\razerhid.exe"

"MSSE" - "Microsoft Corporation" - "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey

"NBKeyScan" - "Nero AG" - "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

"PRISMSVR.EXE" - "Conexant Systems, Inc." - "C:\Program Files\Siemens\Gigaset USB Adapter 54\PRISMSVR.EXE" /APPLY

"QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime

"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"toolbar_eula_launcher" - " " - C:\Program Files\GoogleEULA\EULALauncher.exe

"VMonitorVMUVC" - "Vimicro Corporation" - "C:\Program Files\Vimicro\VMUVC\VMonitor.exe" VMUVC
 

[Print Monitors]

-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----

"Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\Windows\system32\mdimon.dll

"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll
 

[Services]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe

"ClipInc 001" (ClipInc001) - ? - C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe

"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe

"Google Desktop Manager 5.9.1005.12335" (GoogleDesktopManager-051210-111108) - "Google" - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

"Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

"ICQ Service" (ICQ Service) - ? - C:\Program Files\ICQ6Toolbar\ICQ Service.exe

"Intel(R) Matrix Storage Event Monitor" (IAANTMON) - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe

"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

"Microsoft Antimalware Service" (MsMpSvc) - "Microsoft Corporation" - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe

"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

"Nero BackItUp Scheduler 3" (Nero BackItUp Scheduler 3) - "Nero AG" - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

"NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

"NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe

"NVIDIA Stereoscopic 3D Driver Service" (Stereo Service) - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

"PLFlash DeviceIoControl Service" (PLFlash DeviceIoControl Service) - "Prolific Technology Inc." - C:\Windows\system32\IoctlSvc.exe

"PnkBstrA" (PnkBstrA) - ? - C:\Windows\system32\PnkBstrA.exe  (File found, but it contains no detailed information)

"SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

"Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files\Common Files\Steam\SteamService.exe

"TeamViewer 5" (TeamViewer5) - "TeamViewer GmbH" - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
 

[Winsock Providers]

-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----

"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll
 

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---

If You have questions or want to get some help, You can visit Online Solutions :: Index

Und hier MBRCheck:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: MICRO-STAR INTERNATIONAL CO., LTD
BIOS Manufacturer: Phoenix Technologies, LTD
System Manufacturer: MEDIONPC
System Product Name: MS-7502
Logical Drives Mask: 0x000000fc

Kernel Drivers (total 148):
0x82C0B000 \SystemRoot\system32\ntkrnlpa.exe
0x82FC4000 \SystemRoot\system32\hal.dll
0x8040A000 \SystemRoot\system32\kdcom.dll
0x80411000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x80481000 \SystemRoot\system32\PSHED.dll
0x80492000 \SystemRoot\system32\BOOTVID.dll
0x8049A000 \SystemRoot\system32\CLFS.SYS
0x804DB000 \SystemRoot\system32\CI.dll
0x80604000 \SystemRoot\system32\drivers\Wdf01000.sys
0x80680000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8068D000 \SystemRoot\system32\drivers\acpi.sys
0x806D3000 \SystemRoot\system32\drivers\WMILIB.SYS
0x806DC000 \SystemRoot\system32\drivers\msisadrv.sys
0x806E4000 \SystemRoot\system32\drivers\pci.sys
0x8070B000 \SystemRoot\System32\drivers\partmgr.sys
0x8071A000 \SystemRoot\system32\drivers\volmgr.sys
0x80729000 \SystemRoot\System32\drivers\volmgrx.sys
0x80773000 \SystemRoot\System32\drivers\mountmgr.sys
0x8320B000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x832DB000 \SystemRoot\system32\drivers\fltmgr.sys
0x8330D000 \SystemRoot\system32\drivers\fileinfo.sys
0x8331D000 \SystemRoot\System32\Drivers\ksecdd.sys
0x83C02000 \SystemRoot\system32\drivers\ndis.sys
0x83D0D000 \SystemRoot\system32\drivers\msrpc.sys
0x83D38000 \SystemRoot\system32\drivers\NETIO.SYS
0x83E0E000 \SystemRoot\System32\drivers\tcpip.sys
0x83EF8000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8B209000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8B319000 \SystemRoot\system32\drivers\volsnap.sys
0x8B352000 \SystemRoot\System32\Drivers\spldr.sys
0x8B35A000 \SystemRoot\System32\Drivers\mup.sys
0x8B369000 \SystemRoot\System32\drivers\ecache.sys
0x8B390000 \SystemRoot\system32\drivers\disk.sys
0x8B3A1000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8B3C2000 \SystemRoot\system32\drivers\crcdisk.sys
0x8B3D8000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8B3E3000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8B3EC000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8F602000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x90080000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x90082000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x90123000 \SystemRoot\System32\drivers\watchdog.sys
0x9012F000 \SystemRoot\system32\DRIVERS\e1e6032.sys
0x90167000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x90172000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x901B0000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x83D73000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x901BF000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x901CF000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x901DD000 \SystemRoot\system32\DRIVERS\serial.sys
0x83FE3000 \SystemRoot\system32\DRIVERS\serenum.sys
0x901F7000 \SystemRoot\system32\drivers\Afc.sys
0x8338E000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8B200000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x833A6000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x80783000 \SystemRoot\system32\DRIVERS\storport.sys
0x83FED000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x833D5000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x83E00000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x807C4000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x833EC000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x807E7000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x805BB000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x805D0000 \SystemRoot\system32\DRIVERS\termdd.sys
0x83200000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x805E0000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8F600000 \SystemRoot\system32\DRIVERS\swenum.sys
0x90408000 \SystemRoot\system32\DRIVERS\ks.sys
0x90432000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x9043C000 \SystemRoot\system32\DRIVERS\umbus.sys
0x90449000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x9047E000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x90601000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x90809000 \SystemRoot\system32\drivers\portcls.sys
0x90836000 \SystemRoot\system32\drivers\drmk.sys
0x9085B000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0x9087E000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x90887000 \SystemRoot\System32\Drivers\Null.SYS
0x9088E000 \SystemRoot\System32\Drivers\Beep.SYS
0x9089E000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x908A5000 \SystemRoot\System32\drivers\vga.sys
0x908B1000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x908D2000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x908DA000 \SystemRoot\system32\drivers\rdpencdd.sys
0x908E2000 \SystemRoot\System32\Drivers\Msfs.SYS
0x908ED000 \SystemRoot\System32\Drivers\Npfs.SYS
0x908FB000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x90904000 \SystemRoot\system32\DRIVERS\tdx.sys
0x9091A000 \SystemRoot\system32\DRIVERS\smb.sys
0x9092E000 \SystemRoot\system32\drivers\afd.sys
0x90976000 \SystemRoot\System32\DRIVERS\netbt.sys
0x909A8000 \SystemRoot\system32\DRIVERS\pacer.sys
0x909BE000 \SystemRoot\system32\DRIVERS\netbios.sys
0x909CC000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x909DF000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0x9048F000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x909E5000 \SystemRoot\system32\drivers\nsiproxy.sys
0x904CB000 \SystemRoot\System32\Drivers\dfsc.sys
0x904E2000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x909EF000 \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys
0x904FE000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x909F1000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x909F3000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x90513000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x90895000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x90523000 \SystemRoot\System32\Drivers\fastfat.SYS
0x9054B000 \SystemRoot\system32\DRIVERS\SE4501D.sys
0x905A1000 \SystemRoot\system32\DRIVERS\udfs.sys
0x905DC000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x909FC000 \SystemRoot\System32\Drivers\Lycosa.sys
0x83F13000 \SystemRoot\System32\Drivers\VMUVC.sys
0x83F51000 \SystemRoot\system32\drivers\vvftUVC.sys
0x83FC6000 \SystemRoot\system32\drivers\usbaudio.sys
0x905F3000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x8B3CB000 \SystemRoot\System32\Drivers\crashdmp.sys
0x91A01000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x9A000000 \SystemRoot\System32\win32k.sys
0x91AD1000 \SystemRoot\System32\drivers\Dxapi.sys
0x91ADB000 \SystemRoot\system32\DRIVERS\monitor.sys
0x9A220000 \SystemRoot\System32\TSDDD.dll
0x9A240000 \SystemRoot\System32\cdd.dll
0x91AEA000 \SystemRoot\system32\drivers\luafv.sys
0x91B05000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x91B19000 \SystemRoot\system32\drivers\spsys.sys
0x91BC9000 \SystemRoot\system32\DRIVERS\mdc8021x.sys
0x91BCD000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9FA0B000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9FA35000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9FA3F000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x9FA52000 \SystemRoot\system32\drivers\HTTP.sys
0x9FABF000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x9FADC000 \SystemRoot\system32\DRIVERS\bowser.sys
0x9FAF5000 \SystemRoot\System32\drivers\mpsdrv.sys
0x9FB0A000 \SystemRoot\system32\drivers\mrxdav.sys
0x9FB2B000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x9FB4A000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x9FB83000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x9FB9B000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA0C0F000 \SystemRoot\System32\DRIVERS\srv.sys
0xA0C5D000 \SystemRoot\system32\DRIVERS\atksgt.sys
0xA0CA0000 \SystemRoot\system32\DRIVERS\lirsgt.sys
0xA0CA5000 \SystemRoot\system32\drivers\peauth.sys
0xA0D83000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA0D8D000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA0D99000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0xA0DAE000 \SystemRoot\system32\DRIVERS\WUDFPf.sys
0xA0DC0000 \SystemRoot\system32\DRIVERS\MpNWMon.sys
0x76F10000 \Windows\System32\ntdll.dll

Processes (total 81):
0 System Idle Process
4 System
484 C:\Windows\System32\smss.exe
560 csrss.exe
612 C:\Windows\System32\wininit.exe
624 csrss.exe
656 C:\Windows\System32\services.exe
668 C:\Windows\System32\lsass.exe
676 C:\Windows\System32\lsm.exe
760 C:\Windows\System32\winlogon.exe
872 C:\Windows\System32\svchost.exe
936 C:\Windows\System32\nvvsvc.exe
968 C:\Windows\System32\svchost.exe
1004 C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
1112 C:\Windows\System32\svchost.exe
1140 C:\Windows\System32\svchost.exe
1152 C:\Windows\System32\svchost.exe
1340 C:\Windows\System32\audiodg.exe
1364 C:\Windows\System32\svchost.exe
1388 C:\Windows\System32\SLsvc.exe
1416 C:\Windows\System32\svchost.exe
1584 C:\Windows\System32\svchost.exe
1604 C:\Windows\System32\nvvsvc.exe
1832 C:\Windows\System32\spoolsv.exe
1856 C:\Program Files\Avira\AntiVir Desktop\sched.exe
1868 C:\Windows\System32\svchost.exe
256 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
340 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
364 C:\Program Files\Bonjour\mDNSResponder.exe
500 C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe
568 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
1176 C:\Program Files\ICQ6Toolbar\ICQ Service.exe
1580 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
2056 C:\Windows\System32\IoctlSvc.exe
2136 C:\Windows\System32\PnkBstrA.exe
2152 C:\Windows\System32\svchost.exe
2168 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
2360 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
2388 C:\Windows\System32\svchost.exe
2472 C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
2500 C:\Windows\System32\svchost.exe
2516 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
2560 C:\Windows\System32\SearchIndexer.exe
2740 WUDFHost.exe
3244 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
3604 C:\Windows\System32\taskeng.exe
3612 C:\Windows\System32\dwm.exe
3660 C:\Windows\System32\taskeng.exe
3692 C:\Windows\explorer.exe
3888 C:\Windows\System32\mobsync.exe
4088 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
2244 C:\Windows\RtHDVCpl.exe
964 C:\Program Files\Siemens\Gigaset USB Adapter 54\PRISMSVR.exe
2944 C:\Program Files\Vimicro\VMUVC\VMonitor.exe
2964 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
3036 C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe
1092 C:\Program Files\Microsoft Security Essentials\msseces.exe
1876 C:\Program Files\Tech\Tilt Mouse Software\5.0\ACQTMAPP.exe
652 C:\Program Files\Common Files\Java\Java Update\jusched.exe
4008 C:\Program Files\iTunes\iTunesHelper.exe
3492 C:\Program Files\Razer\Lycosa\razerhid.exe
2308 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
2488 C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
2248 C:\Users\Niklas\Program Files\DNA\btdna.exe
3708 C:\Windows\System32\wbem\unsecapp.exe
3760 C:\Program Files\Siemens\Gigaset USB Adapter 54\GigasetUSBMonitor.exe
4004 WmiPrvSE.exe
252 C:\Users\Niklas\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe
4300 C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
4380 C:\Program Files\Razer\Lycosa\razertra.exe
4444 C:\Program Files\iPod\bin\iPodService.exe
4576 C:\Windows\System32\svchost.exe
5208 C:\Users\Niklas\AppData\Local\Google\Chrome\Application\chrome.exe
5544 C:\Users\Niklas\AppData\Local\Google\Chrome\Application\chrome.exe
6112 C:\Program Files\Windows Media Player\wmpnetwk.exe
6024 C:\Windows\System32\SearchProtocolHost.exe
6108 C:\Windows\System32\SearchFilterHost.exe
5844 dllhost.exe
2404 dllhost.exe
4708 C:\Users\Niklas\Desktop\MBRCheck.exe
5596 C:\Windows\System32\conime.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000090`09f07e00 (FAT32)

PhysicalDrive0 Model Number: WDCWD6400AACS-00G8B0, Rev: 05.04C05

Size Device Name MBR Status
--------------------------------------------
596 GB \\.\PhysicalDrive0 Windows 98 MBR code detected
SHA1: 48F01D7E76A0F3C038D08611E3FDC0EE4EF9FD3E

Done!

_________________
Tut mir leid für den Doppelpost,mir geht es hier nicht um die Anzahl der Beiträge, sondern darum das ich Hilfe bekomme.
Und Danke an dich und der Website das ihr mir Helft.

Zitat:

596 GB \\.\PhysicalDrive0 Windows 98 MBR code detected
SHA1: 48F01D7E76A0F3C038D08611E3FDC0EE4EF9FD3E

Hast Du noch andere Betriebssysteme außer Vista installiert?

Wenn nicht: Schau mal hier => Vista Notfall/Recovery-CD 32-Bit - Dr. Windows

Lad das iso runter, brenn es zB mit ImgBurn per Imagebrennfunktion auf eine CD und starte damit den Rechner (von dieser CD booten).

Falls Du eine normale Vista-Installations-DVD hast, brauchst Du das o.g. Image nicht sondern kannst einfach von der Vista-DVD booten.

Klick auf Computerreparaturoptionen, weiter, Eingabeaufforderung - die Konsole öffnet sich. Da bitte bootrec.exe /fixboot eintippen (mit enter bestätigen), dann bootrec.exe /fixmbr eintippen (mit enter bestätigen) - Rechner neustarten, CD vorher rausnehmen.

Ähm, könntest du mir bitte erklären was das bedeutet "booten" ?
Und wie ich den Rechner von einer CD aus starte, halt den teil bitte.
Ich kenne mich in diesem Bereich nicht so gut aus...

Achso, und nein, ich habe keine anderen Betriebssysteme außer vista installiert.
Vista war schon Installiert also ich den Pc gekauft hatte.

Und kann man das auch auf eine DVD+RW brennen?

Nimm lieber einen CD-R oder CD-RW-Rohling. Ich hab das mit DVD-Rohlingen nicht getestet

Hm hab leider keine CD