Er sagt (in grün): Ok <Dos/Win32 Boot code found>

Dann ist es erstmal ok. :)
Sag Bescheid falls noch weitere Unstimmigkeiten da sein sollten, in den bisherigen Fällen war nach der MBR-Reparatur das Phänomen weg und man konnte weder vor noch nach der Reparatur Aufälligkeiten in den Logs erkennen (es sei denn es wurde was übersehen)

Zur Kontrolle würde ich aber noch vorschlagen:

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

• Starte bitte die OTL.exe.
  Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Kopiere nun den Inhalt in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox.

• Schliesse bitte nun alle Programme. (Wichtig)
• Klicke nun bitte auf den Quick Scan Button.
• Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
• Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Ok- hab ich gemacht! Soll ich nu auf 'Bereinigen' klicken oder so?

Das entscheidende OTL-Log fehlt, bitte nachreichen.

Jep, habe das gerade gesehen, Flüchtigkeitsfehler... Sorry. Leider konnte ich es nu gerade nicht als Anhang beifügen (Zu groß!?), drum paste ich ich das hierhin. Nochwas: Als ich den Rechner heute hochgefahren habe, erzählte mir mein Rechner "Die neue Hardware ist nun installiert, aber der Rechner muss dafür noch neu gestartet werden" -ich habe gar keine neue Hardware installiert! Jedenfalls klappte der WLan Zugang danach nicht (obwohl alles so angezeigt wurde als ob es okay wär, alle Bälkchen grün und so). Nach neustart geht das Inet nu wieder. Hmmm... seltsam. Na hier erstmal der OTL Text:



OTL Logfile:
--- --- ---

Ok. Von sowas wie ZoneAlarm solltest Du Dich trennen, diese Software ist sinnfrei.
Lies einfach mal hier, ich denke dann sollte es etwas klarer werden:

Personal_Firewalls - ubuntuusers.de
NT-Dienste sicher konfigurieren und abschalten (Windows 2000/XP) - www.ntsvcfg.de
microsoft.public.de.security.heimanwender FAQ

Dann wirst Du feststellen, dass es einfach nur unnötig ist, sich das System mit einer weiteren angeblichen Schutzkomponente zu verhunzen... :rolleyes:

Malwarebefall vermeiden kannst Du sowieso nur, wenn Du selbst Dein verhalten in den Griff bekommst => Kompromittierung unvermeidbar?


Bitte nach der Deinstallation von ZoneAlarm CF anwenden:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

• Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.

http://saved.im/mtm0nzyzmzd5/cofi.jpg

• Dann folgende Anleitung durchlesen und abarbeiten -> CCleaner Systembereinigung

• Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

• Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
  Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

• Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

OK; habe ich alles so gemacht! Vielen vielen Dank für deine ausführlichen Erklärungen!! :dankeschoen: muss mir nochmal in Ruhe die Links durchlesen, was ich soweit gelesen habe fand ich sehr erhellend. Wenn ich das richtig verstanden habe: nur die Windows Firewall benutzen (regelmäßig geupdated) reicht, richtig? Die Lautstärke war allerdings zwischendurch wieder mal weg :(
hier der CoFi Text:

Combofix Logfile:
--- --- ---

Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus

OK- erledigt! Gmer gab Bluescreens, aber OSAM lief

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 14:04:30 on 09.07.2010
OS: Windows XP Professional Service Pack 3 (Build 2600)
Default Browser: Mozilla Corporation Firefox 3.6.3

Scanner Settings
Rootkits detection (hidden registry)
Rootkits detection (hidden files)
Retrieve files information
Check Microsoft signatures

Filters
Trusted entries
Empty entries
Hidden registry entries (rootkit activity)
Exclusively opened files
Not found files
Files without detailed information
Existing files
Non-startable services
Non-startable drivers
Active entries
Disabled entries

Risk Name Publisher Full Path Status
Common
%SystemRoot%\Tasks
"AdobeAAMUpdater-1.0-HOME-PC-Administrator.job" "Adobe Systems Incorporated" C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe File exists
|||| "GoogleUpdateTaskMachineCore.job" "Google Inc." C:\Programme\Google\Update\GoogleUpdate.exe File exists
|||| "GoogleUpdateTaskMachineUA.job" "Google Inc." C:\Programme\Google\Update\GoogleUpdate.exe File exists
|||| "GoogleUpdateTaskUserS-1-5-21-1644491937-1450960922-725345543-500Core.job" "Google Inc." C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe File exists
|||| "GoogleUpdateTaskUserS-1-5-21-1644491937-1450960922-725345543-500UA.job" "Google Inc." C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe File exists
"PCDoctorBackgroundMonitorTask.job" C:\Programme\PCDR5\pcdr5cuiw32.exe File found, but it contains no detailed information
|||| "1-Klick-Wartung.job" "TuneUp Software GmbH" C:\Programme\TuneUpUtilities2006\SystemOptimizer.exe File exists
Control Panel Objects
%SystemRoot%\system32
|||||| "ac3filter.cpl" C:\WINDOWS\system32\ac3filter.cpl File exists
|||||| "BCMWLCPL.CPL" "Broadcom Corporation" C:\WINDOWS\system32\BCMWLCPL.CPL File exists
|| "DivXControlPanelApplet.cpl" "DivX, Inc." C:\WINDOWS\system32\DivXControlPanelApplet.cpl File exists
|||||| "infocardcpl.cpl" "Microsoft Corporation" C:\WINDOWS\system32\infocardcpl.cpl File exists
|||||| "javacpl.cpl" "Sun Microsystems, Inc." C:\WINDOWS\system32\javacpl.cpl File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls
|||||| "Adobe Version Cue CS4" "Adobe Systems Incorporated" C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.cpl File exists
|||||| "mlcfg32.cpl" "Microsoft Corporation" C:\PROGRA~1\MICROS~2\Office14\MLCFG32.CPL File exists
|||||| "Nero BurnRights" "Nero AG" C:\Programme\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl File exists
|||||| "QuickTime" "Apple Inc." C:\Programme\QuickTime\QTSystem\QuickTime.cpl File exists
Drivers
HKLM\SYSTEM\CurrentControlSet\Services
"adfs" (adfs) C:\WINDOWS\system32\drivers\adfs.sys File not found
"ak1avs" (ak1avs) "Native Instruments GmbH" C:\WINDOWS\System32\Drivers\ak1avs.sys File exists
"ak1usb" (ak1usb) "Native Instruments GmbH" C:\WINDOWS\System32\Drivers\ak1usb.sys File exists
|||||| "Anchorfree HSS Adapter" (taphss) "AnchorFree Inc" C:\WINDOWS\System32\DRIVERS\taphss.sys File exists
|||||| "aswFsBlk" (aswFsBlk) "ALWIL Software" C:\WINDOWS\system32\drivers\aswFsBlk.sys File exists
|||||| "aswRdr" (aswRdr) "ALWIL Software" C:\WINDOWS\system32\drivers\aswRdr.sys File exists
|||||| "aswSP" (aswSP) "ALWIL Software" C:\WINDOWS\system32\drivers\aswSP.sys File exists
|||||| "avast! Asynchronous Virus Monitor" (Aavmker4) "ALWIL Software" C:\WINDOWS\system32\drivers\Aavmker4.sys File exists
|||||| "avast! Network Shield Support" (aswTdi) "ALWIL Software" C:\WINDOWS\system32\drivers\aswTdi.sys File exists
|||||| "avast! Standard Shield Support" (aswMon2) "ALWIL Software" C:\WINDOWS\system32\drivers\aswMon2.sys File exists
"catchme" (catchme) C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\catchme.sys File not found
"Changer" (Changer) C:\WINDOWS\system32\drivers\Changer.sys File not found
|||||| "Cisco Systems Inc. IPSec Driver" (CVPNDRVA) "Cisco Systems, Inc." C:\WINDOWS\system32\Drivers\CVPNDRVA.sys File exists
"i2omgmt" (i2omgmt) C:\WINDOWS\system32\drivers\i2omgmt.sys File not found
"iMSPQMn" (iMSPQMn) C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\iMSPQMn.sys File not found
"InCD Reader" (InCDRm) C:\WINDOWS\System32\drivers\InCDRm.sys File not found
"InCDPass" (InCDPass) C:\WINDOWS\System32\drivers\InCDPass.sys File not found
"lbrtfdc" (lbrtfdc) C:\WINDOWS\system32\drivers\lbrtfdc.sys File not found
"PCDRNDISUIO Usermode I/O Protocol" (PcdrNdisuio) C:\WINDOWS\System32\DRIVERS\pcdrndisuio.sys File not found
"PCIDump" (PCIDump) C:\WINDOWS\system32\drivers\PCIDump.sys File not found
"PDCOMP" (PDCOMP) C:\WINDOWS\system32\drivers\PDCOMP.sys File not found
"PDFRAME" (PDFRAME) C:\WINDOWS\system32\drivers\PDFRAME.sys File not found
"PDRELI" (PDRELI) C:\WINDOWS\system32\drivers\PDRELI.sys File not found
"PDRFRAME" (PDRFRAME) C:\WINDOWS\system32\drivers\PDRFRAME.sys File not found
|||||| "PQNTDrv" (PQNTDrv) "PowerQuest Corporation" C:\WINDOWS\system32\drivers\PQNTDrv.sys File exists
|||||| "PxHelp20" (PxHelp20) "Sonic Solutions" C:\WINDOWS\System32\Drivers\PxHelp20.sys File exists
|||||| "TPkd" (TPkd) "PACE Anti-Piracy, Inc." C:\WINDOWS\system32\drivers\TPkd.sys File exists
"WDICA" (WDICA) C:\WINDOWS\system32\drivers\WDICA.sys File not found
Explorer
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
|||||| {BDEADF00-C265-11d0-BCED-00A0C90AB50F} "Web Folders" "Microsoft Corporation" C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL File exists
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
|||||| {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" "Microsoft Corporation" C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install File exists
HKLM\Software\Classes\Folder\shellex\ColumnHandlers
|||||| {7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" "Nero AG" C:\Programme\Gemeinsame Dateien\Ahead\lib\NeroDigitalExt.dll File exists
|||||| {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" "Adobe Systems, Inc." C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll File exists
HKLM\Software\Classes\Protocols\Filter
|||||| {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" "Microsoft Corporation" C:\WINDOWS\system32\mscoree.dll File exists
|||||| {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" "Microsoft Corporation" C:\WINDOWS\system32\mscoree.dll File exists
|||||| {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" "Microsoft Corporation" C:\WINDOWS\system32\mscoree.dll File exists
|||||| {807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" "Microsoft Corporation" C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL File exists
HKLM\Software\Classes\Protocols\Handler
|||||| {12D51199-0DB5-46FE-A120-47A3D7D937CC} "DVD: Pluggable Protocol" "Microsoft Corporation" C:\WINDOWS\system32\msvidctl.dll File exists
|||||| {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" "Microsoft Corporation" C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll File exists
|||||| {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" "Skype Technologies" C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL File exists
|||||| {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} "TV: Pluggable Protocol" "Microsoft Corporation" C:\WINDOWS\system32\msvidctl.dll File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
|||||| {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" "Microsoft Corporation" C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
|||||| {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} "Acrobat Elements Context Menu" "Adobe Systems Inc." C:\Programme\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.dll File exists
|||||| {472083B0-C522-11CF-8763-00608CC02F24} "avast" "AVAST Software" C:\Programme\Alwil Software\Avast5\ashShell.dll File exists
|||||| {D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" "Microsoft Corporation" C:\Programme\Microsoft Office\Office14\VISSHE.DLL File exists
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" deskpan.dll File not found
|||||| {7CCA70DB-DE7A-4FB7-9B2B-52E2335A3B5A} "Enterprise Projects" "Microsoft Corporation" C:\Programme\Microsoft Office\Office14\NAMEEXT.DLL File exists
|||||| {1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" "Microsoft Corporation" C:\WINDOWS\system32\mscoree.dll File exists
|||||| {99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft Corporation" C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL File exists
|||||| {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft Corporation" C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL File exists
|||||| {920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft Corporation" C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL File exists
|||||| {16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft Corporation" C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL File exists
|||||| {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft Corporation" C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL File exists
|||||| {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" "Microsoft Corporation" C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL File exists
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" File not found | COM-object registry key not found
|||||| {6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" "Microsoft Corporation" C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL File exists
|||||| {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" "Microsoft Corporation" C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL File exists
|||||| {A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" "Microsoft Corporation" C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL File exists
|||||| {387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" "Microsoft Corporation" C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL File exists
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" File not found | COM-object registry key not found
|||||| {506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" "Microsoft Corporation" C:\Programme\Microsoft Office\Office14\VISSHE.DLL File exists
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" File not found | COM-object registry key not found
|||||| {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" "Microsoft Corporation" C:\Programme\Microsoft Office\Office14\msohevi.dll File exists
|||||| {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" "Microsoft Corporation" C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\msoshext.dll File exists
|||||| {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" "Microsoft Corporation" C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\msoshext.dll File exists
|||||| {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" "Microsoft Corporation" C:\Programme\Microsoft Office\Office14\ONFILTER.DLL File exists
|||||| {00020D75-0000-0000-C000-000000000046} "Microsoft Outlook" "Microsoft Corporation" C:\PROGRA~1\MICROS~2\Office14\MLSHEXT.DLL File exists
|||||| {B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" "Nero AG" C:\Programme\Gemeinsame Dateien\Ahead\lib\NeroDigitalExt.dll File exists
|||||| {7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" "Nero AG" C:\Programme\Gemeinsame Dateien\Ahead\lib\NeroDigitalExt.dll File exists
|||||| {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" "Microsoft Corporation" C:\Programme\Microsoft Office\Office14\OLKFSTUB.DLL File exists
|||||| {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" "Microsoft Corporation" C:\WINDOWS\system32\dfshim.dll File exists
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" File not found | COM-object registry key not found
|||||| {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" "Microsoft Corporation" C:\WINDOWS\system32\dfshim.dll File exists
{00DF1F20-0849-A4D1-0239-00D0AF3E9CB0} "TuneUp Shredder Shell Context Menu Extension" File not found | COM-object registry key not found
|||||| {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" "Microsoft Corporation" C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL File exists
|||||| {59525F37-21B7-4ED7-9568-A0F421FBA3A4} "Web Sites" "Microsoft Corporation" C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\14\BIN\FPNSE.DLL File exists
|||||| {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" C:\Programme\WinRAR\rarext.dll File found, but it contains no detailed information
|||||| {3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D} "Workspaces" "Microsoft Corporation" C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL File exists
Internet Explorer
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
|||| "Adobe PDF" "Adobe Systems Incorporated" C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll File exists
ITBar7Height "ITBar7Height" File not found | COM-object registry key not found
"ITBar7Layout" File not found | COM-object registry key not found
"ITBarLayout" File not found | COM-object registry key not found
|||| "My Web Search" "MyWebSearch.com" C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL File exists
"{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}" File not found | COM-object registry key not found
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks
|||| {00A6FAF6-072E-44cf-8957-5838F569A31D} "{00A6FAF6-072E-44cf-8957-5838F569A31D}" "MyWebSearch.com" C:\Programme\MyWebSearch\bar\1.bin\MWSSRCAS.DLL File exists
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units
|||| {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} "Java Plug-in 1.4.2_05"
hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab "JavaSoft / Sun Microsystems, Inc." C:\Programme\Java\j2re1.4.2_05\bin\npjpi142_05.dll File exists
|||| {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_20"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\npjpi160_20.dll File exists
|||| {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\npjpi160_20.dll File exists
|||| {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\npjpi160_20.dll File exists
|||||| {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object"
hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab "Adobe Systems, Inc." C:\WINDOWS\system32\Macromed\Flash\Flash10g.ocx File exists
|||| {17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool"
hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab "Microsoft Corporation" C:\WINDOWS\system32\LegitCheckControl.DLL File exists
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
|||||| {FFFDC614-B694-4AE6-AB38-5D6374584B52} "OneNote Lin&ked Notes" "Microsoft Corporation" C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll File exists
|||| {48E73304-E1D6-4330-914C-F5F514E3486C} "Send to OneNote" "Microsoft Corporation" C:\Programme\Microsoft Office\Office14\ONBttnIE.dll File exists
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
|||| "Adobe PDF" "Adobe Systems Incorporated" C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll File exists
|||| {07B18EA9-A523-4961-B6BB-170DE4475CCA} "My Web Search" "MyWebSearch.com" C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
|||| {AE7CD045-E861-484f-8273-0445EE161910} "Adobe PDF Conversion Toolbar Helper" "Adobe Systems Incorporated" C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll File exists
|||| {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\jp2ssv.dll File exists
|||| {07B18EA1-A523-4961-B6BB-170DE4475CCA} "mwsBar BHO" "MyWebSearch.com" C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL File exists
|||| {00A6FAF1-072E-44cf-8957-5838F569A31D} "MyWebSearch Search Assistant BHO" "MyWebSearch.com" C:\Programme\MyWebSearch\bar\1.bin\MWSSRCAS.DLL File exists
|||||| {B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" "Microsoft Corporation" C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL File exists
Logon
%AllUsersProfile%\Startmenü\Programme\Autostart
|||||| "desktop.ini" C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini File exists
|||||| "VPN Client.lnk" "Cisco Systems, Inc." C:\Programme\Cisco Systems\VPN Client\vpngui.exe Shortcut exists | File exists
%UserProfile%\Startmenü\Programme\Autostart
|||||| "desktop.ini" C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\desktop.ini File exists
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|||| "Google Update" "Google Inc." "C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe" /c File exists
|||| "MyWebSearch Email Plugin" "MyWebSearch.com" C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe File exists
|||||| "Rainlendar2" C:\Programme\Rainlendar2\Rainlendar2.exe File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
|||| "AzMixerSel" "Realtek Semiconductor Corp." C:\Programme\Realtek\InstallShield\AzMixerSel.exe File exists
|||| "Broadcom Wireless Manager UI" "Broadcom Corporation" C:\WINDOWS\system32\WLTRAY.exe File exists
|||| "My Web Search Bar Search Scope Monitor" "MyWebSearch.com" "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h File exists
|||| "MyWebSearch Email Plugin" "MyWebSearch.com" C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe File exists
|||| "TPWAUDAP" "Lenovo Group Limited" C:\Programme\Lenovo\HOTKEY\TpWAudAp.exe File exists
Network Providers
HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
|||||| "Broadcom 802.11 Network Adapter Logon Provider" "Broadcom Corporation" C:\WINDOWS\System32\BCMLogon.dll File exists
|||||| "Citrix Single Sign-on" "Citrix Systems, Inc." C:\Programme\Citrix\ICA Client\pnsson.dll File exists
Services
HKLM\SYSTEM\CurrentControlSet\Services
|||||| ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) "Microsoft Corporation" C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe File exists
|||||| "Adobe LM Service" (Adobe LM Service) "Adobe Systems" C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe File exists
|||||| "Adobe Version Cue CS4" (Adobe Version Cue CS4) "Adobe Systems Incorporated" C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe File exists
"Akamai NetSession Interface" (Akamai) c:\programme\gemeinsame dateien\akamai\rswin_3725.dll File found, but it contains no detailed information
|||||| "ASP.NET-Zustandsdienst" (aspnet_state) "Microsoft Corporation" C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe File exists
|||||| "avast! Antivirus" (avast! Antivirus) "AVAST Software" C:\Programme\Alwil Software\Avast5\AvastSvc.exe File exists
|||||| "avast! Mail Scanner" (avast! Mail Scanner) "AVAST Software" C:\Programme\Alwil Software\Avast5\AvastSvc.exe File exists
|||||| "avast! Web Scanner" (avast! Web Scanner) "AVAST Software" C:\Programme\Alwil Software\Avast5\AvastSvc.exe File exists
|||||| "Broadcom Wireless LAN Tray Service" (wltrysvc) C:\WINDOWS\System32\WLTRYSVC.EXE File found, but it contains no detailed information
|||||| "Cisco Systems, Inc. VPN Service" (CVPND) "Cisco Systems, Inc." C:\Programme\Cisco Systems\VPN Client\cvpnd.exe File exists
|||||| "FLEXnet Licensing Service" (FLEXnet Licensing Service) "Acresso Software Inc." C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe File exists
|||||| "Fn+F5 Service" (FNF5SVC) "Lenovo." C:\Programme\LENOVO\HOTKEY\FNF5SVC.exe File exists
|||| "Google Update Service (gupdate)" (gupdate) "Google Inc." C:\Programme\Google\Update\GoogleUpdate.exe File exists
|||| "InstallDriver Table Manager" (IDriverT) "Macrovision Corporation" C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe File exists
|||||| "Java Quick Starter" (JavaQuickStarterService) "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\jqs.exe File exists
|||||| "Macromedia Licensing Service" (Macromedia Licensing Service) C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe File exists
|||||| "Microsoft SharePoint Workspace Audit Service" (Microsoft SharePoint Workspace Audit Service) "Microsoft Corporation" C:\Programme\Microsoft Office\Office14\GROOVE.EXE File exists
|||| "My Web Search Service" (MyWebSearchService) "MyWebSearch.com" C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe File exists
"NIHardwareService" (NIHardwareService) "Native Instruments GmbH" C:\Programme\Gemeinsame Dateien\Native Instruments\Hardware\NIHardwareService.exe File exists
"nProtect GameGuard Service" (npggsvc) "INCA Internet Co., Ltd." C:\WINDOWS\system32\GameMon.des File exists
|||||| "Office Source Engine" (ose) "Microsoft Corporation" C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE File exists
|||||| "Office Software Protection Platform" (osppsvc) "Microsoft Corporation" C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE File exists
|| "PMSveH" (PMSveH) "Lenovo" C:\Programme\Lenovo\PM Driver\PMSveH.exe File exists
|||||| "SwitchBoard" (SwitchBoard) "Adobe Systems Incorporated" C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe File exists
|||||| "TuneUp WinStyler Theme Service" (TUWinStylerThemeSvc) "TuneUp Software GmbH" C:\Programme\TuneUpUtilities2006\WinStylerThemeSvc.exe File exists
|||||| "Windows CardSpace" (idsvc) "Microsoft Corporation" C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe File exists
|||||| "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) "Microsoft Corporation" C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe File exists
Winlogon
HKCU\Control Panel\IOProcs
"MVB" mvfs32.dll File not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
"tphotkey" "Lenovo Group Limited" C:\Programme\Lenovo\HOTKEY\tphklock.dll File exists
|||| "WgaLogon" "Microsoft Corporation" C:\WINDOWS\system32\WgaLogon.dll File exists

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru