Sorry hja gestern Abend funtionierte sie. Mein Man hat den Rechner dan normal runtergefahren und als wir ihn heute anmachten startete eine Endlosschleife...update 3von3 wird konfiguriert jedoch kein Fortschritt0% und dann faehrt er runter und startet neu.es funtioniert keiner der abgesicherten Modi und die Windiws Starthilfe landet auch nach einer Sekunde wieder bei der Auswahl..kann an jetzt noch irgendwas machen???
Sorry fuer die Fehler...tippe mit dem Handy ist etwas frickelig zu korrigieren..

Funktioniert der abgesicherte Modus mit Netzwerktreibern noch?

Nein alle drei Varianten des abgesicherten Modus funktionieren nicht es geht bis zu dem Windowssymbol und dann fährt er runter und bootet neu...womit die Schleife von vorn beginnt...

Probier mal die letzte als funktionierend bekannte Konfig zu booten

das kannte ich bis gerade noch nicht, habe ich aber google sei dank gefunden und dauerte relativ lange, endete dann aber in der gleichen Schleife

Hmpf...
Kommst du über F8 in die Computerreparaturoptionen?

Unter erweiterte Startoptionen gab es den Punkt "Computer reparieren", das meointest du oder?
Habe ich drauf geklickt...dauert ne Weile und endet dann auch in der Schleife...

Das sieht nicht gut aus, ...

Hast du einen zweiten funktionierenden Rechner mit CD-Brenner da? Wenn ja, könnte man mit Glück über OTLPE noch was sehen.


Mit einem sauberen 2. Rechner eine OTLPE-CD erstellen und den infizierten Rechner dann von dieser CD booten:

Falls Du kein Brennprogramm installiert hast, lade dir bitte ISOBurner herunter. Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen. Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD.

• Lade OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop. Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.
• Wenn der Download fertig ist, mache einen Doppelklick auf die Datei und beantworte die Frage "Do you want to burn the CD?" mit Yes.
• Lege eine leere CD in Deinen Brenner.
• ImgBurn (oder Dein Brennprogramm) wird das Archiv extrahieren und OTLPE Network auf die CD brennen.
• Wenn der Brenn-Vorgang abgeschlossen ist, wirst Du eine Dialogbox sehen => "Operation successfully completed".
• Du kannst nun die Fenster des Brennprogramms schließen.

Nun boote von der OTLPE CD. Hinweis: Wie boote ich von CD

• Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen.
• Mache einen Doppelklick auf das OTLPE Icon.
• Hinweis: Damit OTLPE auch das richtige installierte Windows scant, musst du den Windows-Ordner des auf der Platte installierten Windows auswählen, einfach nur C: auswählen gibt einen Fehler!
• Wenn Du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
• Wenn Du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
• Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.
• OTLpe sollte nun starten.
• Drücke Run Scan, um den Scan zu starten.
• Wenn der Scan fertig ist, werden die Dateien C:\OTL.Txt und C:\Extras.Txt erstellt
• Kopiere diese Datei auf Deinen USB-Stick, wenn Du keine Internetverbindung auf diesem System hast.
• Bitte poste den Inhalt von C:\OTL.Txt und Extras.Txt.

Also das hat funktioniert....hast du ne Ahnung was da jetzt passiert ist? Einfach nur aus Interesse?!
Hier die log-Dateien:
OTL Logfile:

Code: Alles auswählenAufklappen

ATTFilter

OTL Extras logfile created on: 5/7/2013 5:15:19 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 72.07 Gb Free Space | 48.35% Space Free | Partition Type: NTFS
Drive D: | 14.91 Gb Total Space | 3.99 Gb Free Space | 26.79% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\CEWE COLOR\Mein CEWE FOTOBUCH\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mein CEWE FOTOBUCH] -- "C:\Program Files\CEWE COLOR\Mein CEWE FOTOBUCH\Mein CEWE FOTOBUCH.exe" "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03F39988-365B-3491-2DE8-47D2F40B658C}" = Catalyst Control Center Localization Dutch
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Create
"{0BF78E88-A7C9-4406-89CF-0BA473BA7821}" = Orion
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{1962A938-85FA-AEC7-A533-5D78D976621D}" = Catalyst Control Center Localization Danish
"{1D54B4A2-9CF9-BEC1-BF40-FB67B64FBD37}" = Catalyst Control Center Localization Korean
"{2077FEAB-E2DE-A9C9-52EA-D059F78507A7}" = Catalyst Control Center Localization Turkish
"{232A093A-208F-5A12-1B55-199C0126D140}" = Catalyst Control Center Graphics Light
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{2A13103F-809F-4A5F-D5D5-0462B463CE26}" = Catalyst Control Center Localization German
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{31F4E894-2B51-890F-3A04-89AA16C1B667}" = Catalyst Control Center Localization Russian
"{34AFE453-F544-4269-89C9-CAB7F0744963}" = Nuance OmniPage 17
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{3594EE90-B157-4519-9E82-8B6F4711A0A1}" = Catalyst Control Center - Branding
"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Intel(R) PROSet/Wireless WiFi-Software
"{363D1E82-40C5-C298-4C73-BD72E58168B4}" = Catalyst Control Center Localization Greek
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye webcam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4097D40F-FB75-869F-18A0-637635A5FAA0}" = Catalyst Control Center Localization Chinese Traditional
"{427967BF-09F8-46D5-9275-37001CCBBA5D}" = Winbond CIR Drivers
"{432B7B0E-D471-1A8A-B43D-99C52D0DF092}" = Catalyst Control Center Localization Norwegian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.2
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{506C49D5-1A41-FEBF-8A0B-F4481C73F1DD}" = Catalyst Control Center Localization Swedish
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{584BFB71-3D12-8720-F222-7739726C3E7C}" = Catalyst Control Center Core Implementation
"{58A5DF2E-E32A-DDD5-2724-181DFB0FDD98}" = Kolay gelsin! Vokabeltrainer
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5D5D742B-171C-2C00-810F-3DD837FDE520}" = Catalyst Control Center Localization Hungarian
"{61232CEF-6A36-A4F2-4242-605518175098}" = Catalyst Control Center Localization Finnish
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77B74177-25E3-6801-D4F6-514E0926F3B8}" = Catalyst Control Center Localization Chinese Standard
"{77BDD5AF-E4AC-E3F7-449C-5F5621A84A73}" = Catalyst Control Center Localization Italian
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7F149393-7D14-B0EF-154F-3B83D57725AA}" = Catalyst Control Center Localization French
"{821D7BFA-918B-EDCE-15A5-6C6BAB0528A1}" = Catalyst Control Center Localization Thai
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{851DE017-C00B-4A50-B413-4C05740AF56E}" = Nuance PDF Create! 5
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EAA36CC-E2CA-44AA-B113-CD65FD0F3AC8}" = ScanSoft PaperPort 11
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0F147B7-115C-A8D8-EFB8-B891D0DB39D1}" = ATI Catalyst Install Manager
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA047D7C-5E7C-4878-B75C-77589151B563}" = Acer Crystal Eye webcam
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AF04BC19-3F00-2F3A-2499-19A998E84B95}" = Catalyst Control Center Localization Japanese
"{B1C2147A-54CE-070A-C844-E69C203A3202}" = ccc-core-static
"{B3251D6A-05E1-252C-64A6-4E6A7FE8F6B4}" = Catalyst Control Center Localization Portuguese
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C40AEEAE-DB5D-F537-0A90-A5F75DEE192D}" = Catalyst Control Center Localization Spanish
"{CDBE2FB7-5098-0277-2AE9-145ECE3C0773}" = Catalyst Control Center Localization Czech
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}" = WISO Steuer-Sparbuch 2013
"{DA472378-2901-09E2-E9B9-019342B8CCD0}" = ccc-utility
"{DEAFFA41-FCE8-EBA5-3918-55F9672F75F8}" = Catalyst Control Center Localization Polish
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"Acer GameZone Console_is1" = Acer GameZone Console 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"am-hoteldashtmsuitesuccesstm" = Hotel Dash(TM) - Suite Success(TM)
"AudibleManager" = AudibleManager
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"de.klett.vokabeltrainer.kolaygelsin.994B08470047E3B9846080C577877A5B72079D21.1" = Kolay gelsin! Vokabeltrainer
"GridVista" = Acer GridVista
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"LManager" = Launch Manager
"Mein CEWE FOTOBUCH" = Mein CEWE FOTOBUCH
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Opera 12.14.1738" = Opera 12.14
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The KMPlayer" = The KMPlayer (remove only)
"Verbindungsassistent" = Verbindungsassistent
"Winamp" = Winamp
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\Anika_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
"Dropbox" = Dropbox
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
< End of report >
         

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

OTL Logfile:

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 5/7/2013 5:10:48 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 72.07 Gb Free Space | 48.35% Space Free | Partition Type: NTFS
Drive D: | 14.91 Gb Total Space | 3.99 Gb Free Space | 26.79% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand] --  -- (wbengine)
SRV - [2013/04/12 05:33:42 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/07 08:10:08 | 000,161,384 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/09/28 04:25:54 | 000,625,304 | ---- | M] (Pandora.TV) [Auto] -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/11/18 07:09:24 | 000,330,696 | ---- | M] () [Auto] -- C:\Program Files\Verbindungsassistent\WTGService.exe -- (WTGService)
SRV - [2008/10/16 11:26:20 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/10/16 10:54:34 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/02/25 04:50:10 | 000,491,008 | ---- | M] (Egis Incorporated) [Auto] -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/20 06:32:04 | 000,131,072 | ---- | M] (Acer Inc.) [Auto] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2007/12/19 13:09:22 | 000,024,576 | ---- | M] () [Auto] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007/11/27 13:54:36 | 000,110,592 | ---- | M] () [Auto] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2007/11/22 04:01:00 | 000,358,936 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/10/01 11:42:36 | 000,024,576 | ---- | M] (Acer Inc.) [Auto] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2007/09/20 08:57:28 | 000,167,936 | ---- | M] (acer) [Auto] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] --  -- (IpInIp)
DRV - File not found [Kernel | Auto] --  -- (int15)
DRV - File not found [Kernel | On_Demand] --  -- (catchme)
DRV - [2013/04/24 10:49:26 | 000,022,056 | ---- | M] (Emsisoft GmbH) [Kernel | System] -- C:\Users\Anika\Downloads\EmsisoftEmergencyKit_3.0.0.3\Run\a2ddax86.sys -- (A2DDA)
DRV - [2013/02/23 14:00:54 | 000,106,880 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/11/17 01:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008/03/10 22:11:00 | 008,240,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/01/30 04:24:00 | 003,483,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/01/23 22:29:00 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)
DRV - [2008/01/23 22:29:00 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008/01/20 22:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2008/01/04 12:15:08 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto] -- C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2007/10/30 22:36:32 | 002,252,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007/08/08 15:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/07/30 06:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 05:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/06/12 05:38:26 | 001,729,152 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Anika_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\Anika_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\Anika_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Anika_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.de"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\System32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/12 05:33:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/12 05:33:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/12 05:33:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/12 05:33:32 | 000,000,000 | ---D | M]
 
[2012/12/27 06:45:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anika\AppData\Roaming\Mozilla\Extensions
[2013/05/04 05:45:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anika\AppData\Roaming\Mozilla\Firefox\Profiles\9rdhqelb.default\extensions
[2013/04/12 05:33:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- 
[2013/04/12 05:33:43 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/28 11:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2013/02/06 12:48:45 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013/02/06 12:48:45 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/02/06 12:48:45 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013/02/06 12:48:45 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013/02/06 12:48:45 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013/02/06 12:48:45 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2013/05/04 15:22:02 | 000,000,855 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (HiTRUST)
O2 - BHO: (ZeonIEEventHelper Class) - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Nuance\PDF Create 5\bin\ZeonIEFavClient.dll (Zeon Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {F443A627-5009-4323-9C1D-7FD598D0D712} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Nuance PDF) - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Create 5\bin\ZeonIEFavClient.dll (Zeon Corporation)
O3 - HKU\Anika_ON_C\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [eAudio] C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [Nuance OmniPage 17-reminder] C:\Program Files\Nuance\OmniPage17\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files\Nuance\PDF Create 5\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFHook] C:\Program Files\Nuance\PDF Create 5\PdfCreate5Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PLFSet] C:\Windows\PLFSet.dll ( )
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\Anika_ON_C..\Run: [KiesPreload]  File not found
O4 - Startup: C:\Users\Anika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk =  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\Anika_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Anika_ON_C\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\Anika_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: An vorhandene PDF-Datei anhängen - C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Inhalt der ausgewählten Links an vorhandene PDF-Datei anhängen - C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Linkinhalt an vorhandene PDF-Datei anhängen - C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: PDF-Datei aus Linkinhalt erstellen - C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: PDF-Datei erstellen - C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: PDF-Dateien aus den ausgewählten Links erstellen - C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img11.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img11.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/02/20 17:22:22 | 000,000,000 | ---D | M] - D:\Autogenes Training -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/05/05 01:45:28 | 000,238,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013/05/04 15:39:16 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/05/04 15:34:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2
[2013/05/04 14:25:56 | 000,000,000 | ---D | C] -- C:\RegBackup
[2013/05/04 13:49:30 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/05/04 13:48:15 | 000,000,000 | ---D | C] -- C:\Users\Anika\Desktop\tweaking.com_windows_repair_aio
[2013/05/04 09:44:00 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/05/04 05:38:13 | 000,000,000 | ---D | C] -- C:\Users\Anika\AppData\Roaming\Intel
[2013/05/04 05:38:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming
[2013/05/04 05:37:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2013/05/04 05:37:08 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2013/05/04 05:36:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2013/05/04 05:36:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2013/05/04 05:36:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/05/04 05:35:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/05/03 18:13:26 | 000,000,000 | ---D | C] -- C:\Users\Anika\AppData\Roaming\Zeon
[2013/05/02 14:51:54 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/04/30 05:58:22 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/04/30 05:58:11 | 000,000,000 | ---D | C] -- C:\JRT
[2013/04/27 07:07:54 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013/04/27 04:16:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/04/27 04:15:28 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/04/27 04:15:28 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/04/27 04:15:28 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/04/26 05:49:04 | 000,545,926 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Anika\Desktop\JRT.exe
[2013/04/26 04:05:38 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/04/26 04:05:38 | 000,000,000 | ---D | C] -- C:\Users\Anika\AppData\Local\temp
[2013/04/26 03:57:01 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/04/26 03:39:12 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/04/26 03:39:12 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/04/26 03:39:12 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/04/26 03:38:44 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013/04/26 03:17:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/04/26 03:15:13 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/04/25 14:38:22 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Anika\Desktop\tdsskiller.exe
[2013/04/25 14:12:14 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Anika\Desktop\aswMBR.exe
[2013/04/25 09:06:39 | 000,000,000 | ---D | C] -- C:\Users\Anika\Desktop\mbar
[2013/04/25 07:17:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Anika\Desktop\OTL.exe
[2013/04/22 11:42:28 | 000,000,000 | ---D | C] -- C:\Users\Anika\Documents\My Kindle Content
[2013/04/22 11:42:02 | 000,000,000 | ---D | C] -- C:\Users\Anika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2013/04/22 11:41:44 | 000,000,000 | ---D | C] -- C:\Users\Anika\AppData\Local\Amazon
[2013/04/19 06:59:41 | 000,000,000 | ---D | C] -- C:\Users\Anika\Documents\Eigene PaperPort-Dokumente
[2013/04/19 06:58:01 | 000,000,000 | ---D | C] -- C:\Users\Anika\AppData\Roaming\FLEXnet
[2013/04/19 06:57:42 | 000,000,000 | ---D | C] -- C:\Users\Anika\AppData\Roaming\ScanSoft
[2013/04/12 05:33:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/04/12 01:26:35 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/04/12 01:26:35 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2013/04/12 01:26:34 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/04/12 01:26:34 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/04/12 01:26:34 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/04/12 01:26:33 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2013/04/12 01:26:33 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/04/12 01:26:32 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/04/12 01:26:32 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/04/12 01:26:31 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/04/10 05:57:41 | 003,603,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/04/10 05:57:41 | 003,551,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/04/10 05:57:41 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013/04/10 05:57:35 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013/04/10 05:57:31 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/12/26 16:21:07 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe
[2012/12/26 16:18:31 | 000,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2012/12/26 16:18:30 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2008/03/25 16:59:55 | 000,045,056 | ---- | C] ( ) -- C:\Windows\PLFSet.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013/05/07 09:38:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/07 09:38:03 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/07 08:30:08 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/07 08:30:08 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/05 03:05:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/05 01:05:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/05 01:00:16 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013/05/05 01:00:16 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/05/05 01:00:16 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013/05/05 01:00:16 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/05/05 00:54:42 | 000,297,504 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/05/04 15:31:10 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/05/04 15:22:02 | 000,000,855 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/05/04 14:26:49 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-ANIKA-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-Bit).dat
[2013/05/04 13:42:38 | 003,499,663 | ---- | M] () -- C:\Users\Anika\Desktop\tweaking.com_windows_repair_aio.zip
[2013/05/04 07:17:32 | 006,991,879 | ---- | M] () -- C:\Users\Public\Desktop\fsdiag.zip
[2013/05/04 05:55:16 | 000,000,680 | ---- | M] () -- C:\Users\Anika\AppData\Local\d3d9caps.dat
[2013/05/04 05:37:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2013/05/04 05:36:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/05/04 04:48:52 | 000,000,614 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
[2013/05/02 14:57:24 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts_bak_571
[2013/05/01 20:06:08 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013/04/30 05:39:02 | 000,545,926 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Anika\Desktop\JRT.exe
[2013/04/26 18:18:06 | 000,619,461 | ---- | M] () -- C:\Users\Anika\Desktop\adwcleaner.exe
[2013/04/26 18:13:19 | 000,000,120 | ---- | M] () -- C:\Users\Anika\Desktop\r45oi9ke.htm.part
[2013/04/26 05:31:17 | 000,015,162 | ---- | M] () -- C:\Users\Anika\Desktop\get-mirror-server.html
[2013/04/25 14:38:31 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Anika\Desktop\tdsskiller.exe
[2013/04/25 14:13:35 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Anika\Desktop\aswMBR.exe
[2013/04/25 07:17:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anika\Desktop\OTL.exe
[2013/04/22 11:42:05 | 000,002,022 | ---- | M] () -- C:\Users\Anika\Desktop\Kindle.lnk
[2013/04/19 07:01:43 | 000,014,973 | ---- | M] () -- C:\Users\Anika\Documents\Mutterschaftsgeldbescheinigung.pdf
[2013/04/15 07:21:44 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/04/15 07:21:44 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
 
========== Files Created - No Company Name ==========
 
[2013/05/05 14:14:46 | 3219,578,880 | -HS- | C] () -- C:\hiberfil.sys
[2013/05/04 14:26:49 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-ANIKA-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-Bit).dat
[2013/05/04 13:42:36 | 003,499,663 | ---- | C] () -- C:\Users\Anika\Desktop\tweaking.com_windows_repair_aio.zip
[2013/05/04 05:55:16 | 000,000,680 | ---- | C] () -- C:\Users\Anika\AppData\Local\d3d9caps.dat
[2013/04/26 18:18:03 | 000,619,461 | ---- | C] () -- C:\Users\Anika\Desktop\adwcleaner.exe
[2013/04/26 18:13:18 | 000,000,120 | ---- | C] () -- C:\Users\Anika\Desktop\r45oi9ke.htm.part
[2013/04/26 05:31:17 | 000,015,162 | ---- | C] () -- C:\Users\Anika\Desktop\get-mirror-server.html
[2013/04/26 03:39:12 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/04/26 03:39:12 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/04/26 03:39:12 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/04/26 03:39:12 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/04/26 03:39:12 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/04/24 05:28:52 | 006,991,879 | ---- | C] () -- C:\Users\Public\Desktop\fsdiag.zip
[2013/04/22 11:42:05 | 000,002,022 | ---- | C] () -- C:\Users\Anika\Desktop\Kindle.lnk
[2013/04/19 07:01:43 | 000,014,973 | ---- | C] () -- C:\Users\Anika\Documents\Mutterschaftsgeldbescheinigung.pdf
[2013/02/05 12:52:54 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013/02/05 12:52:50 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2013/02/05 12:52:50 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2013/02/05 12:52:50 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2013/02/05 12:52:50 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2013/01/30 17:40:08 | 000,000,583 | ---- | C] () -- C:\Windows\wiso.ini
[2013/01/30 08:52:37 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/01/30 08:41:30 | 000,032,228 | ---- | C] () -- C:\Windows\maxlink.ini
[2013/01/02 14:50:58 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2013/01/02 14:50:58 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2013/01/02 14:24:29 | 000,000,212 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2013/01/02 14:24:29 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2013/01/02 14:24:29 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf07a.dat
[2013/01/02 14:16:58 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2012/12/28 08:02:22 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012/12/28 08:02:22 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012/12/27 06:33:40 | 000,019,403 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2012/12/27 00:51:49 | 000,000,030 | ---- | C] () -- C:\Windows\SetPanel.ini
[2012/12/27 00:51:20 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2012/12/26 18:25:52 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012/12/26 16:21:07 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2012/12/26 15:57:17 | 000,001,132 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2012/12/26 15:57:17 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\RtkHDAud.dat
[2012/12/26 15:56:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008/03/25 19:32:43 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2008/03/25 17:00:11 | 000,000,140 | ---- | C] () -- C:\Windows\Alaunch.ini
[2008/03/25 16:59:55 | 001,729,152 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008/03/25 16:59:49 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/03/25 16:59:49 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/03/25 16:59:48 | 000,159,146 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/03/25 16:59:41 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/03/25 10:21:39 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2008/03/25 10:20:59 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2008/01/21 03:15:58 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/01/21 03:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/01/21 03:15:58 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/01/21 03:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,297,504 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001/12/26 10:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/03 17:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 10:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 16:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
 
========== LOP Check ==========
 
[2013/01/30 08:41:30 | 000,000,000 | ---D | M] -- C:\Users\Anika\AppData\Roaming\.oit
[2008/03/25 09:54:34 | 000,000,000 | ---D | M] -- C:\Users\Anika\AppData\Roaming\Acer GameZone Console
[2013/01/31 10:10:04 | 000,000,000 | ---D | M] -- C:\Users\Anika\AppData\Roaming\Buhl Data Service
[2013/05/05 00:56:52 | 000,000,000 | ---D | M] -- C:\Users\Anika\AppData\Roaming\Dropbox
[2013/01/30 08:50:39 | 000,000,000 | ---D | M] -- C:\Users\Anika\AppData\Roaming\Nuance
[2012/12/27 06:45:19 | 000,000,000 | ---D | M] -- C:\Users\Anika\AppData\Roaming\Opera
[2013/03/13 20:15:41 | 000,000,000 | ---D | M] -- C:\Users\Anika\AppData\Roaming\PlayFirst
[2013/05/04 05:51:55 | 000,000,000 | ---D | M] -- C:\Users\Anika\AppData\Roaming\Samsung
[2013/04/19 06:57:42 | 000,000,000 | ---D | M] -- C:\Users\Anika\AppData\Roaming\ScanSoft
[2013/03/01 12:01:46 | 000,000,000 | ---D | M] -- C:\Users\Anika\AppData\Roaming\Verbindungsassistent
[2013/05/03 18:13:26 | 000,000,000 | ---D | M] -- C:\Users\Anika\AppData\Roaming\Zeon
[2008/03/25 09:54:34 | 000,000,000 | ---D | M] -- C:\ProgramData\Acer GameZone Console
[2012/12/26 16:01:25 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2013/01/30 18:02:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Buhl Data Service GmbH
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2012/12/26 16:01:25 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2013/05/04 10:02:40 | 000,000,000 | ---D | M] -- C:\ProgramData\F-Secure
[2012/12/26 16:01:25 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2008/03/25 09:43:46 | 000,000,000 | ---D | M] -- C:\ProgramData\FloodLightGames
[2013/01/30 08:52:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Nuance
[2013/03/13 20:15:41 | 000,000,000 | ---D | M] -- C:\ProgramData\PlayFirst
[2013/05/04 05:38:08 | 000,000,000 | ---D | M] -- C:\ProgramData\Roaming
[2013/03/16 19:27:10 | 000,000,000 | ---D | M] -- C:\ProgramData\Samsung
[2013/01/30 08:49:36 | 000,000,000 | ---D | M] -- C:\ProgramData\ScanSoft
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2012/12/26 16:01:25 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2013/05/05 00:55:25 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2006/11/02 09:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2013/01/30 16:41:32 | 000,000,000 | ---D | M] -- C:\ProgramData\tmp
[2012/12/26 16:01:25 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2013/01/07 04:39:57 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2013/01/30 08:52:24 | 000,000,000 | ---D | M] -- C:\ProgramData\zeon
[2008/03/25 10:31:26 | 000,000,000 | ---D | M] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2013/05/07 08:30:16 | 000,032,558 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013/05/04 04:48:52 | 000,000,614 | ---- | M] () -- C:\Windows\Tasks\Scheduled scanning task.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 232 bytes -> C:\ProgramData\TEMP:FED912DB
< End of report >
         

--- --- ---

Ich seh da nichts auffälliges.
Wenn dein Vista nicht mehr will, wirst du es mit einer Vista-Setup-DVD reparieren oder gar komplett neuinstallieren müssen. Vorher Daten sichern zB über eine Linux-Live-CD (zB Knoppix oder Parted Magic)

OK komisch....leider ist das so ein doofes Recoverysystem...also werde ich mal die Daten der letzten Tage kopieren und dann neu aufsetzen schade um die viele Mühe die du dir gemacht hast! Dennoch vielen Dank...ich habe vieles gelernt, auch wenn die log-Dateien für mich ein Rätsel darstellen...Spende kommt wie versprochen!

Wenn du jmd mit einer Vista-DVD kennst, kannst du dir diese auch ausleihen
Evtl. kommst du auch günstig an einen derartigen Datenträger über den Onlineshop der mit A anfängt ran...oder über die Bucht, die mit einem e anfängt

Also als kurze Rückmeldung: Habe eine solche CD gekauft und es damit versucht, sämtliche Reparaturoptionen, Startreparaturen und Systemwiederherstellungen funktionieren nicht...werde die Festplatte jetzt ausbauen und noch ein paar Daten auslesen und dann alles neu aufsetzen...
für alle Mühe und Betreuung!!!
PS Ich weiß, dass eure Arbeit fast nicht bezahlbar ist, die versprochene Spende kommt, sobald ich über einen "sauberen" Rechner verfüge...aktuell trau ich mich solche Dinge nicht...

Deswegen muss man doch die Festplatte nicht gleich ausbauen
Botte den Rechner von einer Live-CD wie Knoppix und sicher die Daten über dieses System auf eine externe Platte oder so

Hm ja nur leider komme ich so nicht an die Outlook Dateien, die ich noch nicht exportiert hatte...habe sie jetzt ausgebaut, aber leider wird sie vom Win 7 Rechner erkannt, aber mit "System-reserviert" angezeigt und ich kann überhaupt nicht auf den Inhalt zugreifen...hast du da auch nen Tipp für mich?!