Antispyware Soft Virus

Mashti · 04.06.2010, 10:57

Sorry für die späte Antwort.

Nein, Rechtsklicken kann ich ja nicht mehr, weil dann sofort eine Fehlermeldung bekomme und der Windows Explorer abstürzt.

Ich öffne den Zip Ordner, klicke auf die Datei die ich haben möchte (in diesem Fall die OSAM.exe) und ziehe die Datei auf meinen Desktop.

cosinus · 04.06.2010, 11:02

Die OSAM.exe allein reicht nicht. Du musst alles in einen Ordner entpacken.

Mashti · 04.06.2010, 12:03

Das habe ich ja auch versucht. Du hattest die Datei ja für mich umgepackt. Der Entpackvorgang bricht aber bei 33 % ab und alles wird entpackt außer die Osam.exe.

Mashti · 07.06.2010, 23:21

Keine Hilfe mehr?

cosinus · 08.06.2010, 08:16

Deaktivier vor dem Entpacken mal bitte McAfee, ich glaube so langsam der ist schuld daran. Lass den deaktiviert und führ osam aus.

Mashti · 08.06.2010, 14:37

Echt komisch. Nachdem ich McAfee ausgeschaltet habe, hats tatsächlich funktioniert. Aber wenn ich andere Sachen entpacken möchte, muss ich McAfee nicht ausschalten.

Naja, hier das log:

OSAM Logfile:

Code:

ATTFilter

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 15:31:59 on 08.06.2010

OS: Windows XP Professional Service Pack 3 (Build 2600)
Default Browser: Microsoft Corporation Internet Explorer 8.00.6001.18702

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"AppleSoftwareUpdate.job" - "Apple Inc." - C:\Programme\Apple Software Update\SoftwareUpdate.exe
"McDefragTask.job" - "McAfee, Inc." - c:\PROGRA~1\mcafee\mqc\QcConsol.exe
"Erweiterte Garantie.job" - "Packard Bell BV" - C:\APPS\SMP\PBCARNOT.EXE
"GoogleUpdateTaskUserS-1-5-21-3469752352-2384856531-3581575452-1005Core.job" - "Google Inc." - C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-3469752352-2384856531-3581575452-1005UA.job" - "Google Inc." - C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
"McQcTask.job" - "McAfee, Inc." - c:\PROGRA~1\mcafee\mqc\QcConsol.exe
"Scheduled Update for Ask Toolbar.job" - ? - C:\Programme\Ask.com\UpdateTask.exe  (File found, but it contains no detailed information)
"1-Klick-Wartung.job" - "TuneUp Software GmbH" - C:\Programme\TuneUp Utilities 2009\OneClickStarter.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"bdeadmin.cpl" - "Borland Software Corporation" - C:\WINDOWS\system32\bdeadmin.cpl
"cmdvdpak.cpl" - "Sonic Solutions" - C:\WINDOWS\system32\cmdvdpak.cpl
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"ISUSPM.cpl" - "Macrovision Corporation" - C:\WINDOWS\system32\ISUSPM.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"nvcpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.cpl
"nvtuicpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvtuicpl.cpl
"PhysX.cpl" - ? - C:\WINDOWS\system32\PhysX.cpl
"scurecpl.cpl" - "Softex, Inc" - C:\WINDOWS\system32\scurecpl.cpl
"SETUPPC.CPL" - "NEC Computers International" - C:\WINDOWS\system32\SETUPPC.CPL
"trueprint.cpl" - "AuthenTec, Inc." - C:\WINDOWS\system32\trueprint.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"ECSEPM" - "Sony Ericsson Mobile Communications AB" - C:\Programme\Sony Ericsson\Mobile4\Mobile Phone Monitor\ecsepm.cpl
"Nero BurnRights" - ? - C:\Programme\Nero\Nero 9\Nero BurnRights\NeroBurnRights_cpl.cpl  (File not found)
"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl
"TSSMPM" - "Teleca Sweden AB" - C:\Programme\HTC\HTC Sync\Mobile Phone Monitor\tssmpm.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"AEGIS Protocol (IEEE 802.1x) v3.7.5.0" (AegisP) - "Cisco Systems, Inc." - C:\WINDOWS\System32\DRIVERS\AegisP.sys
"ANIO Service" (ANIO) - "Alpha Networks Inc." - C:\WINDOWS\system32\ANIO.SYS
"Aspi32" (Aspi32) - "Adaptec" - C:\WINDOWS\System32\drivers\aspi32.sys
"AVM FRITZ!web DSL PPP" (NETFWDSL) - ? - C:\WINDOWS\System32\DRIVERS\NETFWDSL.SYS  (File not found)
"BWNDIS5 NDIS Protocol Driver" (BWNDIS5) - ? - C:\WINDOWS\system32\BWNDIS5.SYS  (File not found)
"DLABMFSM" (DLABMFSM) - "Roxio" - C:\WINDOWS\System32\DLA\DLABMFSM.SYS
"DLABOIOM" (DLABOIOM) - "Roxio" - C:\WINDOWS\System32\DLA\DLABOIOM.SYS
"DLACDBHM" (DLACDBHM) - "Roxio" - C:\WINDOWS\System32\Drivers\DLACDBHM.SYS
"DLADResM" (DLADResM) - "Roxio" - C:\WINDOWS\System32\DLA\DLADResM.SYS
"DLAIFS_M" (DLAIFS_M) - "Roxio" - C:\WINDOWS\System32\DLA\DLAIFS_M.SYS
"DLAOPIOM" (DLAOPIOM) - "Roxio" - C:\WINDOWS\System32\DLA\DLAOPIOM.SYS
"DLAPoolM" (DLAPoolM) - "Roxio" - C:\WINDOWS\System32\DLA\DLAPoolM.SYS
"DLARTL_M" (DLARTL_M) - "Roxio" - C:\WINDOWS\System32\Drivers\DLARTL_M.SYS
"DLAUDFAM" (DLAUDFAM) - "Roxio" - C:\WINDOWS\System32\DLA\DLAUDFAM.SYS
"DLAUDF_M" (DLAUDF_M) - "Roxio" - C:\WINDOWS\System32\DLA\DLAUDF_M.SYS
"drvmcdb" (drvmcdb) - "Sonic Solutions" - C:\WINDOWS\System32\drivers\drvmcdb.sys
"DRVNDDM" (DRVNDDM) - "Roxio" - C:\WINDOWS\System32\Drivers\DRVNDDM.SYS
"DSL-Manager Service" (TSMPacket) - "T-Systems" - C:\WINDOWS\System32\DRIVERS\tsmpkt.sys
"dsltestSp5 NDIS Protocol Driver" (dsltestSp5) - "Printing Communications Assoc., Inc. (PCAUSA)" - C:\WINDOWS\System32\Drivers\dsltestSp5.sys
"DTV_Loader_2X0 Loader" (DTV_Loader_2X0) - "WideView Technology Inc." - C:\WINDOWS\System32\Drivers\DTV_Loader_2X0.sys
"DVB2GO mini DVB-T USB Receiver Driver" (DTV_Capture_2X0) - "Computer & Entertainment, Inc." - C:\WINDOWS\System32\Drivers\DTV_Capture_2X0.sys
"ElbyCDIO Driver" (ElbyCDIO) - "Elaborate Bytes AG" - C:\WINDOWS\System32\Drivers\ElbyCDIO.sys
"ElbyDelay" (ElbyDelay) - "Elaborate Bytes AG" - C:\WINDOWS\System32\Drivers\ElbyDelay.sys
"FssFltr" (fssfltr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys
"iPodDrv" (iPodDrv) - "Windows (R) Codename Longhorn DDK provider" - C:\WINDOWS\system32\drivers\iPodDrv.sys
"McAfee Inc. mferkdk" (mferkdk) - "McAfee, Inc." - C:\WINDOWS\System32\drivers\mferkdk.sys
"MHN-Treiber" (MHNDRV) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mhndrv.sys
"NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver" (RTL8187B) - ? - C:\WINDOWS\System32\DRIVERS\wg111v3.sys  (File not found)
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDNMp50 NDIS Protocol Driver" (PDNMp50) - ? - C:\WINDOWS\system32\drivers\PDNMp50.sys  (File not found)
"PDNSp50 NDIS Protocol Driver" (PDNSp50) - ? - C:\WINDOWS\system32\drivers\PDNSp50.sys  (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"SSHDRV62" (SSHDRV62) - ? - C:\WINDOWS\system32\drivers\SSHDRV62.sys  (File found, but it contains no detailed information)
"StarOpen" (StarOpen) - ? - C:\WINDOWS\system32\drivers\StarOpen.sys  (File found, but it contains no detailed information)
"viamraid" (viamraid) - "VIA Technologies inc,.ltd" - C:\WINDOWS\System32\DRIVERS\viamraid.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{4B1BEB48-7F24-0252-334F-D6DE757DFE03} "StubPath" - ? - C:\WINDOWS\system32\system32.exe  (File not found)
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\Programme\Haali\MatroskaSplitter\mmfinfo.dll  (File found, but it contains no detailed information)
{7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll
{C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{B1759355-3EEC-4C1E-B0F1-B719FE26E377} "Google Dictionary Compression filter" - "Google Inc." - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
{807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{9462A756-7B47-47BC-8C80-C34B9B80B32B} "BackWeb GA Pluggable Protocol" - "Logitech Inc." - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{5513F07E-936B-4E52-9B00-067394E91CC5} "McAfee SACore Protocol Handler" - "McAfee, Inc." - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
{5513F07E-936B-4E52-9B00-067394E91CC5} "McAfee SACore Protocol Handler" - "McAfee, Inc." - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Programme\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Programme\7-Zip\7-zip.dll
{51A64D28-F937-4045-A420-065CEFBD8A76} "ARARCtxMenu Class" - "DataNumen, Inc." - C:\Programme\ARAR\ARARSHL.dll
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Programme\Windows Live\Mail\mailcomm.dll
{ABC70703-32AF-11d4-90C4-D483A70F4825} "CMenuExtender" - ? -   (File not found | COM-object registry key not found)
{94586423-855F-4EB2-9F6A-D9DA5658DBE3} "Context menu" - ? - C:\PROGRA~1\FREEM4~1\m4a_menu.dll  (File found, but it contains no detailed information)
 "CorelDRAW ESSENTIALS Shell Extension Component" - ? -   (File not found | COM-object registry key not found)
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll  (File not found)
{738D66C6-0149-4D40-84E4-A7BB2D0CE949} "Datei-Manager" - "Popwire AB" - C:\Programme\Sony Ericsson\Mobile4\File Manager\FM.dll
{BBD2BACA-BEED-4307-86F7-563562FCFC13} "Datei-Manager" - "Popwire AB" - C:\Programme\Sony Ericsson\Mobile4\File Manager\FM.dll
{1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll
{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll
{F49C55B9-D417-45A1-A6E7-D6E057946280} "FdmUplShlExt" - ? -   (File not found | COM-object registry key not found)
{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\Programme\Haali\MatroskaSplitter\mmfinfo.dll  (File found, but it contains no detailed information)
{5574006C-28F5-4a65-A28C-74DE6BFBE0BB} "Haali Matroska Shell Property Page" - ? - C:\Programme\Haali\MatroskaSplitter\mmfinfo.dll  (File found, but it contains no detailed information)
{327669A0-59A7-4be9-B99E-1C9F3A57611A} "Haali Matroska Thumbnail Extractor" - ? - C:\Programme\Haali\MatroskaSplitter\mmfinfo.dll  (File found, but it contains no detailed information)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll
{DC70C4A5-2044-4c59-B806-DEFB9AE0DF7C} "KbLogiExt Class" - "Logitech, Inc." - C:\Programme\Logitech\SetPoint\kbcplext.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)
{B9B9F083-2B04-452A-8691-83694AC1037B} "LogiExt Class" - "Logitech, Inc." - C:\Programme\Logitech\SetPoint\mcplext.dll
{73B24247-042E-4EF5-ADC2-42F62E6FD654} "MCLiteShellExt Class" - ? - C:\Programme\ICQLite\ICQLiteShell.dll
{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} "Microsoft Browser Architecture" - ? -   (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\OFFICE11\msohev.dll
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEd Live Icons" - ? -   (File not found | COM-object registry key not found)
{C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll
{1CA6BBC9-E9FA-4021-822B-075DF1837B63} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll
{B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll
{4FBFFA8D-F390-471a-AE46-FEB93623AD63} "NeroDigitalInfoHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll
{7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll
{846083A4-BFC6-4447-985C-6578B466A7D7} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll
{EDCC595A-F0EE-4d81-B554-D5D01C7AFB87} "NeroDigitalThumbnailHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll
{FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll
{CCFE56EE-C7DE-44EE-A160-4553A5A912C9} "OmniPass Shell Extension" - ? -   (File not found | COM-object registry key not found)
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\program files\real\realplayer\rpshell.dll
{5E44E225-A408-11CF-B581-008029601108} "Roxio DragToDisc Shell Extension" - "Roxio" - C:\Programme\Roxio\Drag-to-Disc\Shellex.dll
{0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} "RXDCExtShlExt extension" - ? -   (File not found | COM-object registry key not found)
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{F2185E5D-720E-4956-90D9-75F6AC141575} "SidebarIconHandler Class" - "Idea2" - C:\Programme\Desktop Sidebar\sbhelp.dll
{D0CE97A0-415B-42E9-B251-34393AF2D5F6} "Softex OmniPass Encrypted File" - "Softex Inc." - C:\Apps\Softex\OmniPass\opfolderext.dll
{D5B1944E-DB4E-482E-B3F1-DB05827F0978} "Softex OmniPass Encrypted Folder" - "Softex Inc." - C:\Apps\Softex\OmniPass\opfolderext.dll
{4838CD50-7E5D-4811-9B17-C47A85539F28} "TuneUp Disk Space Explorer Shell Extension" - "TuneUp Software" - C:\Programme\TuneUp Utilities 2009\DseShExt-x86.dll
{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software" - C:\Programme\TuneUp Utilities 2009\SDShelEx-win32.dll
{44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software" - C:\WINDOWS\System32\uxtuneup.dll
{DBD8E168-244D-448C-9922-25508950D1DC} "Ulead UDF Driver" - ? -   (File not found | COM-object registry key not found)
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll  (File found, but it contains no detailed information)
{A965C8E0-54A7-11D6-BF08-00079500BB23} "ZipZag Shell Extension" - ? - C:\Programme\ZipZag\zipzagcm.dll  (File found, but it contains no detailed information)
{ABE00001-0123-ABED-1248-0248ADFA1909} "Zoom Player ShellExt" - ? -   (File not found | COM-object registry key not found)
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"Klicke hier um das Projekt xp-AntiSpy zu unterstützen" - ? - C:\Programme\xp-AntiSpy\sponsoring\sponsor.html
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Programme\Windows Live\Toolbar\wltcore.dll
<binary data> "Ask Toolbar" - "Ask.com" - C:\Programme\Ask.com\GenericAskToolbar.dll
<binary data> "DAEMON Tools Toolbar" - ? - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll
<binary data> "EPSON Web-To-Page" - "SEIKO EPSON CORPORATION" - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBarLayout" - ? -   (File not found | COM-object registry key not found)
<binary data> "{4064EA35-578D-4073-A834-C96D82CBCF40}" - ? -   (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} "McAfee SiteAdvisor Toolbar" - "McAfee, Inc." - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
{00000000-6E41-4FD3-8538-502F5495E5FC} "UrlSearchHook Class" - "Ask.com" - C:\Programme\Ask.com\GenericAskToolbar.dll
{EF99BD32-C1FB-11D2-892F-0090271D4F88} "Yahoo! Toolbar" - "Yahoo! Inc." - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{00B71CFB-6864-4346-A978-C0A14556272C} "Checkers Class" - "Microsoft Corporation" - C:\WINDOWS\Downloaded Program Files\msgrchkr.dll / hxxp://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
{20A60F0D-9AFA-4515-A0FD-83BD84642501} "Checkers Class" - "Microsoft Corporation" - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\msgrchkr.dll / hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
{D821DC4A-0814-435E-9820-661C543A4679} "CRLDownloadWrapper Class" - "Microsoft Corporation" - C:\WINDOWS\Downloaded Program Files\crlocx.ocx / hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
{4871A87A-BFDD-4106-8153-FFDE2BAC2967} "DLM Control" - "Akamai Technologies, Inc." - C:\WINDOWS\DOWNLO~1\DOWNLO~1.OCX / hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.2.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_15.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_15.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_15.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
{A903E5AB-C67E-40FB-94F1-E1305982F6E0} "KooPlayer Control" - "Koos" - C:\WINDOWS\DOWNLO~1\UKOOPL~1.OCX / hxxp://www.euchannels.net/UKooPlayer.ocx
{14B87622-7E19-4EA8-93B3-97215F77A6BC} "MessengerStatsClient Class" - "Microsoft Corporation" - C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll / hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} "MessengerStatsClient Class" - "Microsoft Corporation" - C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll / hxxp://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} "MessengerStatsClient Class" - "Microsoft Corporation" - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\MessengerStatsPAClient.dll / hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
{FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} "pCastPanel Class" - ? - C:\WINDOWS\Downloaded Program Files\pCastCtl.dll / hxxp://iptv.zgzcw.com/pCastCtl_1.0.0.89_20080808.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
{F6BF0D00-0B2A-4A75-BF7B-F385591623AF} "Solitaire Showdown Class" - "Microsoft Corporation" - C:\WINDOWS\Downloaded Program Files\solitaireshowdown.dll / hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
{1E54D648-B804-468d-BC78-4AFFED8E262E} "System Requirements Lab Class" - "Husdawg, LLC" - C:\WINDOWS\Downloaded Program Files\sysreqlab_srl.dll / hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
{5D6F45B3-9043-443D-A792-115447494D24} "UnoCtrl Class" - "Microsoft" - C:\WINDOWS\Downloaded Program Files\GAME_UNO1.dll / hxxp://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab
{17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\WINDOWS\system32\LegitCheckControl.DLL / hxxp://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab
{67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} "{67A5F8DC-1A4B-4D66-9F24-A704AD929EEE}" - ? -   (File not found | COM-object registry key not found) / hxxp://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? -   (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} "{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab
{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} "{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} "{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} "{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? -   (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"ICQ Lite" - "ICQ Ltd." - C:\Programme\ICQLite\ICQLite.exe
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
"PokerStars" - "PokerStars" - C:\Programme\PokerStars\PokerStarsUpdate.exe
"PokerStars.net" - "PokerStars" - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
{45AD732C-2CE2-4666-B366-B2214AD57A49} "Subscribe in Desktop Sidebar" - "Idea2" - C:\Programme\Desktop Sidebar\sbhelp.dll
"Titan Poker" - ? - C:\Poker\Titan Poker\casino.exe
{FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} "Upload" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Programme\Windows Live\Toolbar\wltcore.dll
<binary data> "Ask Toolbar" - "Ask.com" - C:\Programme\Ask.com\GenericAskToolbar.dll
<binary data> "DAEMON Tools Toolbar" - ? - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll
<binary data> "EPSON Web-To-Page" - "SEIKO EPSON CORPORATION" - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} "McAfee SiteAdvisor Toolbar" - "McAfee, Inc." - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} "QuickStores-Toolbar" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
<binary data> "Yahoo! Toolbar" - "Yahoo! Inc." - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{02478D38-C3F9-4efb-9B51-7695ECA05670} "&Yahoo! Toolbar Helper" - "Yahoo! Inc." - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
{D4027C7F-154A-4066-A1AD-4243D8127440} "Ask Toolbar" - "Ask.com" - C:\Programme\Ask.com\GenericAskToolbar.dll
{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} "EpsonToolBandKicker Class" - "SEIKO EPSON CORPORATION" - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
{65134FDF-F8A5-4B3D-91D9-CDF273CFD578} "PodcastBHO Class" - "doubleTwist Corporation" - C:\Programme\Gemeinsame Dateien\doubleTwist\IEPodcastPlugin.dll
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} "QuickStores-Toolbar" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"Bo-Shot.lnk" - "BoSoft" - C:\Programme\Bo-Shot\Bo-Shot.exe  (Shortcut exists | File exists)
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
"Hama Wireless LAN Utility.lnk" - "Hama GmbH & Co KG" - C:\Programme\Hama\Common\RaUI.exe  (Shortcut exists | File exists)
"Logitech SetPoint.lnk" - "Logitech, Inc." - C:\Programme\Logitech\SetPoint\SetPoint.exe  (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\Kamyar\Startmenü\Programme\Autostart\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"doubleTwist" - "doubleTwist Corporation" - C:\Programme\doubleTwist 2.0\DoubleTwist.DeviceHelper.exe
"Google Update" - "Google Inc." - "C:\Dokumente und Einstellungen\Kamyar\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe" /c
"swg" - "Google Inc." - "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"ANIWZCS2Service" - "Alpha Networks Inc." - C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe
"AppleSyncNotifier" - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe
"D-Link AirPlus G" - "D-Link" - C:\Programme\D-Link\AirPlus G\AirGCFG.exe
"iTunesHelper" - "Apple Inc." - "C:\Programme\iTunes\iTunesHelper.exe"
"mcagent_exe" - "McAfee, Inc." - "C:\Programme\McAfee.com\Agent\mcagent.exe" /runkey
"mHotkey" - ? - mHotkey.exe
"Mobile Connectivity Suite" - "Teleca Sweden AB" - "C:\Programme\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
"NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
"OmniPass" - ? - C:\Apps\Softex\OmniPass\scureapp.exe
"QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\qttask.exe" -atboottime
"TkBellExe" - "RealNetworks, Inc." - "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe"  -osboot

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\mdimon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"ANIWZCSd Service" (ANIWZCSdService) - "Alpha Networks Inc." - C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
"AOL Connectivity Service" (AOL ACS) - "America Online, Inc." - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Programme\Bonjour\mDNSResponder.exe
"DSL-Manager" (TDslMgrService) - "T-Systems Enterprise Services GmbH" - C:\Programme\T-Online\DSL-Manager\DslMgrSvc.exe
"Google Software Updater" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Programme\iPod\bin\iPodService.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"Logitech Bluetooth Service" (LBTServ) - "Logitech, Inc." - C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe
"McAfee Network Agent" (McNASvc) - "McAfee, Inc." - c:\PROGRA~1\GEMEIN~1\mcafee\mna\mcnasvc.exe
"McAfee Personal Firewall Service" (MpfService) - "McAfee, Inc." - C:\Programme\McAfee\MPF\MPFSrv.exe
"McAfee Proxy Service" (McProxy) - "McAfee, Inc." - c:\PROGRA~1\GEMEIN~1\mcafee\mcproxy\mcproxy.exe
"McAfee Real-time Scanner" (McShield) - "McAfee, Inc." - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
"McAfee Scanner" (McODS) - "McAfee, Inc." - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
"McAfee Services" (mcmscsvc) - "McAfee, Inc." - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
"McAfee SiteAdvisor Service" (McAfee SiteAdvisor Service) - "McAfee, Inc." - C:\Programme\McAfee\SiteAdvisor\McSACore.exe
"MHN" (MHN) - "Microsoft Corporation" - C:\WINDOWS\System32\mhn.dll
"Nero BackItUp Scheduler 4.0" (Nero BackItUp Scheduler 4.0) - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
"NMSAccessU" (NMSAccessU) - ? - C:\Programme\CDBurnerXP\NMSAccessU.exe  (File found, but it contains no detailed information)
"NVIDIA Display Driver Service" (NVSvc) - "NVIDIA Corporation" - C:\WINDOWS\system32\nvsvc32.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
"Ralink Registry Writer" (RalinkRegistryWriter) - "Ralink Technology, Corp." - C:\Programme\Hama\Common\RalinkRegistryWriter.exe
"SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
"Softex OmniPass Service" (omniserv) - "Softex Inc." - C:\Apps\Softex\OmniPass\Omniserv.exe
"stllssvr" (stllssvr) - "MicroVision Development, Inc." - C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe
"TuneUp Designerweiterung" (UxTuneUp) - "TuneUp Software" - C:\WINDOWS\System32\uxtuneup.dll
"TuneUp Drive Defrag-Dienst" (TuneUp.Defrag) - "TuneUp Software" - C:\WINDOWS\System32\TuneUpDefragService.exe
"TuneUp Program Statistics Service" (TuneUp.ProgramStatisticsSvc) - "TuneUp Software" - C:\WINDOWS\System32\TUProgSt.exe
"TVersityMediaServer" (TVersityMediaServer) - ? - C:\Programme\TVersity\Media Server\MediaServer.exe  (File found, but it contains no detailed information)
"Viewpoint Manager Service" (Viewpoint Manager Service) - "Viewpoint Corporation" - C:\Programme\Viewpoint\Common\ViewpointService.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Live Family Safety-Dienst" (fsssvc) - "Microsoft Corporation" - C:\Programme\Windows Live\Family Safety\fsssvc.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"LBTWlgn" - "Logitech, Inc." - c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll
"OPXPGina" - ? - C:\Apps\Softex\OmniPass\opxpgina.dll  (File found, but it contains no detailed information)
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Programme\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

cosinus · 08.06.2010, 14:43

Das ist ein Fehlalarm von McAfee! Ist doch logisch, wenn Mc Affe (

) da meint was Schädliches zu sehen, wird der Zugriff auf das Entpackte verweigert!

Zitat:

{4B1BEB48-7F24-0252-334F-D6DE757DFE03} "StubPath" - ? - C:\WINDOWS\system32\system32.exe (File not found)

Bitte mit OSAM deaktivieren + löschen (delete from storage)
Vorher McAfee deaktivieren!!

Mashti · 09.06.2010, 11:02

Dann sollte aber Mc AFFE

doch wenigstens mir eine Info geben.

Meinst du mit deaktivieren einfach das Häkchen rausnehmen? Delte from Storage finde ich nirgends (auch nicht mit der rechten Maustaste).

Mashti · 10.06.2010, 09:35

Kannst du mir noch einen Tip geben?

cosinus · 10.06.2010, 10:00

Lies bitte die Anleitung zu osam, es macht keinen Sinn alles doppelt und dreifach zu schreiben.

Mashti · 10.06.2010, 15:04

Yo, sorry. Habs jetzt gemacht. Ich habe aber nachdem ich den PC neugestartet habe und Osam geöffnet habe kein logfile bekommen. Da stand nur irgendwas von empty usw.
Delete from stroge kann ich auch nicht mehr machen, weil die Datei gar nicht mehr auftaucht, nachdem ich sie deaktiviert habe.

cosinus · 10.06.2010, 15:09

Ahja...
Dann probier jetzt bitte nochmal CF. McAfee da natprlich auch vorher deaktivieren und die cofi.exe bitte neu herunterladen, falls Du die alte cofi noch hast => löschen!

Mashti · 10.06.2010, 18:47

Ok, McAfee ausgeschaltet, cf runtergeladen, den pc mit CCleaner durchlaufen lassen und cofi.exe gestartet.
Wieder wie beim ersten Versuch. Der PC macht 2 mal "beep, beep", ein blaues Fenster erscheint mit einem Text (das Programm wird gestartet oder so) dann schließt sich das blaue Fenster und nix passiert mehr.

Jetzt hab ich noch ein weiteres Problem. Wenn McAfee eingeschaltet ist bekomm ich keine Internetverbindung mehr. Ich muss McAfee erstmal komplett ausschalten, damit ich ins Internet komme.

Mashti · 10.06.2010, 22:06

Internet hab ich irgendwie wieder zum laufen bekommen auch wenn McAfee eingeschaltet ist.

Mashti · 11.06.2010, 10:58

Hey Cosinus, bist bestimmt sehr beschäftigt. Wenn du Zeit hast, dann gib mir doch bitte noch einen Tip, wie ich weiter machen soll.

04.06.2010, 11:02	#32
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Antispyware Soft Virus Die OSAM.exe allein reicht nicht. Du musst alles in einen Ordner entpacken. __________________ __________________

08.06.2010, 08:16	#35
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Antispyware Soft Virus Deaktivier vor dem Entpacken mal bitte McAfee, ich glaube so langsam der ist schuld daran. Lass den deaktiviert und führ osam aus. __________________ Logfiles bitte immer in CODE-Tags posten

10.06.2010, 10:00	#40
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Antispyware Soft Virus Lies bitte die Anleitung zu osam, es macht keinen Sinn alles doppelt und dreifach zu schreiben. __________________ Logfiles bitte immer in CODE-Tags posten

10.06.2010, 15:09	#42
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Antispyware Soft Virus Ahja... Dann probier jetzt bitte nochmal CF. McAfee da natprlich auch vorher deaktivieren und die cofi.exe bitte neu herunterladen, falls Du die alte cofi noch hast => löschen! __________________ Logfiles bitte immer in CODE-Tags posten

Antispyware Soft Virus

Log-Analyse und Auswertung: Antispyware Soft Virus