| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Rechner hängt sich bei GMER seit "Entfernung" von Windows Recovery aufWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
02.05.2011, 20:15
| #1 |
 |  Rechner hängt sich bei GMER seit "Entfernung" von Windows Recovery auf Und da ist es auch schon: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 21:13:26 on 02.05.2011 OS: Windows XP Home Edition Service Pack 3 (Build 2600) Default Browser: Microsoft Corporation Internet Explorer 8.00.6001.18702 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Boot Execute] -----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager )----- "BootExecute" - "Microsoft Corporation" - C:\WINDOWS\system32\autochk.exe [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe -----( HKLM\SOFTWARE\Microsoft\Windows Scripting Host\Locations )----- "CScript" - "Microsoft Corporation" - C:\WINDOWS\System32\cscript.exe "WScript" - "Microsoft Corporation" - C:\WINDOWS\System32\wscript.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "access.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\access.cpl "ALSNDMGR.CPL" - ? - C:\WINDOWS\system32\ALSNDMGR.CPL (File found, but it contains no detailed information) "appwiz.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl "bthprops.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\bthprops.cpl "ddbaccpl.cpl" - "DataDesign AG" - C:\WINDOWS\system32\ddbaccpl.cpl "ddbacctm.cpl" - "DataDesign AG" - C:\WINDOWS\system32\ddbacctm.cpl "desk.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\desk.cpl "firewall.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\firewall.cpl "hdwwiz.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\hdwwiz.cpl "inetcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\inetcpl.cpl "infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl "intl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\intl.cpl "irprops.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\irprops.cpl "javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl "joy.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\joy.cpl "main.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\main.cpl "mmsys.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\mmsys.cpl "ncpa.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\ncpa.cpl "netsetup.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\netsetup.cpl "nusrmgr.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\nusrmgr.cpl "odbccp32.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\odbccp32.cpl "powercfg.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\powercfg.cpl "sysdm.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\sysdm.cpl "telephon.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\telephon.cpl "timedate.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\timedate.cpl "wscui.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\wscui.cpl "wuaucpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\wuaucpl.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl "Internet Connection Firewall" - "Microsoft Corporation" - C:\WINDOWS\system32\Firewall.cpl "NetSetupWizard" - "Microsoft Corporation" - C:\WINDOWS\system32\NetSetup.cpl "QuickTime" - "Apple Computer, Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl "Speech" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Speech\sapi.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "AFD" (AFD) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\afd.sys "Asynchroner RAS -Medientreiber" (AsyncMac) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\asyncmac.sys "Audiostubtreiber" (audstub) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\audstub.sys "avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys "Beep" (Beep) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Beep.sys "Bereitstellungspunkt-Manager" (MountMgr) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\MountMgr.sys "catchme" (catchme) - ? - C:\DOKUME~1\Erhard\LOKALE~1\Temp\catchme.sys (File not found) "CD-ROM-Laufwerktreiber" (Cdrom) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\cdrom.sys "Cdaudio" (Cdaudio) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Cdaudio.sys "Cdfs" (Cdfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Cdfs.sys "Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found) "Coach Digital Camera on USB" (CoachUsb) - "Accapella" - C:\WINDOWS\System32\DRIVERS\CoachUsb.sys "Concord Video Camera" (CoachVc) - "Accapella" - C:\WINDOWS\System32\DRIVERS\CoachVc.sys "Diskettencontrollertreiber" (Fdc) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\fdc.sys "Fastfat" (Fastfat) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Fastfat.sys "Filtertreiber für CD-Brennen" (Imapi) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\imapi.sys "Filtertreiber für digitale CD-Audiowiedergabe" (redbook) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\redbook.sys "Filtertreiber für IP-Verkehr" (IpFilterDriver) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys "Filtertreiber für IPX-Verkehr" (NwlnkFlt) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys "Filtertreiber für Systemwiederherstellung" (sr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\sr.sys "Fips" (Fips) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Fips.sys "Flpydisk" (Flpydisk) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Flpydisk.sys "FltMgr" (FltMgr) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\fltmgr.sys "FsUsbExDisk" (FsUsbExDisk) - ? - C:\WINDOWS\system32\FsUsbExDisk.SYS (File found, but it contains no detailed information) "Fs_Rec" (Fs_Rec) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Fs_Rec.sys "High-Capacity-Diskettenlaufwerk" (Sfloppy) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\sfloppy.sys "HTTP" (HTTP) - "Microsoft Corporation" - C:\WINDOWS\System32\Drivers\HTTP.sys "i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found) "i8042-Tastatur- und PS/2-Mausanschluss-Treiber" (i8042prt) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\i8042prt.sys "IP/IP-Tunneltreiber" (IpInIp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipinip.sys "IPSEC-Treiber" (IPSec) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipsec.sys "IPv6-Windows-Firewalltreiber" (Ip6Fw) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\ip6fw.sys "IR-Enumeratordienst" (IRENUM) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\irenum.sys "KSecDD" (KSecDD) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\KSecDD.sys "Laufwerktreiber" (Disk) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\disk.sys "lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found) "MACNDIS5 NDIS Protocol Driver" (MACNDIS5) - "Marmiko IT-Solutions GmbH" - C:\PROGRA~1\GEMEIN~1\MARMIK~1\MACNDIS5.SYS "Maus-HID-Treiber" (mouhid) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mouhid.sys "Mausklassentreiber" (Mouclass) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mouclass.sys "Microcode Updatetreiber" (Update) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\update.sys "Microsoft ACPI-Treiber" (ACPI) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ACPI.sys "Microsoft Allgemeiner AGPv3.0-Filter für K8-Prozessorplattformen" (gagp30kx) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\gagp30kx.sys "Microsoft HID Class-Treiber" (hidusb) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\hidusb.sys "Microsoft Kernel GS Wavetablesynthesizer" (swmidi) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\swmidi.sys "Microsoft Kernel-Audiosplitter" (splitter) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\splitter.sys "Microsoft Kernel-DLS-Synthesizer" (DMusic) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\DMusic.sys "Microsoft Kernel-DRM-Audioentschlüsselung" (drmkaud) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\drmkaud.sys "Microsoft Kernel-Echounterdrückung" (aec) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\aec.sys "Microsoft Kernel-Systemaudiogerät" (sysaudio) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\sysaudio.sys "Microsoft Kernel-Waveaudiomixer" (kmixer) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\kmixer.sys "Microsoft Proxy für Streaming Clock" (MSPCLOCK) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSPCLOCK.sys "Microsoft Proxy für Streaming Quality Manager" (MSPQM) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSPQM.sys "Microsoft Standard-USB-Haupttreiber" (usbccgp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbccgp.sys "Microsoft Streaming Service Proxy" (MSKSSRV) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSKSSRV.sys "Microsoft USB-Druckerklasse" (usbprint) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbprint.sys "Microsoft-Systemverwaltungs-BIOS-Treiber" (mssmbios) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mssmbios.sys "MIINPazX NDIS Protocol Driver" (MIINPazX) - "Deutsche Telekom AG, Marmiko IT-Solutions GmbH" - C:\PROGRA~1\GEMEIN~1\MARMIK~1\MInfraIS\MIINPazX.SYS "Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller" (usbehci) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbehci.sys "Miniporttreiber für universellen Microsoft USB-Hostcontroller" (usbuhci) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbuhci.sys "mnmdd" (mnmdd) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\mnmdd.sys "Modem" (Modem) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Modem.sys "MRXSMB" (MRxSmb) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys "Msfs" (Msfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Msfs.sys "MTOnlPktAlyX NDIS Protocol Driver" (MTOnlPktAlyX) - "Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH" - C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS "Mup" (Mup) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Mup.sys "NDIS-Benutzermodus-E/A-Protokoll" (Ndisuio) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ndisuio.sys "NDIS-Systemtreiber" (NDIS) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\NDIS.sys "NDProxy" (NDProxy) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\NDProxy.sys "NetBios über TCP/IP" (NetBT) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\netbt.sys "NetBIOS-Schnittstelle" (NetBIOS) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\netbios.sys "NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver" (RTLWUSB) - "NETGEAR Inc." - C:\WINDOWS\System32\DRIVERS\wg111v2.sys "Netzwerkmonitortreiber" (nm) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\NMnt.sys "Npfs" (Npfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Npfs.sys "NT-Treiber für Realtek RTL8139(A/B/C)-basierten PCI-Fast Ethernet-Adapter" (rtl8139) - "Realtek Semiconductor Corporation" - C:\WINDOWS\System32\DRIVERS\RTL8139.SYS "Ntfs" (Ntfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Ntfs.sys "Null" (Null) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Null.sys "Parallelanschluss (direkt)" (Raspti) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\raspti.sys "Partitions-Manager" (PartMgr) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\PartMgr.sys "PCCS Mode Change Filter Driver" (pccsmcfd) - "Nokia" - C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys "PCI-Bus-Treiber" (PCI) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\pci.sys "PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found) "PCIIde" (PCIIde) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\pciide.sys "PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found) "PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found) "PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found) "PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found) "PnP-ISA/EISA-Bus-Treiber" (isapnp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\isapnp.sys "Protokoll für ATM ARP-Client" (Atmarpc) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\atmarpc.sys "Prozessortreiber" (Processor) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\processr.sys "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys "QoS-Paketplaner" (PSched) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\psched.sys "RAS-IP-ARP-Treiber" (Wanarp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\wanarp.sys "RAS-NDIS-TAPI-Treiber" (NdisTapi) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ndistapi.sys "RAS-NDIS-WAN-Treiber" (NdisWan) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ndiswan.sys "Rdbss" (Rdbss) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rdbss.sys "RDPCDD" (RDPCDD) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys "RDPWD" (RDPWD) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\RDPWD.sys "Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver" (RTL8023) - "Realtek Semiconductor Corporation " - C:\WINDOWS\System32\DRIVERS\Rtlnic51.sys "Redirector für WebDav-Client" (MRxDAV) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mrxdav.sys "Remotezugriff-PPPOE-Treiber" (RasPppoe) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\raspppoe.sys "S3chipid" (S3chipid) - ? - C:\DOKUME~1\Besitzer\LOKALE~1\Temp\{2B43252C-A1E3-4C47-927C-9F2C276D3515}\S3chipid.sys (File not found) "SAMSUNG USB Mobile Device (WDM)" (ss_bbus) - "MCCI" - C:\WINDOWS\System32\DRIVERS\ss_bbus.sys "SAMSUNG USB Mobile Modem" (ss_bmdm) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\ss_bmdm.sys "SAMSUNG USB Mobile Modem (Filter)" (ss_bmdfl) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\ss_bmdfl.sys "SASDIFSV" (SASDIFSV) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS "SASKUTIL" (SASKUTIL) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS "Secdrv" (Secdrv) - "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." - C:\WINDOWS\System32\DRIVERS\secdrv.sys "Serenum-Filtertreiber" (serenum) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\serenum.sys "Service for Realtek AC97 Audio (WDM)" (ALCXWDM) - "Realtek Semiconductor Corp." - C:\WINDOWS\System32\drivers\ALCXWDM.SYS "Software-Bus-Treiber" (swenum) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\swenum.sys "Srv" (Srv) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\srv.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys "Standard-IDE/ESDI-Festplattencontroller" (atapi) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\atapi.sys "Standardpaketklassifizierung" (Gpc) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\msgpc.sys "Tastatur-HID-Treiber" (kbdhid) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\kbdhid.sys "Tastaturklassentreiber" (Kbdclass) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\kbdclass.sys "TCP/IP-Protokolltreiber" (Tcpip) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\tcpip.sys "TDPIPE" (TDPIPE) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\TDPIPE.sys "TDTCP" (TDTCP) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\TDTCP.sys "Terminal-Gerätetreiber" (TermDD) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\termdd.sys "Treiber für automatische RAS-Verbindung" (RasAcd) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rasacd.sys "Treiber für direkte Parallelverbindung" (Ptilink) - "Parallel Technologies, Inc." - C:\WINDOWS\System32\DRIVERS\ptilink.sys "Treiber für IPX-Verkehrsweiterleitung" (NwlnkFwd) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys "Treiber für Microsoft WINMM-WDM-Audiokompatibilität" (wdmaud) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\wdmaud.sys "Treiber für parallelen Anschluss" (Parport) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\parport.sys "Treiber für seriellen Anschluss" (Serial) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\serial.sys "Treiber für Volume-Manager" (Ftdisk) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ftdisk.sys "usb-audio.de driver for BEHRINGER USB AUDIO" (BEHRINGER_2902) - "BEHRINGER" - C:\WINDOWS\System32\Drivers\BUSB2902.sys "USB-Audiotreiber (WDM)" (usbaudio) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\usbaudio.sys "USB-Massenspeichertreiber" (usbstor) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS "USB-Scannertreiber" (usbscan) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbscan.sys "USB2-aktivierter Hub" (usbhub) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbhub.sys "VGA-Anzeigecontroller." (VgaSave) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\vga.sys "viagfx" (viagfx) - "Copyright (C) VIA/S3 Graphics Co, Ltd." - C:\WINDOWS\System32\DRIVERS\vtmini.sys "ViaIde" (ViaIde) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\viaide.sys "VolSnap" (VolSnap) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\VolSnap.sys "WAN-Miniport (L2TP)" (Rasl2tp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rasl2tp.sys "WAN-Miniport (PPTP)" (PptpMiniport) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\raspptp.sys "WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found) "Windows Driver Foundation - User-mode Driver Framework Platform Driver" (WudfPf) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\WudfPf.sys "Windows Driver Foundation - User-mode Driver Framework Reflector" (WudfRd) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\wudfrd.sys "Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung" (WS2IFSL) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\ws2ifsl.sys "WpdUsb" (WpdUsb) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\wpdusb.sys "Übersetzer für IP-Netzwerkadressen" (IpNat) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipnat.sys [Explorer] -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {7790769C-0471-11d2-AF11-00C04FA35D02} "Adressbuch 6" - "Microsoft Corporation" - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install >{60B49E34-C7CC-11D0-8953-00A0C90347FF} "Browser Customizations" - "Microsoft Corporation" - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP >{26923b43-4d38-484f-9b9e-de460746276c} "Internet Explorer" - "Microsoft Corporation" - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig {89820200-ECBD-11cf-8B85-00AA005B4383} "Internet Explorer" - "Microsoft Corporation" - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings {44BBA840-CC51-11CF-AAFA-00AA00B6015C} "Microsoft Outlook Express 6" - "Microsoft Corporation" - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} "Microsoft Windows Media Player" - "Microsoft Corporation" - C:\WINDOWS\inf\unregmp2.exe /ShowWMP {6BF52A52-394A-11d3-B153-00C04F79FAA6} "Microsoft Windows Media Player" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub {44BBA842-CC51-11CF-AAFA-00AA00B6015B} "NetMeeting 3.01" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} "Outlook Express" - "Microsoft Corporation" - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install {2C7339CF-2B09-4501-B3F3-F3508C9228ED} "Themes Setup" - "Microsoft Corporation" - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} "Versions-Update für Internet Explorer" - "Microsoft Corporation" - C:\WINDOWS\system32\ieudinit.exe {89820200-ECBD-11cf-8B85-00AA005B4340} "Windows Desktop-Update" - "Microsoft Corporation" - regsvr32.exe /s /n /i:U shell32.dll {5945c046-1e7d-11d1-bc44-00c04fd912be} "Windows Messenger 4.7" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll {0D2E74C4-3C34-11d2-A27E-00C04FC30871} "{0D2E74C4-3C34-11d2-A27E-00C04FC30871}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {24F14F01-7B1C-11d1-838f-0000F80461CF} "{24F14F01-7B1C-11d1-838f-0000F80461CF}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {24F14F02-7B1C-11d1-838f-0000F80461CF} "{24F14F02-7B1C-11d1-838f-0000F80461CF}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {66742402-F9B9-11D1-A202-0000F81FEDEE} "{66742402-F9B9-11D1-A202-0000F81FEDEE}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} "AP Class Install Handler filter" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {8f6b0360-b80d-11d0-a9b3-006097942311} "AP encoding/decoding Filters" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {8f6b0360-b80d-11d0-a9b3-006097942311} "AP encoding/decoding Filters" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {8f6b0360-b80d-11d0-a9b3-006097942311} "AP encoding/decoding Filters" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL {733AC4CB-F1A4-11d0-B951-00A0C90312E1} "WebView MIME Filter" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {3dd53d40-7b8b-11D0-b013-00aa0059ce02} "CDL: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\11\OWC11.DLL {12D51199-0DB5-46FE-A120-47A3D7D937CC} "DVD: Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\msvidctl.dll {79eac9e7-baf9-11ce-8c82-00aa004ba90b} "file:, local: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e7-baf9-11ce-8c82-00aa004ba90b} "file:, local: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e3-baf9-11ce-8c82-00aa004ba90b} "ftp: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e4-baf9-11ce-8c82-00aa004ba90b} "gopher: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e2-baf9-11ce-8c82-00aa004ba90b} "http: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e5-baf9-11ce-8c82-00aa004ba90b} "https: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {05300401-BCBC-11d0-85E3-00C04FD85AB4} "MHTML Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\inetcomm.dll {3050F406-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML About Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Javascript Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Javascript Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Mailto Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Resource Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {76E67A63-06E9-11D2-A840-006008059382} "Microsoft HTML Resource Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {9D148291-B9C8-11D0-A4CC-0000F80149F6} "Microsoft InfoTech Protocols for IE 4.0" - "Microsoft Corporation" - C:\WINDOWS\system32\itss.dll {9D148291-B9C8-11D0-A4CC-0000F80149F6} "Microsoft InfoTech Protocols for IE 4.0" - "Microsoft Corporation" - C:\WINDOWS\system32\itss.dll {79eac9e6-baf9-11ce-8c82-00aa004ba90b} "mk: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} "TV: Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\msvidctl.dll {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} "WiaProtocol Class" - "Microsoft Corporation" - C:\WINDOWS\system32\wiascr.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler )----- {438755C2-A8BA-11D1-B96B-00A0C90312E1} "Browseui preloader" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {8C7461EF-2B13-11d2-BE35-3078302C2030} "Component Categories cache daemon" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "SABShellExecuteHook Class" - "SuperAdBlocker.com" - C:\Programme\SUPERAntiSpyware\SASSEH.DLL {AEB6717E-7E19-11d0-97EE-00C04FD91972} "URL Exec Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\shell32.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {01E04581-4EEE-11d0-BFE9-00AA005B4383} "&Adresse" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {F2CF5485-4E02-4f68-819C-B92DE9277049} "&Links" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {32714800-2E5F-11d0-8B85-00AA0044F941} "&Nach Personen..." - "Microsoft Corporation" - C:\Programme\Outlook Express\wabfind.dll {7e653215-fa25-46bd-a339-34a2790f3cb7} "Accessible" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {88C6C381-2E85-11D0-94DE-444553540000} "ActiveX Cache Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\occache.dll {A08C11D2-A228-11d0-825B-00AA005B4383} "Address EditBox" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {85BBD920-42A0-1069-A2E4-08002B30309D} "Aktenkoffer" - "Microsoft Corporation" - C:\WINDOWS\system32\syncui.dll {875CB1A1-0F29-45de-A1AE-CFB4950D0B78} "Audio Media Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {91EA3F8B-C99B-11d0-9815-00C04FD91972} "Augmented Shell Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {6413BA2C-B461-11d1-A18A-080036B11A03} "Augmented Shell Folder 2" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} "Ausführen..." - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {5F327514-6C5E-4d60-8F16-D07FA08A78ED} "Auto Update Property Sheet Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\wuaucpl.cpl {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} "Automatische Diashowwiedergabe der Shell" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {87D62D94-71B3-4b9a-9489-5FE6850DC73E} "Avi Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {F61FFEC1-754F-11d0-80CA-00AA005B4383} "BandProxy" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {7A9D77BD-5403-11d2-8785-2E0420524153} "Benutzerkonten" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {add36aa8-751a-4579-a266-d66f5202ccbb} "Bestellung von Abzügen über das Internet" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {67EA19A0-CCEF-11d0-8024-00C04FD75D13} "CDF Extension Copy Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {7D559C10-9FE9-11d0-93F7-00AA0059CE02} "Code Download Agent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {BD472F60-27FA-11cf-B8B4-444553540000} "Compressed (zipped) Folder Right Drag Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\zipfldr.dll {888DCA60-FC0A-11CF-8F0F-00C04FD7D062} "Compressed (zipped) Folder SendTo Target" - "Microsoft Corporation" - C:\WINDOWS\system32\zipfldr.dll {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} "CompressedFolder" - "Microsoft Corporation" - C:\WINDOWS\system32\zipfldr.dll {E6CC6978-6B6E-11D0-BECA-00C04FD940BE} "ConnectionAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found) {42071713-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Bildschirme" - "Microsoft Corporation" - C:\WINDOWS\system32\deskmon.dll {42071712-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Grafikkarten" - "Microsoft Corporation" - C:\WINDOWS\system32\deskadp.dll {7444C717-39BF-11D1-8CD9-00C04FC29D45} "CryptPKO Class" - "Microsoft Corporation" - C:\WINDOWS\system32\cryptext.dll {7444C719-39BF-11D1-8CD9-00C04FC29D45} "CryptSig Class" - "Microsoft Corporation" - C:\WINDOWS\system32\cryptext.dll {6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} "Custom MRU AutoCompleted List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {CFCCC7A0-A282-11D1-9082-006008059382} "Darwin App Publisher" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} "DfsShell Class" - "Microsoft Corporation" - C:\WINDOWS\system32\dfsshlex.dll {62AE1F9A-126A-11D0-A14B-0800361B1103} "Directory Context Menu Verbs" - "Microsoft Corporation" - C:\WINDOWS\system32\dsuiext.dll {163FDC20-2ABC-11d0-88F0-00A024AB2DBB} "Directory Object Find" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll {0D45D530-764B-11d0-A1CA-00AA00C16E65} "Directory Property UI" - "Microsoft Corporation" - C:\WINDOWS\system32\dsuiext.dll {8A23E65E-31C2-11d0-891C-00A024AB2DBB} "Directory Query UI" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll {F020E586-5264-11d1-A532-0000F8757D7E} "Directory Start/Search Find" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll {f92e8c40-3d33-11d2-b1aa-080036a75b03} "Display TroubleShoot CPL Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\deskperf.dll {22BF0C20-6DA7-11D0-B373-00A0C9034938} "Download Status" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {60fd46de-f830-4894-a628-6fa81bc0190d} "Drop-Zielobjekt für den Fotodruck-Assistent" - "Microsoft Corporation" - C:\WINDOWS\system32\photowiz.dll {2559a1f5-21d7-11d4-bdaf-00c04f60b9f0} "E-Mail" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {00022613-0000-0000-C000-000000000046} "Eigenschaften für Multimediadatei" - "Microsoft Corporation" - C:\WINDOWS\system32\mmsys.cpl {1F2E5C40-9550-11CE-99D2-00AA006E086C} "Erweiterung der Sicherheitsshell" - "Microsoft Corporation" - C:\WINDOWS\system32\rshx32.dll {4E40F770-369C-11d0-8922-00A024AB2DBB} "Erweiterung der Sicherheitsshell" - "Microsoft Corporation" - C:\WINDOWS\system32\dssec.dll {F37C5810-4D3F-11d0-B4BF-00AA00BBB723} "Erweiterung der Sicherheitsshell" - "Microsoft Corporation" - C:\WINDOWS\system32\rshx32.dll {59099400-57FF-11CE-BD94-0020AF85B590} "Erweiterung für Datenträgerkopien" - "Microsoft Corporation" - C:\WINDOWS\system32\diskcopy.dll {EFA24E64-B078-11d0-89E4-00C04FC9E26E} "Explorer-Band" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {692F0339-CBAA-47e6-B5B5-3B84DB604E87} "Extensions Manager Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\extmgr.dll {7A80E4A8-8005-11D2-BCF8-00C04F72C717} "ExtractIcon Class" - "Microsoft Corporation" - C:\WINDOWS\System32\mmcshext.dll {EFA24E61-B078-11d0-89E4-00C04FC9E26E} "Favorites Band" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - c:\WINDOWS\system32\mscoree.dll {3F30C968-480A-4C6C-862D-EFC0897BB84B} "GDI+ Dateiminiaturansicht-Extrahierungsprogramm" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {D6277990-4C6A-11CF-8D87-00AA0060F5BF} "Geplante Tasks" - "Microsoft Corporation" - C:\WINDOWS\system32\mstask.dll {EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "Global Folder Settings" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {2559a1f1-21d7-11d4-bdaf-00c04f60b9f0} "Hilfe und Support" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {FF393560-C2A7-11CF-BFF4-444553540000} "History" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {25336920-03f9-11cf-8fd0-00aa00686f13} "HTML Document" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {EAB841A0-9550-11cf-8C16-00805F1408F3} "HTML-Extrahierungsprogramm" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {88895560-9AA2-1069-930E-00AA0030EBC8} "HyperTerminal Icon Ext" - "Hilgraeve, Inc." - C:\WINDOWS\system32\hticons.dll {DBCE2480-C732-101B-BE72-BA78E9AD5B27} "ICC-Profil" - "Microsoft Corporation" - C:\WINDOWS\system32\icmui.dll {675F097E-4C4D-11D0-B6C1-0800091AA605} "ICM-Druckerverwaltung" - "Microsoft Corporation" - C:\WINDOWS\system32\icmui.dll {5DB2625A-54DF-11D0-B6C4-0800091AA605} "ICM-Monitorverwaltung" - "Microsoft Corporation" - C:\WINDOWS\System32\icmui.dll {176d6597-26d3-11d1-b350-080036a75b03} "ICM-Scannerverwaltung" - "Microsoft Corporation" - C:\WINDOWS\system32\icmui.dll {3028902F-6374-48b2-8DC6-9725E775B926} "IE AutoComplete" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {73CFD649-CD48-4fd8-A272-2070EA56526B} "IE BandProxy" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {FDE7673D-2E19-4145-8376-BBD58C4BC7BA} "IE Custom MRU AutoCompleted List" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {1C1EDB47-CE22-4bbb-B608-77B48F83C823} "IE Fade Task" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {11016101-E366-4D22-BC06-4ADA335C892B} "IE History and Feeds Shell Data Source for Windows Search" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {6CF48EF8-44CD-45d2-8832-A16EA016311B} "IE IShellFolderBand" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {4B78D326-D922-44f9-AF2A-07805C2A3560} "IE Menu Band" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {205D7A97-F16D-4691-86EF-F3075DCCA57D} "IE Menu Desk Bar" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {44C76ECD-F7FA-411c-9929-1B77BA77F524} "IE Menu Site" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {07C45BB1-4A8C-4642-A1F5-237E7215FF66} "IE Microsoft BrowserBand" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {6038EF75-ABFC-4e59-AB6F-12D397F6568D} "IE Microsoft History AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {B31C5FAE-961F-415b-BAF0-E697A5178B94} "IE Microsoft Multiple AutoComplete List Container" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {9D958C62-3954-4b44-8FAB-C4670C1DB4C2} "IE Microsoft Shell Folder AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} "IE MRU AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {43886CD5-6529-41c4-A707-7B3C92C05E68} "IE Navigation Bar" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} "IE Registry Tree Options Utility" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} "IE RSS Feeds Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {30D02401-6A81-11d0-8274-00C04FD5AE38} "IE Search Band" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {E6EE9AAC-F76B-4947-8260-A9F136138E11} "IE Shell Band Site Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} "IE Shell Rebar BandSite" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} "IE Tracking Shell Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {A2B0DD40-CC59-11d0-A3A5-00C04FD706EC} "IE4 Suite-Begrüßungsbildschirm" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {169A0691-8DF9-11d1-A1C4-00C04FD75D13} "In-pane search" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {0B124F8F-91F0-11D1-B8B5-006008059382} "Installed Apps Enumerator" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl {2559a1f4-21d7-11d4-bdaf-00c04f60b9f0} "Internet" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {871C5380-42A0-1069-A2EA-08002B30309D} "Internet Name Space" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {FBF23B40-E3F0-101B-8488-00AA003E56F8} "Internet Shortcut" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {131A6951-7F78-11D0-A979-00C04FD705A2} "ISFBand OC" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {0CD7A5C0-9F37-11CE-AE65-08002B2E1262} "Kabinettdatei" - "Microsoft Corporation" - C:\WINDOWS\system32\cabview.dll {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} "Kompatibilitätsseite" - "Microsoft Corporation" - C:\WINDOWS\system32\SlayerXP.dll {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found) {73B24247-042E-4EF5-ADC2-42F62E6FD654} "MCLiteShellExt Class" - ? - C:\Programme\ICQLite\ICQLiteShell.dll {3050f3d9-98b5-11cf-bb82-00aa00bdce0b} "MHTML Document" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {BB7DF450-F119-11CD-8465-00AA00425D90} "Microsoft Access Custom Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office\soa800.dll {143A62C8-C33B-11D1-84FE-00C04FA34A14} "Microsoft Agent Character Property Sheet Handler" - "Microsoft Corporation" - C:\WINDOWS\msagent\agentpsh.dll {00BB2763-6A77-11D0-A535-00C04FD7D062} "Microsoft AutoComplete" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {A5E46E3A-8849-11D1-9D8C-00C04FC99D61} "Microsoft Browser Architecture" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {7BA4C742-9E81-11CF-99D3-00AA004AE837} "Microsoft BrowserBand" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {7988B573-EC89-11cf-9C00-00AA00A14F56} "Microsoft Disk Quota UI" - "Microsoft Corporation" - C:\WINDOWS\system32\dskquoui.dll {6A205B57-2567-4A2C-B881-F787FAB579A3} "Microsoft DocProp Inplace Calendar Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {0EEA25CC-4362-4A12-850B-86EE61B0D3EB} "Microsoft DocProp Inplace Droplist Combo Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {A9CF0EAE-901A-4739-A481-E35B73E47F6D} "Microsoft DocProp Inplace Edit Box Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {8EE97210-FD1F-4B19-91DA-67914005F020} "Microsoft DocProp Inplace ML Edit Box Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {28F8A4AC-BBB3-4D9B-B177-82BFC914FA33} "Microsoft DocProp Inplace Time Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {883373C3-BF89-11D1-BE35-080036B11A03} "Microsoft DocProp Shell Ext" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {63da6ec0-2e98-11cf-8d82-444553540000} "Microsoft FTP Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\msieftp.dll {00BB2764-6A77-11D0-A535-00C04FD7D062} "Microsoft History AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {5E6AB780-7743-11CF-A12B-00AA004AE837} "Microsoft Internet Toolbar" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {00BB2765-6A77-11D0-A535-00C04FD7D062} "Microsoft Multiple AutoComplete List Container" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\OFFICE11\msohev.dll {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL {2206CDB2-19C1-11D1-89E0-00C04FD7A829} "Microsoft OLE DB Service Component Data Links" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\System\Ole DB\oledb32.dll {03C036F1-A186-11D0-824A-00AA005B4383} "Microsoft Shell Folder AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {3C374A40-BAE4-11CF-BF7D-00AA006946EE} "Microsoft Url History Service" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {CFBFAE00-17A6-11D0-99CB-00C04FD64497} "Microsoft Url Search Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {8856f961-340a-11d0-a96b-00c04fd705a2} "Microsoft Web Browser" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {A6FD9E45-6E44-43f9-8644-08598F5A74D9} "Midi Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {6756A641-DE71-11d0-831B-00AA005B4383} "MRU AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {ECF03A33-103D-11d2-854D-006008059367} "MyDocs Copy Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\mydocs.dll {ECF03A32-103D-11d2-854D-006008059367} "MyDocs Drop Target" - "Microsoft Corporation" - C:\WINDOWS\system32\mydocs.dll {4a7ded0a-ad25-11d0-98a8-0800361b1103} "MyDocs menu and properties" - "Microsoft Corporation" - C:\WINDOWS\system32\mydocs.dll {7007ACC7-3202-11D1-AAD2-00805FC1270E} "Netzwerkverbindungen" - "Microsoft Corporation" - C:\WINDOWS\system32\NETSHELL.dll {992CFFA0-F557-101A-88EC-00DD010CCC48} "Netzwerkverbindungen" - "Microsoft Corporation" - C:\WINDOWS\system32\NETSHELL.dll {A70C977A-BF00-412C-90B7-034C51DA2439} "NvCpl DesktopContext Class" - ? - (File not found | COM-object registry key not found) {10CFC467-4392-11d2-8DB4-00C04FA31A66} "Offline Files Folder Options" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll {750fdf0e-2a26-11d1-a3ea-080036587f03} "Offline Files Menu" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll {3EA48300-8CF6-101B-84FB-666CCB9BCD32} "OLE-Eigenschaftenseite für Dokumente" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop.dll {AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} "Ordner 'Offlinedateien'" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll {0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL {58f1f272-9240-4f51-b6d4-fd63d1618591} "Passport-Assistent" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {41E300E0-78B6-11ce-849B-444553540000} "PlusPack CPL-Erweiterung" - "Microsoft Corporation" - C:\WINDOWS\system32\themeui.dll {35786D3C-B075-49b9-88DD-029876E11C01} "Portable Devices" - "Microsoft Corporation" - C:\WINDOWS\system32\wpdshext.dll {D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} "Portable Devices Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\wpdshext.dll {640167b4-59b0-47a6-b335-a6b3c0695aea} "Portable Media Devices" - "Microsoft Corporation" - C:\WINDOWS\system32\Audiodev.dll {D8BD2030-6FC9-11D0-864F-00AA006809D9} "PostAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {9DB7A13C-F208-4981-8353-73CC61AE2783} "Previous Versions" - "Microsoft Corporation" - C:\WINDOWS\system32\twext.dll {596AB062-B4D2-4215-9F74-E9109B0A8153} "Previous Versions Property Page" - "Microsoft Corporation" - C:\WINDOWS\system32\twext.dll {DEE12703-6333-4D4E-8F34-738C4DCC2E04} "RecordNow! SendToExt" - ? - C:\Apps\RecordNow\shlext.dll {AF4F6510-F982-11d0-8595-00AA004CD6D8} "Registry Tree Options Utility" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {F0152790-D56E-4445-850E-4F3117DB740C} "Remote Sessions CPL Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\remotepg.dll {3F953603-1008-4f6e-A73A-04AAC7A992F1} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {83bbcbf3-b28a-4919-a5aa-73027445d672} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {905667aa-acd6-11d2-8080-00805f6596d2} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {E211B736-43FD-11D1-9EFB-0000F8757FCD} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD} "Scanner und Kameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF} "Scheduling UI icon handler" - "Microsoft Corporation" - C:\WINDOWS\system32\mstask.dll {797F1E90-9EDD-11cf-8D8E-00AA0060F5BF} "Scheduling UI property sheet handler" - "Microsoft Corporation" - C:\WINDOWS\system32\mstask.dll {BD84B380-8CA2-1069-AB1D-08000948F534} "Schriftarten" - "Microsoft Corporation" - C:\WINDOWS\system32\fontext.dll {D20EA4E1-3957-11d2-A40B-0C5020524152} "Schriftarten" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {9461b922-3c5a-11d2-bf8b-00c04fb93661} "Search Assistant OC" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} "Sendmail service" - "Microsoft Corporation" - C:\WINDOWS\system32\sendmail.dll {9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} "Sendmail service" - "Microsoft Corporation" - C:\WINDOWS\system32\sendmail.dll {2559a1f7-21d7-11d4-bdaf-00c04f60b9f0} "Set Program Access and Defaults" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {352EC2B7-8B9A-11D1-B8AE-006008059382} "Shell Application Manager" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl {0A89A860-D7B1-11CE-8350-444553540000} "Shell Automation Inproc Service" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {ECD4FC4E-521C-11D0-B792-00A0C90312E1} "Shell Band Site Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {ECD4FC4C-521C-11D0-B792-00A0C90312E1} "Shell DeskBar" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {3CCF8A41-5C85-11d0-9796-00AA00B90ADF} "Shell DeskBarApp" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {E7E4BC40-E76A-11CE-A9BB-00AA004AE837} "Shell DocObject Viewer" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll {60254CA5-953B-11CF-8C96-00AA00B8708C} "Shell Extension For Windows Script Host" - "Microsoft Corporation" - C:\WINDOWS\system32\wshext.dll {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "Shell Extensions for RealOne Player" - ? - (File not found | COM-object registry key not found) {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll {66e4e4fb-f385-4dd0-8d74-a2efd1bc6178} "Shell Image Data Factory" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {eb9b1153-3b57-4e68-959a-a3266bc3d7fe} "Shell Image Property Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {e84fda7c-1d6a-45f6-b725-cb260c236066} "Shell Image Verbs" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {9E51E0D0-6E0F-11d2-9601-00C04FA31A86} "Shell properties for a DS object" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll {ECD4FC4D-521C-11D0-B792-00A0C90312E1} "Shell Rebar BandSite" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {21569614-B795-46b1-85F4-E737A8DC09AD} "Shell Search Band" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {56117100-C0CD-101B-81E2-00AA004AE837} "Shell-Datenauszughandler" - "Microsoft Corporation" - C:\WINDOWS\system32\shscrap.dll {77597368-7b15-11d0-a0c2-080036af3f03} "Shellerweiterung für Webdrucker" - "Microsoft Corporation" - C:\WINDOWS\system32\printui.dll {764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found) {40dd6e20-7c17-11ce-a804-00aa003ca9f6} "Shellerweiterungen für Freigaben" - "Microsoft Corporation" - C:\WINDOWS\system32\ntshrui.dll {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} "Shellerweiterungen für Freigaben" - "Microsoft Corporation" - C:\WINDOWS\system32\ntshrui.dll {59be4990-f85c-11ce-aff7-00aa003ca9f6} "Shellerweiterungen für Microsoft Windows-Netzwerkobjekte" - "Microsoft Corporation" - C:\WINDOWS\system32\ntlanui2.dll {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll {6b33163c-76a5-4b6c-bf21-45de9cd503a1} "Shellobjekt des Webpublishing-Assistenten" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {F5175861-2688-11d0-9C5E-00AA00A45957} "Subscription Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} "Subscription Mgr" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {2559a1f0-21d7-11d4-bdaf-00c04f60b9f0} "Suchen" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {0DF44EAA-FF21-4412-828E-260A8728E7F1} "Taskleiste und Startmenü" - "Microsoft Corporation" - C:\WINDOWS\system32\shell32.dll {7BD29E00-76C1-11CF-9DD0-00A0C9034933} "Temporary Internet Files" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {7BD29E01-76C1-11CF-9DD0-00A0C9034933} "Temporary Internet Files" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {3DC7A020-0ACD-11CF-A9BB-00AA004AE837} "The Internet" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll {acf35015-526e-4230-9596-becbe19f0ac9} "Track Popup Bar" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} "TrayAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {7376D660-C583-11d0-A3A5-00C04FD706EC} "TridentImageExtractor" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {DD313E04-FEFF-11d1-8ECD-0000F87A470C} "User Assist" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {D20EA4E1-3957-11d2-A40B-0C5020524153} "Verwaltung" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {40C3D757-D6E4-4b49-BB41-0E5BBEA28817} "Video Media Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {c5a40261-cd64-4ccf-84cb-c394da41d590} "Video Thumbnail Extractor" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {E4B29F9D-D390-480b-92FD-7DDB47101D71} "Wav Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {07798131-AF23-11d1-9111-00A0C98BA67D} "Web Search" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} "WebCheck SyncMgr Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} "WebCheckChannelAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {08165EA0-E946-11CF-9C87-00AA005127ED} "WebCheckWebCrawler" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {CC6EEFFB-43F6-46c5-9619-51D571967F7D} "Webpublishing-Assistent" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {45670FA8-ED97-4F44-BC93-305082590BFB} "Windows XPS Document Metadata Handler" - "Microsoft Corporation" - C:\WINDOWS\System32\XPSSHHDR.DLL {44121072-A222-48f2-A58A-6D9AD51EBBE9} "Windows XPS Document Thumbnail Handler" - "Microsoft Corporation" - C:\WINDOWS\System32\XPSSHHDR.DLL {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} "Windows-Sicherheit" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll (File found, but it contains no detailed information) {F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} "WMP Add To Playlist Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll {8DD448E6-C188-4aed-AF92-44956194EB1F} "WMP Burn Audio CD Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll {CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} "WMP Play As Playlist Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll {9DBD2C50-62AD-11d0-B806-00C04FD706EC} "Zusammenfassungs-Miniaturansichthandler (DOCFILES)" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )----- {7849596a-48ea-486e-8937-a2a3009f31a9} "PostBootReminder object" - "Microsoft Corporation" - C:\WINDOWS\system32\shell32.dll {fbeb8a05-beee-4442-804e-409d6c4515e9} "ShellFolder for CD Burning" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {35CEC8A3-2BE6-11D2-8773-92E220524153} "SysTray" - "Microsoft Corporation" - C:\WINDOWS\system32\stobject.dll {E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {AAA288BA-9A4C-45B0-95D7-94D524869DB5} "WPDShServiceObj Class" - "Microsoft Corporation" - C:\WINDOWS\system32\WPDShServiceObj.dll [Internet Explorer] -----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )----- {EFA24E64-B078-11D0-89E4-00C04FC9E26E} "Explorer-Band" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "&Adresse" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll <binary data> "&Links" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll <binary data> "Conduit Engine " - "Conduit Ltd." - C:\Programme\ConduitEngine\prxConduitEngine.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found) <binary data> "{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" - ? - (File not found | COM-object registry key not found) <binary data> "{855F3B16-6D32-4FE6-8A56-BBB695989046}" - ? - (File not found | COM-object registry key not found) <binary data> "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" - ? - (File not found | COM-object registry key not found) -----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )----- {CFBFAE00-17A6-11D0-99CB-00C04FD64497} "Microsoft Url Search Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_03" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_03\bin\npjpi160_03.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} "Java Plug-in 1.6.0_03" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_03\bin\npjpi160_03.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab {3D3B42C2-11BF-4732-A304-A01384B70D68} "UploadListView Class" - "Google, Inc." - C:\WINDOWS\Downloaded Program Files\UploaderX.dll / hxxp://picasaweb.google.com/s/v/63.26/uploader2.cab {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? - (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "{D27CDB6E-AE6D-11CF-96B8-444553540000}" - ? - (File not found | COM-object registry key not found) / hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} "ClsidExtension" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_03\bin\npjpi160_03.dll "Exec" - "Microsoft Corporation" - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe "ICQ Lite" - ? - C:\Programme\ICQLite\ICQLite.exe (File not found) "ICQ7.2" - "ICQ, LLC." - C:\Programme\ICQ7.2\ICQ.exe "Messenger" - "Microsoft Corporation" - C:\Programme\Messenger\msmsgs.exe {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {30F9B915-B755-4826-820B-08FBA6BD249D} "Conduit Engine " - "Conduit Ltd." - C:\Programme\ConduitEngine\prxConduitEngine.dll {327C2873-E90D-4c37-AA9D-10AC9BABA46C} "Easy-WebPrint" - ? - C:\Programme\Canon\Easy-WebPrint\Toolband.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "AcroIEHlprObj Class" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll {30F9B915-B755-4826-820B-08FBA6BD249D} "Conduit Engine " - "Conduit Ltd." - C:\Programme\ConduitEngine\prxConduitEngine.dll {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} "EWPBrowseObject Class" - ? - C:\Programme\Canon\Easy-WebPrint\EWPBrowseLoader.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "SSVHelper Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll {02478D38-C3F9-4efb-9B51-7695ECA05670} "{02478D38-C3F9-4efb-9B51-7695ECA05670}" - ? - (File not found | COM-object registry key not found) [Known DLLs] -----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs )----- "advapi32" - "Microsoft Corporation" - C:\WINDOWS\system32\advapi32.dll "comdlg32" - "Microsoft Corporation" - C:\WINDOWS\system32\comdlg32.dll "gdi32" - "Microsoft Corporation" - C:\WINDOWS\system32\gdi32.dll "imagehlp" - "Microsoft Corporation" - C:\WINDOWS\system32\imagehlp.dll "kernel32" - "Microsoft Corporation" - C:\WINDOWS\system32\kernel32.dll "lz32" - "Microsoft Corporation" - C:\WINDOWS\system32\lz32.dll "ole32" - "Microsoft Corporation" - C:\WINDOWS\system32\ole32.dll "oleaut32" - "Microsoft Corporation" - C:\WINDOWS\system32\oleaut32.dll "olecli32" - "Microsoft Corporation" - C:\WINDOWS\system32\olecli32.dll "olecnv32" - "Microsoft Corporation" - C:\WINDOWS\system32\olecnv32.dll "olesvr32" - "Microsoft Corporation" - C:\WINDOWS\system32\olesvr32.dll "olethk32" - "Microsoft Corporation" - C:\WINDOWS\system32\olethk32.dll "rpcrt4" - "Microsoft Corporation" - C:\WINDOWS\system32\rpcrt4.dll "shell32" - "Microsoft Corporation" - C:\WINDOWS\system32\shell32.dll "url" - "Microsoft Corporation" - C:\WINDOWS\system32\url.dll "urlmon" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll "user32" - "Microsoft Corporation" - C:\WINDOWS\system32\user32.dll "version" - "Microsoft Corporation" - C:\WINDOWS\system32\version.dll "wininet" - "Microsoft Corporation" - C:\WINDOWS\system32\wininet.dll "wldap32" - "Microsoft Corporation" - C:\WINDOWS\system32\wldap32.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Authentication packages" - "Microsoft Corporation" - C:\WINDOWS\system32\msv1_0.dll "Notification packages" - "Microsoft Corporation" - C:\WINDOWS\system32\scecli.dll "Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\kerberos.dll "Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\msv1_0.dll "Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\schannel.dll "Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\wdigest.dll -----( HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders )----- "SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\msapsspc.dll "SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\schannel.dll "SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\digest.dll "SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\msnsspc.dll [Logon] -----( %AllUsersProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini -----( %UserProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\Erhard\Startmenü\Programme\Autostart\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "ctfmon.exe" - "Microsoft Corporation" - C:\WINDOWS\system32\ctfmon.exe -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon )----- "Shell" - "Microsoft Corporation" - C:\WINDOWS\Explorer.exe "Userinit" - "Microsoft Corporation" - C:\WINDOWS\system32\userinit.exe -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - "Microsoft Corporation" - C:\WINDOWS\system32\rdpclip.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min "SoundMan" - "Realtek Semiconductor Corp." - SOUNDMAN.EXE [Network Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order )----- "Microsoft Windows-Netzwerk" - "Microsoft Corporation" - C:\WINDOWS\System32\ntlanman.dll "Microsoft-Terminaldienste" - "Microsoft Corporation" - C:\WINDOWS\System32\drprov.dll "Web Client Network" - "Microsoft Corporation" - C:\WINDOWS\System32\davclnt.dll [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "BJ Language Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\cnbjmon.dll "Canon BJ Language Monitor iP4300" - "CANON INC." - C:\WINDOWS\system32\CNMLM86.DLL "Local Port" - "Microsoft Corporation" - C:\WINDOWS\system32\localspl.dll "Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\mdimon.dll "PDF Port" - "Adobe Systems Incorporated." - C:\WINDOWS\system32\pdfports.dll "PJL Language Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\pjlmon.dll "Standard TCP/IP Port" - "Microsoft Corporation" - C:\WINDOWS\system32\tcpmon.dll "USB Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\usbmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe "Ablagemappe" (ClipSrv) - "Microsoft Corporation" - C:\WINDOWS\system32\clipsrv.exe "Anmeldedienst" (Netlogon) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll (File not found) "Arbeitsstationsdienst" (lanmanworkstation) - "Microsoft Corporation" - C:\WINDOWS\System32\wkssvc.dll "ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe "Automatic Updates" (wuauserv) - "Microsoft Corporation" - C:\WINDOWS\system32\wuauserv.dll "Automatische Konfiguration (verkabelt)" (Dot3svc) - "Microsoft Corporation" - C:\WINDOWS\System32\dot3svc.dll "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe "Capture Device Service" (Capture Device Service) - "InterVideo Inc." - C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe "COM+-Ereignissystem" (EventSystem) - "Microsoft Corporation" - C:\WINDOWS\system32\es.dll "COM+-Systemanwendung" (COMSysApp) - "Microsoft Corporation" - C:\WINDOWS\system32\dllhost.exe "Computerbrowser" (Browser) - "Microsoft Corporation" - C:\WINDOWS\System32\browser.dll "CryptSvc" (CryptSvc) - "Microsoft Corporation" - C:\WINDOWS\System32\cryptsvc.dll "DCOM-Server-Prozessstart" (DcomLaunch) - "Microsoft Corporation" - C:\WINDOWS\system32\rpcss.dll "Designs" (Themes) - "Microsoft Corporation" - C:\WINDOWS\System32\shsvcs.dll "DHCP-Client" (Dhcp) - "Microsoft Corporation" - C:\WINDOWS\System32\dhcpcsvc.dll "Dienst für Seriennummern der tragbaren Medien" (WmdmPmSN) - "Microsoft Corporation" - C:\WINDOWS\system32\MsPMSNSv.dll "Distributed Transaction Coordinator" (MSDTC) - "Microsoft Corporation" - C:\WINDOWS\system32\msdtc.exe "DNS-Client" (Dnscache) - "Microsoft Corporation" - C:\WINDOWS\System32\dnsrslvr.dll "Druckwarteschlange" (Spooler) - "Microsoft Corporation" - C:\WINDOWS\system32\spoolsv.exe "Ereignisprotokoll" (Eventlog) - "Microsoft Corporation" - C:\WINDOWS\system32\services.exe "Extensible Authentication-Protokolldienst" (EapHost) - "Microsoft Corporation" - C:\WINDOWS\System32\eapsvc.dll "Fehlerberichterstattungsdienst" (ERSvc) - "Microsoft Corporation" - C:\WINDOWS\System32\ersvc.dll "Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Programme\MAGIX\Common\Database\bin\fbserver.exe "FsUsbExService" (FsUsbExService) - "Teruten" - C:\WINDOWS\system32\FsUsbExService.Exe "Gatewaydienst auf Anwendungsebene" (ALG) - "Microsoft Corporation" - C:\WINDOWS\System32\alg.exe "Geschützter Speicher" (ProtectedStorage) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "Google Update Service (gupdate1c9ed20a80d1b9c)" (gupdate1c9ed20a80d1b9c) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "HID Input Service" (HidServ) - "Microsoft Corporation" - C:\WINDOWS\System32\hidserv.dll "Hilfe und Support" (helpsvc) - "Microsoft Corporation" - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll "HTTP-SSL" (HTTPFilter) - "Microsoft Corporation" - C:\WINDOWS\System32\w3ssl.dll "IMAPI-CD-Brenn-COM-Dienste" (ImapiService) - "Microsoft Corporation" - C:\WINDOWS\system32\imapi.exe "Indexdienst" (CiSvc) - "Microsoft Corporation" - C:\WINDOWS\system32\cisvc.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe "Integritätsschlüssel- und Zertifikatverwaltungsdienst" (hkmsvc) - "Microsoft Corporation" - C:\WINDOWS\System32\kmsvc.dll "Intelligenter Hintergrundübertragungsdienst" (BITS) - "Microsoft Corporation" - C:\WINDOWS\system32\qmgr.dll "IPSEC-Dienste" (PolicyAgent) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "Kompatibilität für schnelle Benutzerumschaltung" (FastUserSwitchingCompatibility) - "Microsoft Corporation" - C:\WINDOWS\System32\shsvcs.dll "Konfigurationsfreie drahtlose Verbindung" (WZCSVC) - "Microsoft Corporation" - C:\WINDOWS\System32\wzcsvc.dll "Leistungsdatenprotokolle und Warnungen" (SysmonLog) - "Microsoft Corporation" - C:\WINDOWS\system32\smlogsvc.exe "MS Software Shadow Copy Provider" (SwPrv) - "Microsoft Corporation" - C:\WINDOWS\system32\dllhost.exe "NAP-Agent (Network Access Protection)" (napagent) - "Microsoft Corporation" - C:\WINDOWS\System32\qagentrt.dll "NetMeeting-Remotedesktop-Freigabe" (mnmsrvc) - "Microsoft Corporation" - C:\WINDOWS\system32\mnmsrvc.exe "Netzwerkverbindungen" (Netman) - "Microsoft Corporation" - C:\WINDOWS\System32\netman.dll "Netzwerkversorgungsdienst" (xmlprov) - "Microsoft Corporation" - C:\WINDOWS\System32\xmlprov.dll "NLA (Network Location Awareness)" (Nla) - "Microsoft Corporation" - C:\WINDOWS\System32\mswsock.dll "NT-LM-Sicherheitsdienst" (NtLmSsp) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE "Plug & Play" (PlugPlay) - "Microsoft Corporation" - C:\WINDOWS\system32\services.exe "QoS-RSVP" (RSVP) - "Microsoft Corporation" - C:\WINDOWS\system32\rsvp.exe "RAS-Verbindungsverwaltung" (RasMan) - "Microsoft Corporation" - C:\WINDOWS\System32\rasmans.dll "Remoteprozeduraufruf (RPC)" (RpcSs) - "Microsoft Corporation" - C:\WINDOWS\System32\rpcss.dll "RPC-Locator" (RpcLocator) - "Microsoft Corporation" - C:\WINDOWS\system32\locator.exe "Secondary Logon" (seclogon) - "Microsoft Corporation" - C:\WINDOWS\System32\seclogon.dll "Server" (lanmanserver) - "Microsoft Corporation" - C:\WINDOWS\System32\srvsvc.dll "ServiceLayer" (ServiceLayer) - "Nokia." - C:\Programme\PC Connectivity Solution\ServiceLayer.exe "Shellhardwareerkennung" (ShellHWDetection) - "Microsoft Corporation" - C:\WINDOWS\System32\shsvcs.dll "Sicherheitscenter" (wscsvc) - "Microsoft Corporation" - C:\WINDOWS\system32\wscsvc.dll "Sicherheitskontenverwaltung" (SamSs) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "Sitzungs-Manager für Remotedesktophilfe" (RDSessMgr) - "Microsoft Corporation" - C:\WINDOWS\system32\sessmgr.exe "Smartcard" (SCardSvr) - "Microsoft Corporation" - C:\WINDOWS\System32\SCardSvr.exe "SSDP-Suchdienst" (SSDPSRV) - "Microsoft Corporation" - C:\WINDOWS\System32\ssdpsrv.dll "Systemereignisbenachrichtigung" (SENS) - "Microsoft Corporation" - C:\WINDOWS\system32\sens.dll "Systemwiederherstellungsdienst" (srservice) - "Microsoft Corporation" - C:\WINDOWS\system32\srsvc.dll "T-Online WLAN Adapter Steuerungsdienst" (MZCCntrl) - "Deutsche Telekom AG, Marmiko IT-Solutions GmbH" - C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe "Taskplaner" (Schedule) - "Microsoft Corporation" - C:\WINDOWS\system32\schedsvc.dll "TCP/IP-NetBIOS-Hilfsprogramm" (LmHosts) - "Microsoft Corporation" - C:\WINDOWS\System32\lmhsvc.dll "Telefonie" (TapiSrv) - "Microsoft Corporation" - C:\WINDOWS\System32\tapisrv.dll "Terminaldienste" (TermService) - "Microsoft Corporation" - C:\WINDOWS\System32\termsrv.dll "Universeller Plug & Play-Gerätehost" (upnphost) - "Microsoft Corporation" - C:\WINDOWS\System32\upnphost.dll "Unterbrechungsfreie Stromversorgung" (UPS) - "Microsoft Corporation" - C:\WINDOWS\System32\ups.exe "Verwaltung für automatische RAS-Verbindung" (RasAuto) - "Microsoft Corporation" - C:\WINDOWS\System32\rasauto.dll "Verwaltung logischer Datenträger" (dmserver) - "Microsoft Corp." - C:\WINDOWS\System32\dmserver.dll "Verwaltungsdienst für die Verwaltung logischer Datenträger" (dmadmin) - "Microsoft Corp., Veritas Software" - C:\WINDOWS\System32\dmadmin.exe "Volumeschattenkopie" (VSS) - "Microsoft Corporation" - C:\WINDOWS\System32\vssvc.exe "Warndienst" (Alerter) - "Microsoft Corporation" - C:\WINDOWS\system32\alrsvc.dll "Webclient" (WebClient) - "Microsoft Corporation" - C:\WINDOWS\System32\webclnt.dll "Wechselmedien" (NtmsSvc) - "Microsoft Corporation" - C:\WINDOWS\system32\ntmssvc.dll "Windows Audio" (AudioSrv) - "Microsoft Corporation" - C:\WINDOWS\System32\audiosrv.dll "Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe "Windows Driver Foundation - User-mode Driver Framework" (WudfSvc) - "Microsoft Corporation" - C:\WINDOWS\System32\WUDFSvc.dll "Windows Installer" (MSIServer) - "Microsoft Corporation" - C:\WINDOWS\system32\msiexec.exe "Windows Media Player-Netzwerkfreigabedienst" (WMPNetworkSvc) - "Microsoft Corporation" - C:\Programme\Windows Media Player\WMPNetwk.exe "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe "Windows-Bilderfassung (WIA)" (stisvc) - "Microsoft Corporation" - C:\WINDOWS\system32\wiaservc.dll "Windows-Firewall/Gemeinsame Nutzung der Internetverbindung" (SharedAccess) - "Microsoft Corporation" - C:\WINDOWS\System32\ipnathlp.dll "Windows-Verwaltungsinstrumentation" (winmgmt) - "Microsoft Corporation" - C:\WINDOWS\system32\wbem\WMIsvc.dll "Windows-Zeitgeber" (W32Time) - "Microsoft Corporation" - C:\WINDOWS\system32\w32time.dll "WMI-Leistungsadapter" (WmiApSrv) - "Microsoft Corporation" - C:\WINDOWS\system32\wbem\wmiapsrv.exe "Überwachung verteilter Verknüpfungen (Client)" (TrkWks) - "Microsoft Corporation" - C:\WINDOWS\system32\trkwks.dll [Winlogon] -----( HKCU\Control Panel\IOProcs )----- "MVB" - ? - mvfs32.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon )----- "UIHost" - "Microsoft Corporation" - C:\WINDOWS\system32\logonui.exe "VmApplet" - "Microsoft Corporation" - C:\WINDOWS\system32\sysdm.cpl -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )----- {B587E2B1-4D59-4e7e-AED9-22B9DF11D053} "802.3 Group Policy" - "Microsoft Corporation" - C:\WINDOWS\system32\dot3gpclnt.dll {B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A} "EFS recovery" - "Microsoft Corporation" - C:\WINDOWS\system32\scecli.dll {A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B} "Internet Explorer Branding" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} "Internet Explorer Machine Accelerators" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll {7B849a69-220F-451E-B3FE-2CB811AF94AE} "Internet Explorer User Accelerators" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll {4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3} "Internet Explorer Zonemapping" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll {C631DF4C-088F-4156-B058-4375F0853CD8} "Microsoft Offline Files" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll {3610eda5-77ef-11d2-8dc5-00c04fa31a66} "Microsoft-Datenträgerkontingent" - "Microsoft Corporation" - C:\WINDOWS\system32\dskquota.dll {827D319E-6EAC-11D2-A4EA-00C04F79F83A} "Security" - "Microsoft Corporation" - C:\WINDOWS\system32\scecli.dll {c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "!SASWinLogon" - "SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL "crypt32chain" - "Microsoft Corporation" - C:\WINDOWS\system32\crypt32.dll "cryptnet" - "Microsoft Corporation" - C:\WINDOWS\system32\cryptnet.dll "cscdll" - "Microsoft Corporation" - C:\WINDOWS\system32\cscdll.dll "dimsntfy" - "Microsoft Corporation" - C:\WINDOWS\System32\dimsntfy.dll "ScCertProp" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll "Schedule" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll "sclgntfy" - "Microsoft Corporation" - C:\WINDOWS\system32\sclgntfy.dll "SensLogn" - "Microsoft Corporation" - C:\WINDOWS\system32\WlNotify.dll "termsrv" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll "wlballoon" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "NLA-Namespace" - "Microsoft Corporation" - C:\WINDOWS\System32\mswsock.dll "NTDS" - "Microsoft Corporation" - C:\WINDOWS\System32\winrnr.dll "TCP/IP" - "Microsoft Corporation" - C:\WINDOWS\System32\mswsock.dll -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )----- "MSAFD NetBIOS [\Device\NetBT_Tcpip_{1A9DEA9A-1DD1-43C7-BAA8-D3DD9762775C}] DATAGRAM 2" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{1A9DEA9A-1DD1-43C7-BAA8-D3DD9762775C}] SEQPACKET 2" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{364E696E-E468-421C-9A36-294C3DDBBDB7}] DATAGRAM 4" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{364E696E-E468-421C-9A36-294C3DDBBDB7}] SEQPACKET 4" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{3F431C12-AD05-4A7C-BEBF-35E928856970}] DATAGRAM 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{3F431C12-AD05-4A7C-BEBF-35E928856970}] SEQPACKET 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{4852B4EA-1251-487D-8370-849C00E954CE}] DATAGRAM 0" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{4852B4EA-1251-487D-8370-849C00E954CE}] SEQPACKET 0" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{62D6EB8E-E519-42BE-ADE9-BB240752C6D7}] DATAGRAM 5" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{62D6EB8E-E519-42BE-ADE9-BB240752C6D7}] SEQPACKET 5" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{937E6B05-D0B3-4B33-9E53-8A31F4C3D95B}] DATAGRAM 3" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{937E6B05-D0B3-4B33-9E53-8A31F4C3D95B}] SEQPACKET 3" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD Tcpip [RAW/IP]" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD Tcpip [TCP/IP]" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD Tcpip [UDP/IP]" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "RSVP TCP Service Provider" - "Microsoft Corporation" - C:\WINDOWS\system32\rsvpsp.dll "RSVP UDP Service Provider" - "Microsoft Corporation" - C:\WINDOWS\system32\rsvpsp.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru |
|
02.05.2011, 20:52
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Rechner hängt sich bei GMER seit "Entfernung" von Windows Recovery auf Hast Du noch andere Betriebssystem außer WinXP drauf?
__________________Wenn nicht, also WinXP das einzige installierte System ist: Starte den Rechner neu von der dieser Windows-CD. Im ersten Menü (blauer Hintergrund) mit der taste R in die WHK gehen und den Anweisungen dort folgen, um Zugang zur Konsole zu gelangen. Tipp dort den Befehl fixmbr ein (dann Enter, mit j bestätigen) danach den Befehl fixboot (dann Enter, mit j bestätigen) Mit exit (dann enter drücken) wird der Rechner neu gestartet. Führe im normalen Windowsmodus den MBRcheck und GMER nochmals aus und poste das neue Log.
__________________ |
|
02.05.2011, 21:15
| #3 |
| | Rechner hängt sich bei GMER seit "Entfernung" von Windows Recovery auf Nein, ist nur XP installiert.
__________________Hab also den MBR neugeschrieben, hätte mir auch vorher auffallen können  Naja, hier das MBRCheck Log: Code:
ATTFilter MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001c
Kernel Drivers (total 115):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806D1000 \WINDOWS\system32\hal.dll
0xF7A5C000 \WINDOWS\system32\KDCOM.DLL
0xF796C000 \WINDOWS\system32\BOOTVID.dll
0xF742C000 ACPI.sys
0xF7A5E000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF741B000 pci.sys
0xF755C000 isapnp.sys
0xF7B24000 pciide.sys
0xF77DC000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF7A60000 viaide.sys
0xF756C000 MountMgr.sys
0xF73FC000 ftdisk.sys
0xF77E4000 PartMgr.sys
0xF757C000 VolSnap.sys
0xF73E4000 atapi.sys
0xF758C000 disk.sys
0xF759C000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF73C4000 fltmgr.sys
0xF73B2000 sr.sys
0xF77EC000 PxHelp20.sys
0xF739B000 KSecDD.sys
0xF7388000 WudfPf.sys
0xF72FB000 Ntfs.sys
0xF72CE000 NDIS.sys
0xF72B4000 Mup.sys
0xF75AC000 gagp30kx.sys
0xF75FC000 \SystemRoot\system32\DRIVERS\processr.sys
0xF7241000 \SystemRoot\system32\DRIVERS\vtmini.sys
0xF722D000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF760C000 \SystemRoot\system32\DRIVERS\Rtlnic51.sys
0xF761C000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF762C000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF763C000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF720A000 \SystemRoot\system32\DRIVERS\ks.sys
0xF78BC000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF71E6000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF78C4000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF6FAF000 \SystemRoot\system32\drivers\ALCXWDM.SYS
0xF6F8B000 \SystemRoot\system32\drivers\portcls.sys
0xF764C000 \SystemRoot\system32\drivers\drmk.sys
0xF78CC000 \SystemRoot\system32\DRIVERS\fdc.sys
0xF765C000 \SystemRoot\system32\DRIVERS\serial.sys
0xF7A30000 \SystemRoot\system32\DRIVERS\serenum.sys
0xF6F77000 \SystemRoot\system32\DRIVERS\parport.sys
0xF766C000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF78D4000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF78DC000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF7B3C000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF767C000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7A34000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF6F60000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF768C000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF769C000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF78E4000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF6F4F000 \SystemRoot\system32\DRIVERS\psched.sys
0xF76AC000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF78EC000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF78F4000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF76BC000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7A82000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF6E51000 \SystemRoot\system32\DRIVERS\update.sys
0xF7A44000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF76CC000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF76EC000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF7A86000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF7A88000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7BF4000 \SystemRoot\System32\Drivers\Null.SYS
0xF7A8A000 \SystemRoot\System32\Drivers\Beep.SYS
0xF790C000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF7914000 \SystemRoot\System32\drivers\vga.sys
0xF7A8C000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7A8E000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF791C000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF7924000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7270000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xF5DAD000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xF5D54000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xF5D2C000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF79E4000 \SystemRoot\System32\drivers\ws2ifsl.sys
0xF5CE2000 \SystemRoot\System32\drivers\afd.sys
0xF770C000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF792C000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xF5CC0000 \??\C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS
0xF7934000 \??\C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS
0xF5C95000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xF5C25000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF771C000 \SystemRoot\System32\Drivers\Fips.SYS
0xF5BFF000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF772C000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF5BD6000 \SystemRoot\system32\DRIVERS\wg111v2.sys
0xF5BBA000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xF7A94000 \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys
0xF777C000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xF5BA2000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF7AB0000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF6DEC000 \SystemRoot\System32\drivers\Dxapi.sys
0xF794C000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7BBB000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\vtdisp.dll
0xBF35E000 \SystemRoot\System32\ATMFD.DLL
0xED22E000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xED1E2000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xECEE1000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xECEA4000 \SystemRoot\system32\drivers\wdmaud.sys
0xF773C000 \SystemRoot\system32\drivers\sysaudio.sys
0xECB2C000 \SystemRoot\system32\DRIVERS\srv.sys
0xF76DC000 \??\C:\WINDOWS\system32\FsUsbExDisk.SYS
0xEC77B000 \SystemRoot\System32\Drivers\HTTP.sys
0xF7864000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xEC638000 \SystemRoot\system32\drivers\kmixer.sys
0xEC5F2000 \SystemRoot\System32\Drivers\Fastfat.SYS
0x7C910000 \WINDOWS\system32\ntdll.dll
Processes (total 29):
0 System Idle Process
4 SYSTEM
616 C:\WINDOWS\system32\smss.exe
688 csrss.exe
712 C:\WINDOWS\system32\winlogon.exe
756 C:\WINDOWS\system32\services.exe
768 C:\WINDOWS\system32\lsass.exe
932 C:\WINDOWS\system32\svchost.exe
1024 svchost.exe
1064 C:\WINDOWS\system32\svchost.exe
1136 C:\WINDOWS\system32\svchost.exe
1268 C:\WINDOWS\explorer.exe
1356 svchost.exe
1436 svchost.exe
1668 C:\WINDOWS\system32\spoolsv.exe
1712 C:\Programme\Avira\AntiVir Desktop\sched.exe
1756 svchost.exe
1892 C:\Programme\Avira\AntiVir Desktop\avguard.exe
1908 C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe
1948 C:\WINDOWS\system32\FsUsbExService.Exe
152 C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe
232 C:\WINDOWS\system32\svchost.exe
576 C:\WINDOWS\system32\wuauclt.exe
1244 alg.exe
1500 C:\WINDOWS\system32\svchost.exe
1524 C:\WINDOWS\SOUNDMAN.EXE
1560 C:\Programme\Avira\AntiVir Desktop\avgnt.exe
1824 C:\WINDOWS\system32\ctfmon.exe
2864 C:\Dokumente und Einstellungen\Erhard\Desktop\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
PhysicalDrive0 Model Number: ST380011A, Rev: 8.01
Size Device Name MBR Status
--------------------------------------------
74 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
Done!
|
|
02.05.2011, 21:36
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner hängt sich bei GMER seit "Entfernung" von Windows Recovery auf Dafür zeigt MBRCheck schon mal was freundlicheres an  GMER stürzt leider auf manchen Rechner ständig ab...  ...ist durchaus normal, schließlich wühlt es in den tiefsten Ecken des Fensters rum, knabbert aber nicht den Kitt ab  Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.05.2011, 02:49
| #5 |
| | Rechner hängt sich bei GMER seit "Entfernung" von Windows Recovery auf Also das GMER gerne mal abschmiert weiß ich wohl, dass es aber Rechner zum Absturz bringt ist mir neu. (Wobei mich bei dem Rechner hier gar nichts mehr wundert...) Naja, hier die Logs: Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 05/03/2011 at 00:25 AM
Application Version : 4.51.1000
Core Rules Database Version : 6892
Trace Rules Database Version: 4785
Scan type : Complete Scan
Total Scan Time : 01:06:04
Memory items scanned : 412
Memory threats detected : 0
Registry items scanned : 6446
Registry threats detected : 0
File items scanned : 24041
File threats detected : 14
Adware.Tracking Cookie
C:\Dokumente und Einstellungen\Erhard\Cookies\erhard@yadro[1].txt
C:\Dokumente und Einstellungen\Erhard\Cookies\erhard@doubleclick[1].txt
.doubleclick.net [ C:\Dokumente und Einstellungen\Erhard\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Dokumente und Einstellungen\Erhard\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Dokumente und Einstellungen\Erhard\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Dokumente und Einstellungen\Erhard\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Cookies ]
.zanox-affiliate.de [ C:\Dokumente und Einstellungen\Erhard\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Dokumente und Einstellungen\Erhard\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Dokumente und Einstellungen\Erhard\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Cookies ]
.traffictrack.de [ C:\Dokumente und Einstellungen\Erhard\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Cookies ]
.webmasterplan.com [ C:\Dokumente und Einstellungen\Erhard\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Cookies ]
.webmasterplan.com [ C:\Dokumente und Einstellungen\Erhard\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Cookies ]
.zanox.com [ C:\Dokumente und Einstellungen\Erhard\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Cookies ]
tracking.mlsat02.de [ C:\Dokumente und Einstellungen\Erhard\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Cookies ]
Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6493
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
03.05.2011 03:42:33
mbam-log-2011-05-03 (03-42-33).txt
Scan type: Full scan (C:\|)
Objects scanned: 276195
Time elapsed: 2 hour(s), 19 minute(s), 32 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
|
|
03.05.2011, 10:39
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner hängt sich bei GMER seit "Entfernung" von Windows Recovery auf Sieht ok aus, da wurden nur Cookies gefunden. Noch Probleme oder weitere Funde in der Zwischenzeit? Und dein Rechner ist nicht der einzige, der bei GMER abstürzt. GMER werkelt in den tiefen von Windows rum, da sind Abstürze fast vorprogrammiert aber eben nicht immer da 
__________________ --> Rechner hängt sich bei GMER seit "Entfernung" von Windows Recovery auf |
|
03.05.2011, 10:59
| #7 |
| | Rechner hängt sich bei GMER seit "Entfernung" von Windows Recovery auf Funde - Nein; Probleme - so viele wie man mit 512MB Ram (shared memory) eben hat  Aber um mich genauer auszudrücken: Nein, der Rechner läuft deutlich flüssiger  |
|
03.05.2011, 11:02
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Rechner hängt sich bei GMER seit "Entfernung" von Windows Recovery auf Dann wären wir durch!  Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Dein Adobe Reader ist nicht aktuell, was ein großes Sicherheitsrisiko darstellt. Du solltest daher besser die alte Version über Systemsteuerung => Software deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. Ich empfehle einen alternativen PDF-Reader wie SumatraPDF oder Foxit PDF Reader, beide sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers, hier der direkte Downloadlink: Mozilla und andere Browser => http://filepony.de/?q=Flash+Player Internet Explorer => http://fpdownload.adobe.com/get/flas..._player_ax.exe Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.05.2011, 11:41
| #9 |
| | Rechner hängt sich bei GMER seit "Entfernung" von Windows Recovery auf Alles klar! Dann klemm' ich mich mal hinter die Updates und bedanke mich für alles |
|
| Themen zu Rechner hängt sich bei GMER seit "Entfernung" von Windows Recovery auf |
| archiv, bat, eingefangen, entferne, entfernen, entfernung, freund, funktioniert, gefangen, gen, gmer, hoffe, hängt, liebe, lieben, mbam, rechner, rechner hängt, recovery, recovery virus, starte, versucht, virus, weiterhelfen, werfen, windows, zusammen |
Hybrid-Darstellung
