Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows XP Recovery, habe ich alles richtig gemacht?

Windows XP Recovery, habe ich alles richtig gemacht?


Log-Analyse und Auswertung: Windows XP Recovery, habe ich alles richtig gemacht?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 20.05.2011, 11:17   #1
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows XP Recovery, habe ich alles richtig gemacht? - Standard

Windows XP Recovery, habe ich alles richtig gemacht?


Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.


Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur wenige Sekunden.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 24.05.2011, 08:50   #2
Sebastian0
 
Windows XP Recovery, habe ich alles richtig gemacht? - Standard

Windows XP Recovery, habe ich alles richtig gemacht?


Hi,

es hat aufgrund es Wochenendes etwas länger gedauert, aber hier sind die Log Files

GMER
GMER Logfile:
Code:
ATTFilter
GMER 1.0.15.15627 - hxxp://www.gmer.net
Rootkit scan 2011-05-24 09:37:26
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\0000007c SAMSUNG_SP2004C rev.VM100-50
Running: m83yvvl0.exe; Driver: C:\DOKUME~1\SEBAST~1\LOKALE~1\Temp\kgtdapoc.sys


---- System - GMER 1.0.15 ----

SSDT            A75B554E                                                                                                            ZwCreateKey
SSDT            A75B5544                                                                                                            ZwCreateThread
SSDT            A75B5553                                                                                                            ZwDeleteKey
SSDT            A75B555D                                                                                                            ZwDeleteValueKey
SSDT            spvy.sys                                                                                                            ZwEnumerateKey [0xB9ECDDA4]
SSDT            spvy.sys                                                                                                            ZwEnumerateValueKey [0xB9ECE132]
SSDT            A75B5562                                                                                                            ZwLoadKey
SSDT            spvy.sys                                                                                                            ZwOpenKey [0xB9EB50C0]
SSDT            A75B5530                                                                                                            ZwOpenProcess
SSDT            A75B5535                                                                                                            ZwOpenThread
SSDT            spvy.sys                                                                                                            ZwQueryKey [0xB9ECE20A]
SSDT            spvy.sys                                                                                                            ZwQueryValueKey [0xB9ECE08A]
SSDT            A75B556C                                                                                                            ZwReplaceKey
SSDT            A75B5567                                                                                                            ZwRestoreKey
SSDT            A75B5558                                                                                                            ZwSetValueKey

INT 0x62        ?                                                                                                                   8A62EBF8
INT 0x73        ?                                                                                                                   8A699BF8
INT 0x83        ?                                                                                                                   8A699BF8
INT 0xB4        ?                                                                                                                   8A2D5F00

---- Kernel code sections - GMER 1.0.15 ----

?               spvy.sys                                                                                                            Das System kann die angegebene Datei nicht finden. !
.text           C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                                                            section is writeable [0xB8892360, 0x20574D, 0xE8000020]
.text           USBPORT.SYS!DllUnload                                                                                               B88728AC 5 Bytes  JMP 8A2D54E0 
.text           a0wd361p.SYS                                                                                                        B8754386 35 Bytes  [00, 00, 00, 00, 00, 00, 20, ...]
.text           a0wd361p.SYS                                                                                                        B87543AA 24 Bytes  [00, 00, 00, 00, 00, 00, 00, ...]
.text           a0wd361p.SYS                                                                                                        B87543C4 3 Bytes  [00, 80, 02]
.text           a0wd361p.SYS                                                                                                        B87543C9 1 Byte  [30]
.text           a0wd361p.SYS                                                                                                        B87543C9 11 Bytes  [30, 00, 00, 00, 5E, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESI; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL}
.text           ...                                                                                                                 
init            C:\WINDOWS\system32\drivers\Senfilt.sys                                                                             entry point in "init" section [0xAC5DFA80]

---- User code sections - GMER 1.0.15 ----

.text           C:\WINDOWS\system32\SearchIndexer.exe[1820] kernel32.dll!WriteFile                                                  7C810E27 7 Bytes  JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)
.text           C:\WINDOWS\Explorer.EXE[2752] SHELL32.dll!SHFileOperationW                                                          7E7208A0 5 Bytes  JMP 01881102 C:\Programme\Unlocker\UnlockerHook.dll

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT             atapi.sys[HAL.dll!READ_PORT_UCHAR]                                                                                  [B9EB6042] spvy.sys
IAT             atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT]                                                                          [B9EB613E] spvy.sys
IAT             atapi.sys[HAL.dll!READ_PORT_USHORT]                                                                                 [B9EB60C0] spvy.sys
IAT             atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT]                                                                         [B9EB6800] spvy.sys
IAT             atapi.sys[HAL.dll!WRITE_PORT_UCHAR]                                                                                 [B9EB66D6] spvy.sys
IAT             \SystemRoot\System32\Drivers\a0wd361p.SYS[HAL.dll!KfAcquireSpinLock]                                                18C4830E
IAT             \SystemRoot\System32\Drivers\a0wd361p.SYS[HAL.dll!READ_PORT_UCHAR]                                                  1C959E88
IAT             \SystemRoot\System32\Drivers\a0wd361p.SYS[HAL.dll!KeGetCurrentIrql]                                                 9E880000
IAT             \SystemRoot\System32\Drivers\a0wd361p.SYS[HAL.dll!KfRaiseIrql]                                                      00001CB1
IAT             \SystemRoot\System32\Drivers\a0wd361p.SYS[HAL.dll!KfLowerIrql]                                                      0E798366
IAT             \SystemRoot\System32\Drivers\a0wd361p.SYS[HAL.dll!HalGetInterruptVector]                                            74AAB000
IAT             \SystemRoot\System32\Drivers\a0wd361p.SYS[HAL.dll!HalTranslateBusAddress]                                           8986C636
IAT             \SystemRoot\System32\Drivers\a0wd361p.SYS[HAL.dll!KeStallExecutionProcessor]                                        1A00001C
IAT             \SystemRoot\System32\Drivers\a0wd361p.SYS[HAL.dll!KfReleaseSpinLock]                                                1C8B86C6
IAT             \SystemRoot\System32\Drivers\a0wd361p.SYS[HAL.dll!READ_PORT_BUFFER_USHORT]                                          C6020000
IAT             \SystemRoot\System32\Drivers\a0wd361p.SYS[HAL.dll!READ_PORT_USHORT]                                                 001C9686
IAT             \SystemRoot\System32\Drivers\a0wd361p.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT]                                         86C60200
IAT             \SystemRoot\System32\Drivers\a0wd361p.SYS[HAL.dll!WRITE_PORT_UCHAR]                                                 00001CB2
IAT             \SystemRoot\System32\Drivers\a0wd361p.SYS[WMILIB.SYS!WmiSystemControl]                                              8800001C
IAT             \SystemRoot\System32\Drivers\a0wd361p.SYS[WMILIB.SYS!WmiCompleteRequest]                                            001CB99E
IAT             \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR]                                                  [B9EC5B90] spvy.sys

---- Devices - GMER 1.0.15 ----

Device          \FileSystem\Ntfs \Ntfs                                                                                              8A6981F8
Device          \Driver\sptd \Device\934380598                                                                                      spvy.sys

AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass0                                                                             VMkbd.sys (VMware keyboard filter driver (32-bit)/VMware, Inc.)
AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass1                                                                             VMkbd.sys (VMware keyboard filter driver (32-bit)/VMware, Inc.)

Device          \Driver\usbohci \Device\USBPDO-0                                                                                    8A3C51F8
Device          \Driver\dmio \Device\DmControl\DmIoDaemon                                                                           8A69A1F8
Device          \Driver\dmio \Device\DmControl\DmConfig                                                                             8A69A1F8
Device          \Driver\dmio \Device\DmControl\DmPnP                                                                                8A69A1F8
Device          \Driver\dmio \Device\DmControl\DmInfo                                                                               8A69A1F8
Device          \Driver\usbehci \Device\USBPDO-1                                                                                    8A2D41F8
Device          \Driver\NetBT \Device\NetBT_Tcpip_{D510AC77-001F-4D9E-B08A-F6A72A0FBE8A}                                            8A1E8500
Device          \Driver\PCI_PNP3098 \Device\00000055                                                                                spvy.sys
Device          \Driver\Ftdisk \Device\HarddiskVolume1                                                                              8A62F1F8
Device          \Driver\NetBT \Device\NetBT_Tcpip_{2CC59F7E-F6F4-432F-BC74-86F0D0F41844}                                            8A1E8500
Device          \Driver\Cdrom \Device\CdRom0                                                                                        8A2D31F8
Device          \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3                                                                         [B9E08B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdePort0                                                                                  [B9E08B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\atapi \Device\Ide\IdePort1                                                                                  [B9E08B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device          \Driver\Cdrom \Device\CdRom1                                                                                        8A2D31F8
Device          \Driver\NetBT \Device\NetBT_Tcpip_{8F938BA5-42D7-449C-9602-47F5592ED88D}                                            8A1E8500
Device          \Driver\Cdrom \Device\CdRom2                                                                                        8A2D31F8
Device          \Driver\NetBT \Device\NetBt_Wins_Export                                                                             8A1E8500
Device          \Driver\usbstor \Device\00000084                                                                                    8A2BB1F8
Device          \Driver\NetBT \Device\NetBT_Tcpip_{1F1481A4-1727-434B-93AD-AC5E3410E048}                                            8A1E8500
Device          \Driver\NetBT \Device\NetbiosSmb                                                                                    8A1E8500
Device          \Driver\usbstor \Device\00000088                                                                                    8A2BB1F8
Device          \Driver\usbstor \Device\00000089                                                                                    8A2BB1F8
Device          \Driver\usbohci \Device\USBFDO-0                                                                                    8A3C51F8
Device          \Driver\usbohci \Device\USBFDO-0                                                                                    hcmon.sys (VMware USB monitor/VMware, Inc.)
Device          \Driver\usbehci \Device\USBFDO-1                                                                                    8A2D41F8
Device          \Driver\usbehci \Device\USBFDO-1                                                                                    hcmon.sys (VMware USB monitor/VMware, Inc.)
Device          \Driver\nvata \Device\NvAta0                                                                                        8A6991F8
Device          \FileSystem\MRxSmb \Device\LanmanDatagramReceiver                                                                   8A4C31F8
Device          \Driver\nvata \Device\NvAta1                                                                                        8A6991F8
Device          \Driver\nvata \Device\0000007c                                                                                      8A6991F8
Device          \FileSystem\MRxSmb \Device\LanmanRedirector                                                                         8A4C31F8
Device          \Driver\Ftdisk \Device\FtControl                                                                                    8A62F1F8
Device          \Driver\usbhub \Device\0000007e                                                                                     hcmon.sys (VMware USB monitor/VMware, Inc.)
Device          \Driver\usbhub \Device\0000007f                                                                                     hcmon.sys (VMware USB monitor/VMware, Inc.)
Device          \Driver\a0wd361p \Device\Scsi\a0wd361p1                                                                             8A2D1500
Device          \Driver\a0wd361p \Device\Scsi\a0wd361p1Port4Path0Target1Lun0                                                        8A2D1500
Device          \Driver\a0wd361p \Device\Scsi\a0wd361p1Port4Path0Target0Lun0                                                        8A2D1500
Device          \FileSystem\Cdfs \Cdfs                                                                                              8A2401F8

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1                                                                  771343423
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2                                                                  285507792
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0                                                                  1
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                    
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                 0xD4 0xC3 0x97 0x02 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                 0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0xAC 0x5F 0x2C 0xC2 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                 C:\Programme\DAEMON Tools Lite\
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                           
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                     0x71 0x8A 0x87 0xBB ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                      
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0xA2 0x8B 0x2F 0x98 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1                      
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12                0x6E 0xBF 0x4E 0xDF ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                     0xD4 0xC3 0x97 0x02 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                     0
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0xAC 0x5F 0x2C 0xC2 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                     C:\Programme\DAEMON Tools Lite\
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)       
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                         0x71 0x8A 0x87 0xBB ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0xA2 0x8B 0x2F 0x98 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12                    0x6E 0xBF 0x4E 0xDF ...

---- EOF - GMER 1.0.15 ----
--- --- ---


OSAM
OSAM Logfile:
Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 09:48:41 on 24.05.2011

OS: Windows XP Professional Service Pack 3 (Build 2600)
Default Browser: Mozilla Corporation Firefox 3.6.17

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-4167904640-169653539-2607701351-1005Core.job" - "Google Inc." - C:\Dokumente und Einstellungen\sebastian\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-4167904640-169653539-2607701351-1005UA.job" - "Google Inc." - C:\Dokumente und Einstellungen\sebastian\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"nvtuicpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvtuicpl.cpl
"rcapi.cpl" - "ELSA AG" - C:\WINDOWS\system32\rcapi.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Avira AntiVir PersonalEdition Premium" - ? - C:\PROGRA~1\ANTIVI~1\avconfig.cpl  (File not found)
"Avira AntiVir Premium " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL
"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl
"SMAX4CP" - "Analog Devices, Inc." - C:\Programme\Analog Devices\SoundMAX\SMax4.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"a0wd361p" (a0wd361p) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\a0wd361p.sys  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\DOKUME~1\SEBAST~1\LOKALE~1\Temp\catchme.sys  (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)
"CO_Mon" (CO_Mon) - ? - C:\WINDOWS\system32\Drivers\CO_Mon.sys  (File found, but it contains no detailed information)
"ELSA CAPI Driver" (ElsaCapiDrv) - "ELSA, Aachen (Germany)" - C:\WINDOWS\System32\Drivers\rcapi.sys
"GEARAspiWDM" (GEARAspiWDM) - "GEAR Software Inc." - C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)
"kgtdapoc" (kgtdapoc) - ? - C:\DOKUME~1\SEBAST~1\LOKALE~1\Temp\kgtdapoc.sys  (Hidden registry entry, rootkit activity | File not found)
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"sptd" (sptd) - "Duplex Secure Ltd." - C:\WINDOWS\System32\Drivers\sptd.sys  (File is exclusively opened, access blocked)
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"UltraMonMirror" (UltraMonMirror) - ? - C:\WINDOWS\System32\DRIVERS\UltraMonMirror.sys  (File not found)
"VBoxNetFlt Service" (VBoxNetFlt) - "Sun Microsystems, Inc." - C:\WINDOWS\System32\DRIVERS\VBoxNetFlt.sys
"VirtualBox Host-Only Ethernet Adapter" (VBoxNetAdp) - "Sun Microsystems, Inc." - C:\WINDOWS\System32\DRIVERS\VBoxNetAdp.sys
"VirtualBox Service" (VBoxDrv) - "Sun Microsystems, Inc." - C:\WINDOWS\System32\DRIVERS\VBoxDrv.sys
"VirtualBox USB Monitor Driver" (VBoxUSBMon) - "Sun Microsystems, Inc." - C:\WINDOWS\System32\DRIVERS\VBoxUSBMon.sys
"VMware Bridge Protocol" (VMnetBridge) - "VMware, Inc." - C:\WINDOWS\System32\DRIVERS\vmnetbridge.sys
"VMware hcmon" (hcmon) - "VMware, Inc." - C:\WINDOWS\system32\drivers\hcmon.sys
"VMware kbd" (vmkbd) - "VMware, Inc." - C:\WINDOWS\system32\drivers\VMkbd.sys
"VMware Network Application Interface" (VMnetuserif) - "VMware, Inc." - C:\WINDOWS\system32\drivers\vmnetuserif.sys
"VMware vmci" (vmci) - "VMware, Inc." - C:\WINDOWS\system32\Drivers\vmci.sys
"VMware VMparport" (VMparport) - "VMware, Inc." - C:\WINDOWS\system32\Drivers\VMparport.sys
"VMware vmx86" (vmx86) - "VMware, Inc." - C:\WINDOWS\system32\Drivers\vmx86.sys
"Vstor2 WS60 Virtual Storage Driver" (vstor2-ws60) - "VMware, Inc." - C:\Programme\VMware\VMware Player\vstor2-ws60.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
{30351349-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\TortoiseSVN\bin\TortoiseStub.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Programme\OpenOffice.org 2.2\program\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{56F9679E-7826-4C84-81F3-532071A8BCC5} "Windows Desktop Search Namespace Manager" - "Microsoft Corporation" - C:\Programme\Windows Desktop Search\MSNLNamespaceMgr.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{0AC6C6C5-F7A8-11D2-BEF4-00C04F990001} "Allaire FTP & RDS" - "Allaire Corp." - C:\WINDOWS\system32\cfshellftprds.dll
{9999A076-A9E2-4C99-8A2B-632FC9429223} "Bonjour" - "Apple Inc." - C:\Programme\Bonjour\ExplorerPlugin.dll
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll  (File not found)
{1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll
{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - c:\WINDOWS\system32\mscoree.dll
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Programme\OpenOffice.org 2.2\program\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Programme\OpenOffice.org 2.2\program\shlxthdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Programme\OpenOffice.org 2.2\program\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Programme\OpenOffice.org 2.2\program\shlxthdl.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL
{F367BD78-D2B5-459A-B775-9C14E06FCC3D} "Send to Miranda contact" - ? - C:\Programme\MirandaProZ\Plugins\shellfilesend.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} "SnagIt" - "TechSmith Corporation" - C:\Programme\TechSmith\SnagIt 7\SnagItIEAddin.dll
{CF74B903-3389-469c-B3B6-0204D204FCBD} "SnagItShellExt Class" - "TechSmith Corporation" - C:\Programme\TechSmith\SnagIt 7\SnagItShellExt.dll
{46605027-5B8C-4DCE-BFE0-051B7972D64C} "TortoiseHg" - "TortoiseHg Project" - C:\Programme\TortoiseHg\ThgShellx86.dll
{869C8877-2C3C-438D-844B-31B86BFE5E8A} "TortoiseHg" - "TortoiseHg Project" - C:\Programme\TortoiseHg\ThgShellx86.dll
{9E3D4EC9-0624-4393-8B48-204C217ED1FF} "TortoiseHg" - "TortoiseHg Project" - C:\Programme\TortoiseHg\ThgShellx86.dll
{AF42ADAB-8C2E-4285-B746-99B31094708E} "TortoiseHg" - "TortoiseHg Project" - C:\Programme\TortoiseHg\ThgShellx86.dll
{CDA1C89D-E9B5-4981-A857-82DD932EA2FD} "TortoiseHg" - "TortoiseHg Project" - C:\Programme\TortoiseHg\ThgShellx86.dll
{30351346-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\TortoiseSVN\bin\TortoiseStub.dll
{30351347-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\TortoiseSVN\bin\TortoiseStub.dll
{30351348-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\TortoiseSVN\bin\TortoiseStub.dll
{30351349-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\TortoiseSVN\bin\TortoiseStub.dll
{3035134A-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\TortoiseSVN\bin\TortoiseStub.dll
{3035134B-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\TortoiseSVN\bin\TortoiseStub.dll
{3035134C-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\TortoiseSVN\bin\TortoiseStub.dll
{3035134D-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\TortoiseSVN\bin\TortoiseStub.dll
{3035134E-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\TortoiseSVN\bin\TortoiseStub.dll
{3035134F-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\TortoiseSVN\bin\TortoiseStub.dll
{30351350-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\TortoiseSVN\bin\TortoiseStub.dll
{C5994560-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
{C5994561-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
{C5994562-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
{C5994563-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
{C5994564-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
{C5994565-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
{C5994566-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
{C5994567-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
{C5994568-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} "UnlockerShellExtension" - ? - C:\Programme\Unlocker\UnlockerCOM.dll  (File found, but it contains no detailed information)
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL
{13E7F612-F261-4391-BEA2-39DF4F3FA311} "Windows Desktop Search" - "Microsoft Corporation" - C:\Programme\Windows Desktop Search\msnlExt.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll  (File found, but it contains no detailed information)

[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----
{A202B231-EF71-4A08-BDB9-4CE5AE8BDE0A} "IE Developer Toolbar" - "Microsoft Corporation" - C:\Programme\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
{ED2DD609-156E-44EE-B2EC-B93544F5A0D6} "ieHTTPHeaders" - ? - C:\Programme\ieHTTPHeaders\ieHTTPTrace.dll
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBarLayout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} "ActiveScan Installer Class" - "Panda Software" - C:\WINDOWS\Downloaded Program Files\asinst.dll / hxxp://acs.pandasoftware.com/activescan/as5free/asinst.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} "Symantec AntiVirus scanner" - "Symantec Corporation" - C:\WINDOWS\Downloaded Program Files\avsniff.dll / hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
{644E432F-49D3-41A1-8DD5-E099162EEEC5} "Symantec RuFSI Utility Class" - "Symantec Corporation" - C:\WINDOWS\Downloaded Program Files\rufsi.dll / hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
{17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\WINDOWS\system32\legitcheckcontrol.dll / hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{9999A076-A9E2-4C99-8A2B-632FC9429223} "Bonjour" - "Apple Inc." - C:\Programme\Bonjour\ExplorerPlugin.dll
{ED2DD609-156E-44EE-B2EC-B93544F5A0D6} "ClsidExtension" - ? - C:\Programme\ieHTTPHeaders\ieHTTPTrace.dll
"Fiddler2" - "Eric Lawrence" - C:\Programme\Fiddler2\Fiddler.exe
"ICQ6" - "ICQ, Inc." - C:\Programme\ICQ6\ICQ.exe
{CC962137-2E78-4F94-975E-FC0C07DBD78F} "IE Developer Toolbar" - "Microsoft Corporation" - C:\Programme\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
"SwyxIt! Wählhilfe" - ? - C:\Programme\SwyxIt!\IEDial.htm
{95188727-288F-4581-A48D-EAB3BD027314} "Zend Studio Toolbar" - "Zend Technologies Ltd" - C:\PROGRA~1\Zend\ZENDST~2.0\toolbars\ZENDIE~1.DLL
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} "FireShot" - ? - C:\Dokumente und Einstellungen\sebastian\Anwendungsdaten\Mozilla\Firefox\Profiles\28qn4m48.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.59.dll  (File not found)
<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} "SnagIt" - "TechSmith Corporation" - C:\Programme\TechSmith\SnagIt 7\SnagItIEAddin.dll
<binary data> "Zend Studio" - "Zend Technologies Ltd" - C:\PROGRA~1\Zend\ZENDST~2.0\toolbars\ZENDIE~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
{00C6482D-C502-44C8-8409-FCE54AD9C208} "HelperObject Class" - "TechSmith Corporation" - C:\Programme\TechSmith\SnagIt 7\SnagItBHO.dll
{CC7E636D-39AA-49b6-B511-65413DA137A1} "IE Developer Toolbar BHO" - "Microsoft Corporation" - C:\Programme\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
"HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe  (Shortcut exists | File exists)
"MultiMon Taskbar.lnk" - ? - C:\Programme\MMTaskbar\MultiMon.exe  (Shortcut exists | File exists)
"SwyxIt!.lnk" - "Swyx Solutions" - C:\Programme\SwyxIt!\SwyxIt!.exe  (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\sebastian\Startmenü\Programme\Autostart\desktop.ini
"netzlaufwerke.bat" - ? - C:\Dokumente und Einstellungen\sebastian\Startmenü\Programme\Autostart\netzlaufwerke.bat
"Stickies.lnk" - "Zhorn Software" - C:\Programme\stickies\stickies.exe  (Shortcut exists | File exists)
"Verknüpfung mit MultiMon.lnk" - ? - C:\Programme\MMTaskbar\MultiMon.exe  (Shortcut exists | File exists)
"Verknüpfung mit SwyxIt!.lnk" - "Swyx Solutions" - C:\Programme\SwyxIt!\SwyxIt!.exe  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"Skype" - "Skype Technologies S.A." - "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
"swg" - "Google Inc." - "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"nTrayFw" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
"nwiz" - "NVIDIA Corporation" - nwiz.exe /install
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
"TortoiseHgOverlayIconServer" - ? - C:\Programme\TortoiseHg\TortoiseHgOverlayServer.exe  (File found, but it contains no detailed information)
"UnlockerAssistant" - ? - "C:\Programme\Unlocker\UnlockerAssistant.exe"  (File found, but it contains no detailed information)

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"CUSTPDF Writer Monitor x86" - ? - C:\WINDOWS\system32\custmon32.dll  (File found, but it contains no detailed information)
"HP Standard TCP/IP Port" - "Hewlett Packard" - C:\WINDOWS\system32\HpTcpMon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir MailGuard" (AntiVirMailService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avmailc.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"Avira AntiVir WebGuard" (AntiVirWebService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
"ELSA CAPI Control" (ElsaCapiCtl) - "ELSA AG" - C:\WINDOWS\System32\rcapi.exe
"ForceWare Intelligent Application Manager (IAM)" (ForceWare Intelligent Application Manager (IAM)) - ? - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
"ForceWare IP service" (nSvcIp) - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
"ForceWare user log service" (nSvcLog) - "NVIDIA" - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
"Forceware Web Interface" (ForcewareWebInterface) - "Apache Software Foundation" - C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
"Google Software Updater" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll
"hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\WINDOWS\system32\HPZinw12.dll
"Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\WINDOWS\system32\HPZipm12.dll
"VMware Agent Service" (ufad-ws60) - "VMware, Inc." - C:\Programme\VMware\VMware Player\vmware-ufad.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
"Windows Presentation Foundation Font Cache 4.0.0.0" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Programme\Bonjour\mdnsNSP.dll
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )-----
"AVSDA" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avsda.dll
"VMCI sockets DGRAM" - "VMware, Inc." - C:\Programme\VMware\VMware Player\vsocklib.dll
"VMCI sockets STREAM" - "VMware, Inc." - C:\Programme\VMware\VMware Player\vsocklib.dll

===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru[/QUOTE]

MBERCheck
Zitat:
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x013feffd

Kernel Drivers (total 145):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E6000 \WINDOWS\system32\hal.dll
0xBA5A8000 \WINDOWS\system32\KDCOM.DLL
0xBA4B8000 \WINDOWS\system32\BOOTVID.dll
0xB9EB4000 spvy.sys
0xBA5AA000 \WINDOWS\System32\Drivers\WMILIB.SYS
0xB9E9C000 \WINDOWS\System32\Drivers\SCSIPORT.SYS
0xB9E6D000 ACPI.sys
0xB9E5C000 pci.sys
0xBA0A8000 isapnp.sys
0xBA670000 pciide.sys
0xBA328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xBA0B8000 MountMgr.sys
0xB9E3D000 ftdisk.sys
0xBA5AC000 dmload.sys
0xB9E17000 dmio.sys
0xBA330000 PartMgr.sys
0xBA0C8000 VolSnap.sys
0xB9DFF000 atapi.sys
0xB9DE6000 nvata.sys
0xBA0D8000 disk.sys
0xBA0E8000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB9DC6000 fltmgr.sys
0xB9DB4000 sr.sys
0xB9D9D000 KSecDD.sys
0xB9D10000 Ntfs.sys
0xB9CE3000 NDIS.sys
0xB9CC9000 Mup.sys
0xBA168000 \SystemRoot\system32\DRIVERS\AmdK8.sys
0xB8892000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xB887E000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xBA410000 \SystemRoot\system32\DRIVERS\usbohci.sys
0xB885A000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xBA418000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xBA238000 \SystemRoot\system32\DRIVERS\imapi.sys
0xBA248000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xB95C7000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB8837000 \SystemRoot\system32\DRIVERS\ks.sys
0xBA420000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys
0xB880F000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xBA558000 \SystemRoot\system32\DRIVERS\nvnetbus.sys
0xB87C4000 \SystemRoot\system32\DRIVERS\NVNRM.SYS
0xB878D000 \SystemRoot\system32\DRIVERS\NVSNPU.SYS
0xB8754000 \SystemRoot\System32\Drivers\a0wd361p.SYS
0xBA5F4000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0xBA488000 \SystemRoot\system32\DRIVERS\fdc.sys
0xB95B7000 \SystemRoot\system32\DRIVERS\serial.sys
0xBA568000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB8740000 \SystemRoot\system32\DRIVERS\parport.sys
0xB95A7000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xBA490000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xBA498000 \??\C:\WINDOWS\system32\drivers\VMkbd.sys
0xBA56C000 \SystemRoot\system32\DRIVERS\usbscan.sys
0xBA5F6000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xBA73B000 \SystemRoot\system32\DRIVERS\audstub.sys
0xBA3D0000 \SystemRoot\system32\DRIVERS\rasirda.sys
0xBA4A0000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB8C82000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xBA574000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB8729000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xB8C72000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xB8C62000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xB8718000 \SystemRoot\system32\DRIVERS\psched.sys
0xB8C52000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xBA4A8000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xBA4B0000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB8702000 \SystemRoot\system32\DRIVERS\VBoxNetAdp.sys
0xB86D2000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xB8C42000 \SystemRoot\system32\DRIVERS\termdd.sys
0xBA338000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xB8692000 \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys
0xBA5F8000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB8634000 \SystemRoot\system32\DRIVERS\update.sys
0xBA594000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xBA598000 \SystemRoot\system32\DRIVERS\vmnetadapter.sys
0xBA59C000 \SystemRoot\system32\DRIVERS\VMNET.SYS
0xB09BF000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xAFB86000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xAC62B000 \SystemRoot\system32\drivers\ADIHdAud.sys
0xAC607000 \SystemRoot\system32\drivers\portcls.sys
0xAEF8B000 \SystemRoot\system32\drivers\drmk.sys
0xAC5E7000 \SystemRoot\system32\drivers\AEAudio.sys
0xAC587000 \SystemRoot\system32\drivers\Senfilt.sys
0xA844F000 \SystemRoot\system32\DRIVERS\NVENETFD.sys
0xB19FC000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xBA658000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xA8055000 \SystemRoot\System32\Drivers\Null.SYS
0xA91D7000 \SystemRoot\System32\Drivers\Beep.SYS
0xB19EC000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xA7C2E000 \SystemRoot\System32\drivers\vga.sys
0xA91D5000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xA91D3000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xA7C26000 \SystemRoot\System32\Drivers\Msfs.SYS
0xA7C1E000 \SystemRoot\System32\Drivers\Npfs.SYS
0xA8290000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xA742B000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xA73D2000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xA73AA000 \SystemRoot\system32\DRIVERS\netbt.sys
0xA8288000 \SystemRoot\System32\drivers\ws2ifsl.sys
0xA7388000 \SystemRoot\System32\drivers\afd.sys
0xA7E52000 \SystemRoot\system32\DRIVERS\netbios.sys
0xA7E32000 \SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
0xA736D000 \SystemRoot\system32\DRIVERS\VBoxDrv.sys
0xA7C16000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xA7342000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xA72D2000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA7E22000 \SystemRoot\System32\Drivers\Fips.SYS
0xA72AC000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xA7E12000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xA7286000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xA8F46000 \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys
0xA77A9000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xA7BEE000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xA75AE000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xA7799000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xA7BE6000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xA7779000 \SystemRoot\system32\drivers\usbaudio.sys
0xA75A6000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xA726D000 \SystemRoot\System32\Drivers\dump_nvata.sys
0xA8F40000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xA7592000 \SystemRoot\System32\drivers\Dxapi.sys
0xA78D1000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xBA791000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\nv4_disp.dll
0xBF3D8000 \SystemRoot\System32\ATMFD.DLL
0xA5DF8000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xA5DBA000 \SystemRoot\system32\DRIVERS\irda.sys
0xB6822000 \SystemRoot\system32\DRIVERS\vmnetbridge.sys
0xB2AF5000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA5CED000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xA7749000 \??\C:\WINDOWS\system32\drivers\hcmon.sys
0xAFB76000 \??\C:\WINDOWS\system32\Drivers\vmci.sys
0xBA66E000 \??\C:\WINDOWS\system32\Drivers\VMparport.sys
0xA5BF5000 \??\C:\WINDOWS\system32\Drivers\vmx86.sys
0xA5B75000 \SystemRoot\system32\DRIVERS\srv.sys
0xBA360000 \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys
0xA5B69000 \??\C:\Programme\VMware\VMware Player\vstor2-ws60.sys
0xA565C000 \SystemRoot\System32\Drivers\HTTP.sys
0xA561F000 \SystemRoot\system32\drivers\wdmaud.sys
0xBA288000 \SystemRoot\system32\drivers\sysaudio.sys
0xA0C29000 \??\C:\DOKUME~1\SEBAST~1\LOKALE~1\Temp\kgtdapoc.sys
0x7C910000 \WINDOWS\system32\ntdll.dll
0x10000000 \Programme\DAEMON Tools Lite\Engine.dll

Processes (total 53):
0 System Idle Process
4 System
1096 C:\WINDOWS\system32\smss.exe
1184 csrss.exe
1208 C:\WINDOWS\system32\winlogon.exe
1252 C:\WINDOWS\system32\services.exe
1264 C:\WINDOWS\system32\lsass.exe
1456 C:\Programme\Avira\AntiVir Desktop\avguard.exe
932 C:\Programme\Avira\AntiVir Desktop\avshadow.exe
1072 C:\WINDOWS\system32\svchost.exe
1140 svchost.exe
840 C:\WINDOWS\system32\svchost.exe
1352 svchost.exe
1936 svchost.exe
284 C:\WINDOWS\system32\spoolsv.exe
328 C:\Programme\Avira\AntiVir Desktop\sched.exe
452 svchost.exe
600 C:\Programme\Avira\AntiVir Desktop\avmailc.exe
1180 C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
1904 C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
1864 C:\WINDOWS\system32\svchost.exe
1968 C:\WINDOWS\system32\svchost.exe
2016 C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
588 C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
684 C:\WINDOWS\system32\nvsvc32.exe
804 C:\WINDOWS\system32\svchost.exe
1516 C:\WINDOWS\system32\svchost.exe
1820 C:\WINDOWS\system32\searchindexer.exe
1688 C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
1680 C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
3784 alg.exe
2752 C:\WINDOWS\explorer.exe
3020 C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
3024 C:\Programme\TortoiseSVN\bin\TSVNCache.exe
2160 C:\Programme\Analog Devices\Core\smax4pnp.exe
700 C:\Programme\Unlocker\UnlockerAssistant.exe
384 C:\Programme\Avira\AntiVir Desktop\avgnt.exe
3880 C:\WINDOWS\ZSSnp211.exe
3440 C:\WINDOWS\Domino.exe
3512 C:\Programme\TortoiseHg\TortoiseHgOverlayServer.exe
2052 C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
2084 C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
1708 C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
1548 C:\Programme\MMTaskbar\MultiMon.exe
472 C:\Programme\Windows Desktop Search\WindowsSearch.exe
3220 C:\Programme\stickies\stickies.exe
2460 C:\WINDOWS\system32\ctfmon.exe
152 C:\Dokumente und Einstellungen\sebastian\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.53\GoogleCrashHandler.exe
5904 C:\Programme\Gemeinsame Dateien\Adobe\Updater5\AdobeUpdater.exe
3464 C:\Programme\Mozilla Firefox\firefox.exe
6424 C:\WINDOWS\system32\searchprotocolhost.exe
7724 searchfilterhost.exe
3860 C:\Dokumente und Einstellungen\sebastian\Desktop\Virenscanner\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: SAMSUNGSP2004C, Rev: VM100-50

Size Device Name MBR Status
--------------------------------------------
186 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: ADFE55CD0C6ED2E00B22375835E4C2736CE9AD11


Done!
__________________
Antwort

Themen zu Windows XP Recovery, habe ich alles richtig gemacht?
antivir, dateien, desktop, detected, einstellungen, error, fake, firefox, frage, log, malwarebytes, microsoft, neu, ordner, problem, programm, programme, registry, schwarzer desktop, software, system, system neu, tdss, trojaner, trojaner eingefangen, warnung, windows, windows xp


« Virus mit gleichen Problemen wie bei TR/Kazy.mekml.1 | PC friert was soll ich tuen »


Ähnliche Themen: Windows XP Recovery, habe ich alles richtig gemacht?


  1. Habe ich Probleme mit Laptop, scannen - richtig gemacht? auswertung!
    Log-Analyse und Auswertung - 03.07.2014 (15)
  2. Ich habe einen Trojaner (Logfile gemacht)
    Log-Analyse und Auswertung - 28.08.2013 (11)
  3. GVU Trojaner soweit alles gemacht leider fehlt mir der post
    Plagegeister aller Art und deren Bekämpfung - 29.06.2013 (13)
  4. versuch mit OTL trojaner PUM.UserWLoad und Trojan.Agent zu entfernen.. hoffe habe alles richtig gemacht
    Log-Analyse und Auswertung - 23.06.2013 (3)
  5. kann keine Windows Updates machen alles wird wieder rückgängig gemacht, habe auch die csrss.exe zweimal
    Log-Analyse und Auswertung - 17.03.2013 (21)
  6. ich glaub ich habe einen virus(trojaner>JS/Exploit-Blacole.ht< unter anderen.) sorry habe im ersten thema so ziemlich alles falsch gemacht
    Mülltonne - 21.12.2012 (4)
  7. Verschlüsselungstrojaner auf xp jetzt Vista - alles falsch gemacht
    Plagegeister aller Art und deren Bekämpfung - 25.05.2012 (1)
  8. Smart Fortress 2012 entfernt - habe ich das SAUBER gemacht?
    Plagegeister aller Art und deren Bekämpfung - 06.04.2012 (19)
  9. Nach Recovery wg BKA-Virus startet Windows nicht mehr richtig.
    Plagegeister aller Art und deren Bekämpfung - 14.09.2011 (9)
  10. recovery virus hat alles lahm gelegt
    Log-Analyse und Auswertung - 25.05.2011 (8)
  11. Ständige abstürze aber nur wenn das i-net an ist...habe mal ein log gemacht
    Log-Analyse und Auswertung - 07.03.2011 (1)
  12. Trojaner msa.exe + Dropper a,b,c,d.exe aus Download Paket. Alles richtig gemacht?
    Plagegeister aller Art und deren Bekämpfung - 04.01.2010 (3)
  13. Habe ich etwas falsch gemacht?
    Mülltonne - 31.12.2008 (0)
  14. Recovery CD löscht alles?
    Plagegeister aller Art und deren Bekämpfung - 16.08.2008 (8)
  15. Bitte um Hilfe bei auswertung, habe so was noch nie gemacht. danke
    Log-Analyse und Auswertung - 29.04.2007 (8)
  16. Smitfraud.c alles gemacht,aber immer noch bluescreen
    Plagegeister aller Art und deren Bekämpfung - 12.07.2005 (4)
  17. Aurora Bitte um Hilfe habe schon alles gemacht was ich finden konnte!!
    Log-Analyse und Auswertung - 14.06.2005 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows XP Recovery, habe ich alles richtig gemacht? - Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ - Windows XP Recovery, habe ich alles richtig gemacht?...
Archiv
Du betrachtest: Windows XP Recovery, habe ich alles richtig gemacht? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55