Trojaner-Board - Outlook, Word und Firefox schliessen sich selbständig!Eventuell ein Virus eingefangen?

So ComboFix ist erledigt hier das Log

Combofix Logfile:

Code:

ComboFix 11-03-02.01 - *** 02.03.2011  22:37:12.1.1 - x86

Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.1919.1442 [GMT 1:00]

ausgeführt von:: c:\dokumente und einstellungen\***\Desktop\cofi.exe

AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

.
  ADS - WINDOWS: deleted 72 bytes in 1 streams. 
 

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.
 

c:\dokumente und einstellungen\***\Anwendungsdaten\inst.exe

c:\dokumente und einstellungen\***\Anwendungsdaten\PriceGong

c:\dokumente und einstellungen\***\Anwendungsdaten\PriceGong\Data\1.xml

c:\dokumente und einstellungen\***\Anwendungsdaten\PriceGong\Data\a.xml

c:\dokumente und einstellungen\***\Anwendungsdaten\PriceGong\Data\b.xml

c:\dokumente und einstellungen\***\Anwendungsdaten\PriceGong\Data\c.xml

c:\dokumente und einstellungen\***\Anwendungsdaten\PriceGong\Data\d.xml

c:\dokumente und einstellungen\***\Anwendungsdaten\PriceGong\Data\e.xml

c:\dokumente und einstellungen\***\Anwendungsdaten\PriceGong\Data\f.xml

c:\dokumente und einstellungen\***\Anwendungsdaten\PriceGong\Data\g.xml

c:\dokumente und einstellungen\***\Anwendungsdaten\PriceGong\Data\h.xml

c:\dokumente und einstellungen\***\Anwendungsdaten\PriceGong\Data\i.xml

c:\dokumente und einstellungen\***\Anwendungsdaten\PriceGong\Data\J.xml

c:\dokumente und einstellungen\***\Anwendungsdaten\PriceGong\Data\k.xml

c:\dokumente und einstellungen\***\Anwendungsdaten\PriceGong\Data\l.xml

c:\dokumente und einstellungen\***\Anwendungsdaten\PriceGong\Data\m.xml

c:\dokumente und einstellungen\***\Anwendungsdaten\PriceGong\Data\mru.xml

c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\PriceGong\Data\n.xml

c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\PriceGong\Data\o.xml

c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\PriceGong\Data\p.xml

c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\PriceGong\Data\q.xml

c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\PriceGong\Data\r.xml

c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\PriceGong\Data\s.xml

c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\PriceGong\Data\t.xml

c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\PriceGong\Data\u.xml

c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\PriceGong\Data\v.xml

c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\PriceGong\Data\w.xml

c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\PriceGong\Data\x.xml

c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\PriceGong\Data\y.xml

c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\PriceGong\Data\z.xml
 

.

(((((((((((((((((((((((   Dateien erstellt von 2011-02-02 bis 2011-03-02  ))))))))))))))))))))))))))))))

.
 

2011-03-02 20:35 . 2011-03-02 20:35        --------        d-----w-        c:\programme\Gemeinsame Dateien\Java

2011-03-02 20:08 . 2011-03-02 20:08        --------        d-----w-        c:\windows\Internet Logs

2011-02-28 19:04 . 2011-02-28 19:04        388096        ----a-r-        c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-02-28 19:04 . 2011-02-28 19:04        --------        d-----w-        c:\programme\hjt

2011-02-28 18:40 . 2011-02-28 18:40        --------        d-----w-        c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\Malwarebytes

2011-02-28 18:40 . 2010-12-20 17:09        38224        ----a-w-        c:\windows\system32\drivers\mbamswissarmy.sys

2011-02-28 18:40 . 2011-02-28 18:40        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes

2011-02-28 18:40 . 2011-02-28 18:40        --------        d-----w-        c:\programme\Malwarebytes' Anti-Malware

2011-02-28 18:40 . 2010-12-20 17:08        20952        ----a-w-        c:\windows\system32\drivers\mbam.sys

2011-02-27 17:17 . 2011-02-27 17:17        --------        d-----w-        c:\programme\Gemeinsame Dateien\Skype

2011-02-25 15:02 . 2011-03-02 20:30        25048        ----a-w-        c:\programme\Mozilla Firefox\components\browserdirprovider.dll

2011-02-25 15:02 . 2011-03-02 20:30        140248        ----a-w-        c:\programme\Mozilla Firefox\components\brwsrcmp.dll

2011-02-24 17:03 . 2011-02-24 17:03        --------        d-----w-        c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\CheckPoint

2011-02-24 16:58 . 2011-02-24 16:58        --------        d-----w-        c:\programme\CheckPoint

2011-02-24 16:58 . 2010-06-28 12:00        46592        ----a-w-        c:\windows\system32\vsutil_loc0407.dll

2011-02-19 22:49 . 2011-02-28 18:52        --------        d-----w-        c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\Ytyrb

2011-02-19 22:49 . 2011-02-28 15:24        --------        d-----w-        c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\Ydco

2011-02-16 17:58 . 2009-09-04 16:29        1974616        ----a-w-        c:\windows\system32\D3DCompiler_42.dll

2011-02-16 17:57 . 2009-09-04 16:29        1892184        ----a-w-        c:\windows\system32\D3DX9_42.dll

2011-02-16 17:57 . 2011-02-16 17:57        --------        d-----w-        c:\windows\Logs

2011-02-16 17:57 . 2011-02-24 16:41        --------        d-----w-        c:\programme\Boxee

2011-02-06 14:24 . 2011-02-06 17:29        --------        d-----w-        C:\HDW20_TMP

2011-02-06 14:00 . 2011-02-06 14:00        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Panasonic

2011-02-06 14:00 . 2011-02-06 14:00        --------        d-----w-        c:\dokumente und einstellungen\Dani und Holger\Lokale Einstellungen\Anwendungsdaten\Panasonic

2011-02-06 13:50 . 2006-02-20 18:17        33408        ----a-w-        c:\windows\system32\drivers\cdrbsdrv.sys

2011-02-06 13:50 . 2007-06-15 11:57        59488        ----a-w-        c:\windows\system32\GenSvcInst.exe

2011-02-06 13:50 . 2007-06-15 11:57        145504        ----a-w-        c:\windows\system32\bgsvcgen.exe

2011-02-06 13:50 . 2011-02-06 13:50        --------        d-----w-        c:\programme\Gemeinsame Dateien\Panasonic

2011-02-06 13:50 . 2011-02-06 13:50        --------        d-----w-        c:\programme\Panasonic

2011-02-06 13:49 . 2011-02-06 13:49        --------        d-----w-        c:\programme\Microsoft Synchronization Services

2011-02-06 13:49 . 2011-02-06 13:49        --------        d-----w-        c:\programme\Microsoft SQL Server Compact Edition
 

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-02-02 20:40 . 2010-06-03 20:19        472808        ----a-w-        c:\windows\system32\deployJava1.dll

2011-02-02 18:19 . 2008-03-30 11:18        73728        ----a-w-        c:\windows\system32\javacpl.cpl

2011-01-27 16:15 . 2010-10-30 12:53        307200        ----a-w-        c:\windows\system32\TubeFinder.exe

2010-12-20 12:21 . 2009-03-21 16:43        135096        ----a-w-        c:\windows\system32\drivers\avipbb.sys

.
 

------- Sigcheck -------
 

[-] 2007-12-08 . 8B9C4948BE88BB7DF9CB4709422F6F9F . 3592192 . . [7.00.6000.16608] . . c:\windows\SoftwareDistribution\Download\aee7deba6e651119d2498bdb2b4d46fe\SP2GDR\mshtml.dll

[-] 2007-12-08 . 8B9C4948BE88BB7DF9CB4709422F6F9F . 3592192 . . [7.00.6000.16608] . . c:\windows\system32\mshtml.dll

[-] 2007-12-08 . 8B9C4948BE88BB7DF9CB4709422F6F9F . 3592192 . . [7.00.6000.16608] . . c:\windows\system32\dllcache\mshtml.dll

[-] 2007-12-07 . 3C961503B4078281DCFC65DC4658C08B . 3080192 . . [6.00.2900.3268] . . c:\windows\SoftwareDistribution\Download\5196d7f46900f46bf7afb26dbdeff466\sp2gdr\mshtml.dll

[-] 2007-12-07 . 7A978C65E142C65E349C22E6D7E367E5 . 3593216 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll

[-] 2007-12-07 . 7A978C65E142C65E349C22E6D7E367E5 . 3593216 . . [7.00.6000.20733] . . c:\windows\SoftwareDistribution\Download\aee7deba6e651119d2498bdb2b4d46fe\SP2QFE\mshtml.dll

[-] 2007-12-07 . 35161A288701DCCF7951D9BA647A9F52 . 3087360 . . [6.00.2900.3268] . . c:\windows\SoftwareDistribution\Download\5196d7f46900f46bf7afb26dbdeff466\sp2qfe\mshtml.dll

[7] 2007-12-01 . 3ED4B10AE6142E7A494103A7DC3986F3 . 3087872 . . [6.00.2900.3264] . . c:\windows\ServicePackFiles\i386\mshtml.dll

[-] 2007-10-31 . 5D9F03E82039EB2BACB33370A707A119 . 3590656 . . [7.00.6000.16587] . . c:\windows\ie7updates\KB944533-IE7\mshtml.dll

[-] 2007-10-31 . 5D9F03E82039EB2BACB33370A707A119 . 3590656 . . [7.00.6000.16587] . . c:\windows\SoftwareDistribution\Download\8d333cb458091558bf955796ab78bb53\SP2GDR\mshtml.dll

[-] 2007-10-30 . D7F894D0F9D7662366D1E0EE6800C771 . 3593216 . . [7.00.6000.20710] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll

[-] 2007-10-30 . D7F894D0F9D7662366D1E0EE6800C771 . 3593216 . . [7.00.6000.20710] . . c:\windows\SoftwareDistribution\Download\8d333cb458091558bf955796ab78bb53\SP2QFE\mshtml.dll

[7] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB942615-IE7\mshtml.dll

[7] 2004-08-04 . CAC51AD576713E5F0CE2251ED3A7FE82 . 3003392 . . [6.00.2900.2180] . . c:\windows\ie7\mshtml.dll
 

[-] 2007-12-07 . BA4D7D3098E2BA8AEA34A19BBECF9962 . 824832 . . [7.00.6000.16608] . . c:\windows\SoftwareDistribution\Download\aee7deba6e651119d2498bdb2b4d46fe\SP2GDR\wininet.dll

[-] 2007-12-07 . BA4D7D3098E2BA8AEA34A19BBECF9962 . 824832 . . [7.00.6000.16608] . . c:\windows\system32\wininet.dll

[-] 2007-12-07 . BA4D7D3098E2BA8AEA34A19BBECF9962 . 824832 . . [7.00.6000.16608] . . c:\windows\system32\dllcache\wininet.dll

[-] 2007-12-07 . 16EF6865A405134CE64A3AA6CEF6C69F . 825344 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll

[-] 2007-12-07 . 16EF6865A405134CE64A3AA6CEF6C69F . 825344 . . [7.00.6000.20733] . . c:\windows\SoftwareDistribution\Download\aee7deba6e651119d2498bdb2b4d46fe\SP2QFE\wininet.dll

[-] 2007-12-07 . 84E9262ED72810CFF255BEFD188D4038 . 665088 . . [6.00.2900.3268] . . c:\windows\SoftwareDistribution\Download\5196d7f46900f46bf7afb26dbdeff466\sp2gdr\wininet.dll

[-] 2007-12-07 . 273F4B37B80C8D398713A88B788FE59B . 671744 . . [6.00.2900.3268] . . c:\windows\SoftwareDistribution\Download\5196d7f46900f46bf7afb26dbdeff466\sp2qfe\wininet.dll

[7] 2007-12-01 . 209D7D0B65DF0BCF188F8D4276EB7D3D . 671744 . . [6.00.2900.3264] . . c:\windows\ServicePackFiles\i386\wininet.dll

[-] 2007-10-10 . FA5FA22E6F36F8453E9377810B3F9939 . 824832 . . [7.00.6000.16574] . . c:\windows\ie7updates\KB944533-IE7\wininet.dll

[-] 2007-10-10 . FA5FA22E6F36F8453E9377810B3F9939 . 824832 . . [7.00.6000.16574] . . c:\windows\SoftwareDistribution\Download\8d333cb458091558bf955796ab78bb53\SP2GDR\wininet.dll

[-] 2007-10-10 . 6A1AEF7B9E513ACB566B16B0BA133C7C . 825344 . . [7.00.6000.20696] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll

[-] 2007-10-10 . 6A1AEF7B9E513ACB566B16B0BA133C7C . 825344 . . [7.00.6000.20696] . . c:\windows\SoftwareDistribution\Download\8d333cb458091558bf955796ab78bb53\SP2QFE\wininet.dll

[7] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB942615-IE7\wininet.dll

[7] 2004-08-04 . B1A1DA99C4A6EBFD59F86A453BF02F39 . 662016 . . [6.00.2900.2180] . . c:\windows\ie7\wininet.dll
 

[-] 2007-12-06 . 2703D940A62B731AA220529DD7331A78 . 625664 . . [7.00.6000.16608] . . c:\windows\SoftwareDistribution\Download\aee7deba6e651119d2498bdb2b4d46fe\SP2GDR\iexplore.exe

[-] 2007-12-06 . 2703D940A62B731AA220529DD7331A78 . 625664 . . [7.00.6000.16608] . . c:\windows\system32\dllcache\iexplore.exe

[-] 2007-12-06 . 809D17D8FA0FDAEE07778CD821CAFFDE . 625664 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe

[-] 2007-12-06 . 809D17D8FA0FDAEE07778CD821CAFFDE . 625664 . . [7.00.6000.20733] . . c:\windows\SoftwareDistribution\Download\aee7deba6e651119d2498bdb2b4d46fe\SP2QFE\iexplore.exe

[7] 2007-12-01 . 365CDFC2C5AA2FCFD9985805D8623E5E . 93184 . . [6.00.2900.3264] . . c:\windows\ServicePackFiles\i386\iexplore.exe

[-] 2007-10-10 . E854D02E4231F704D9BE782A424E6D8B . 625152 . . [7.00.6000.16574] . . c:\windows\ie7updates\KB944533-IE7\iexplore.exe

[-] 2007-10-10 . E854D02E4231F704D9BE782A424E6D8B . 625152 . . [7.00.6000.16574] . . c:\windows\SoftwareDistribution\Download\8d333cb458091558bf955796ab78bb53\SP2GDR\iexplore.exe

[-] 2007-10-10 . 632BDE0179847234433CA50945442ACB . 625664 . . [7.00.6000.20696] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe

[-] 2007-10-10 . 632BDE0179847234433CA50945442ACB . 625664 . . [7.00.6000.20696] . . c:\windows\SoftwareDistribution\Download\8d333cb458091558bf955796ab78bb53\SP2QFE\iexplore.exe

[7] 2007-08-13 . DE49B348A18369B4626FBA1D49B07FB4 . 622080 . . [7.00.5730.13] . . c:\windows\ie7updates\KB942615-IE7\iexplore.exe

[7] 2004-08-04 . B39A6AF04A431E317C85BF061719E705 . 93184 . . [6.00.2900.2180] . . c:\windows\ie7\iexplore.exe

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4
 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\programme\DVDVideoSoftTB\tbDVD0.dll" [2010-10-18 3908192]
 

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

2010-10-18 10:26        3908192        ----a-w-        c:\programme\DVDVideoSoftTB\tbDVD0.dll
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\programme\DVDVideoSoftTB\tbDVD0.dll" [2010-10-18 3908192]
 

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\programme\DVDVideoSoftTB\tbDVD0.dll" [2010-10-18 3908192]
 

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SpybotSD TeaTimer"="c:\programme\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 2097488]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Hcontrol"="c:\windows\Hcontrol.exe" [2002-01-08 53248]

"Power_Gear"="c:\programme\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]

"ATKHOTKEY"="c:\programme\ATK Hotkey\Hcontrol.exe" [2007-07-12 225280]

"RTHDCPL"="RTHDCPL.EXE" [2007-09-03 16841216]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-08-16 81920]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-08-16 8478720]

"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2010-11-04 281768]

"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]

"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-10-03 39792]

"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-10-29 249064]
 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2007-12-01 15360]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"
 

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^HD Writer.lnk]

path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\HD Writer.lnk

backup=c:\windows\pss\HD Writer.lnkCommon Startup
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]

c:\programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer [X]
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACU]

2007-05-03 16:42        376921        ----a-w-        c:\programme\Atheros\ACU.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2009-10-03 09:45        39792        ----a-w-        c:\programme\Adobe\Reader 8.0\Reader\reader_sl.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]

2008-10-25 10:44        31072        ----a-w-        c:\programme\Microsoft Office\Office12\GrooveMonitor.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]

2010-03-04 13:10        2192672        ----a-w-        d:\programme\Nokia\Ovi Player\NokiaOviPlayer.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2011-01-26 16:05        15026056        ----a-r-        c:\programme\Skype\Phone\Skype.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"LightScribeService"=2 (0x2)

"InCDsrv"=2 (0x2)
 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)
 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Programme\\Skype\\Plugin Manager\\skypePM.exe"=

"c:\\Programme\\Skype\\Phone\\Skype.exe"=
 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundEchoRequest"= 1 (0x1)

"AllowInboundTimestampRequest"= 1 (0x1)

"AllowInboundMaskRequest"= 1 (0x1)

"AllowInboundRouterRequest"= 1 (0x1)

"AllowOutboundDestinationUnreachable"= 1 (0x1)

"AllowOutboundSourceQuench"= 1 (0x1)

"AllowOutboundParameterProblem"= 1 (0x1)

"AllowOutboundTimeExceeded"= 1 (0x1)

"AllowRedirect"= 1 (0x1)

"AllowOutboundPacketTooBig"= 1 (0x1)
 

R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [21.03.2009 17:43 135336]

R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\system32\StkCSrv.exe [07.11.2010 19:39 24576]

R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\drivers\StkCMini.sys [07.11.2010 19:39 1260672]

S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [01.06.2009 18:09 32377]
 

--- Andere Dienste/Treiber im Speicher ---
 

*NewlyCreated* - JAVAQUICKSTARTERSERVICE
 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12        REG_MULTI_SZ           Pml Driver HPZ12 Net Driver HPZ12

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050

IE: Free YouTube Download - c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubedownload.htm

IE: Free YouTube to Mp3 Converter - c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm

IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000

FF - ProfilePath - c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\Mozilla\Firefox\Profiles\yf2h6dxp.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

FF - Ext: British English Dictionary: en-GB@dictionaries.addons.mozilla.org - %profile%\extensions\en-GB@dictionaries.addons.mozilla.org

FF - Ext: United States English Spellchecker: en-US@dictionaries.addons.mozilla.org - %profile%\extensions\en-US@dictionaries.addons.mozilla.org

FF - Ext: Dizionario italiano: it-IT@dictionaries.addons.mozilla.org - %profile%\extensions\it-IT@dictionaries.addons.mozilla.org

FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\programme\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension

FF - Ext: Java Quick Starter: jqs@sun.com - c:\programme\Java\jre6\lib\deploy\jqs\ff

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -
 

BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)

MSConfigStartUp-Acronis Scheduler2 Service - c:\programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe

MSConfigStartUp-AcronisTimounterMonitor - c:\programme\Acronis\TrueImageHome\TimounterMonitor.exe

MSConfigStartUp-ASUS Live Update - c:\programme\ASUS\ASUS Live Update\ALU.exe

MSConfigStartUp-InCD - c:\programme\Nero\Nero 7\InCD\InCD.exe

MSConfigStartUp-NeroFilterCheck - c:\programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe

MSConfigStartUp-PCSuiteTrayApplication - c:\programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe

MSConfigStartUp-SunJavaUpdateSched - c:\programme\Java\jre6\bin\jusched.exe

MSConfigStartUp-TrueImageMonitor - c:\programme\Acronis\TrueImageHome\TrueImageMonitor.exe

MSConfigStartUp-{AE8C5660-6896-6698-C72B-73DA2A7DA810} - c:\dokumente und einstellungen\Dani und Holger\Anwendungsdaten\Ytyrb\asihy.exe
 
 
 

**************************************************************************
 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net

Rootkit scan 2011-03-02 22:40

Windows 5.1.2600 Service Pack 3, v.3264 NTFS
 

Scanne versteckte Prozesse... 
 

Scanne versteckte Autostarteinträge... 
 

Scanne versteckte Dateien... 
 

Scan erfolgreich abgeschlossen

versteckte Dateien: 0
 

**************************************************************************

.

Zeit der Fertigstellung: 2011-03-02  22:42:18

ComboFix-quarantined-files.txt  2011-03-02 21:42
 

Vor Suchlauf: 10 Verzeichnis(se), 14.538.567.680 Bytes frei

Nach Suchlauf: 13 Verzeichnis(se), 14.522.417.152 Bytes frei
 

WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /noguiboot
 

- - End Of File - - 3E66746B23FA400BDCF452C5C2412873

--- --- ---

Hallo Arne,

hier die gewünschten Daten.

GMER:

GMER Logfile:

Code:

GMER 1.0.15.15530 - hxxp://www.gmer.net

Rootkit scan 2011-03-02 23:45:22

Windows 5.1.2600 Service Pack 3, v.3264 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e ST9120822AS rev.3.ALC

Running: qgu09epx.exe; Driver: C:\DOKUME~1\DANIUN~1\LOKALE~1\Temp\kxtdrpob.sys
 
 

---- System - GMER 1.0.15 ----
 

SSDT            BAF70026                                                                       ZwCreateKey

SSDT            BAF7001C                                                                       ZwCreateThread

SSDT            BAF7002B                                                                       ZwDeleteKey

SSDT            BAF70035                                                                       ZwDeleteValueKey

SSDT            BAF7003A                                                                       ZwLoadKey

SSDT            BAF70008                                                                       ZwOpenProcess

SSDT            BAF7000D                                                                       ZwOpenThread

SSDT            BAF70044                                                                       ZwReplaceKey

SSDT            BAF7003F                                                                       ZwRestoreKey

SSDT            BAF70030                                                                       ZwSetValueKey
 

Code            \??\C:\DOKUME~1\DANIUN~1\LOKALE~1\Temp\catchme.sys                             pIofCallDriver
 

---- Kernel code sections - GMER 1.0.15 ----
 

.text           C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                       section is writeable [0xB9B1B360, 0x305987, 0xE8000020]

?               C:\WINDOWS\system32\Drivers\PROCEXP113.SYS                                     Das System kann die angegebene Datei nicht finden. !

?               C:\DOKUME~1\DANIUN~1\LOKALE~1\Temp\catchme.sys                                 Das System kann die angegebene Datei nicht finden. !
 

---- Devices - GMER 1.0.15 ----
 

Device          \FileSystem\Fastfat \Fat                                                       B2DA5D20
 

AttachedDevice  \FileSystem\Fastfat \Fat                                                       fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
 

---- Registry - GMER 1.0.15 ----
 

Reg             HKLM\SYSTEM\ControlSet001\Control\Session Manager@PendingFileRenameOperations  ???$?#???????????@???????????????*??????????????????????????????????????????{17CCA71B-ECD7-11D0-B908-00A0C9223196}??t????%???????????????????????s???????????%???????????s??????????????????????????#??*?????%??????????????? ???????????????????%?!??????????ex&????????????????????l???????????c???y??? ???????????????????%?!????????2?l.&????????????????????u????2??%???p??r.??Abtastratenkonvertierung?d???????????c???y???%?%dl??? ???????????????????%?!??????????,n&????????????????????c???????%???c??,n??SuperMix?????????????n???y???%?%,n??? ???????????????????%?!??????????vd&????????????????????,???????%???m??vr??Multiplexer?a.???????????h???y???%?%.h??? ???????????????????%?!??????????.c&????????????????????e???????%???e??ll??Demultiplexer????????????p???y???%?%vd??? ???????????????????%?!??????????vr&????????????????????v???????%???w??el??Summe????????????v???y???%?%,n??? ???????????????????%?!??????????nv&????????????????????p???????%???l??nv??Stummschaltung?ng.???????????.???y???%?%ng??? ???????????????????%?!???
 

---- EOF - GMER 1.0.15 ----

--- --- ---

OSAM:

OSAM Logfile:

Code:

Report of OSAM: Autorun Manager v5.0.11926.0

hxxp://www.online-solutions.ru/en/

Saved at 19:11:42 on 04.03.2011
 

OS: Windows XP Home Edition Service Pack 3, v.3264 (Build 2600)

Default Browser: Mozilla Corporation Firefox 3.6.14
 

Scanner Settings

[x] Rootkits detection (hidden registry)

[x] Rootkits detection (hidden files)

[x] Retrieve files information

[x] Check Microsoft signatures
 

Filters

[ ] Trusted entries

[ ] Empty entries

[x] Hidden registry entries (rootkit activity)

[x] Exclusively opened files

[x] Not found files

[x] Files without detailed information

[x] Existing files

[ ] Non-startable services

[ ] Non-startable drivers

[x] Active entries

[x] Disabled entries
 
 

[Control Panel Objects]

-----( %SystemRoot%\system32 )-----

"inetcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\inetcpl.cpl

"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl

"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl

"nvcpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.cpl

"nvtuicpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvtuicpl.cpl

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----

"Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl

"Avira AntiVir PersonalEdition Classic " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl

"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\MLCFG32.CPL

"Nero BurnRights" - "Nero AG" - C:\Programme\Nero\Nero 9\Nero BurnRights\NeroBurnRights_cpl.cpl
 

[Drivers]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"ASNDIS5 Protocol Driver" (ASNDIS5) - "Printing Communications Assoc., Inc. (PCAUSA)" - C:\PROGRA~1\ATKHOT~1\ASNDIS5.SYS

"avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys

"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys

"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys

"BVRPMPR5 NDIS Protocol Driver" (BVRPMPR5) - "BVRP Software" - C:\WINDOWS\system32\drivers\BVRPMPR5.SYS

"catchme" (catchme) - ? - C:\DOKUME~1\DANIUN~1\LOKALE~1\Temp\catchme.sys  (File not found)

"cdrbsdrv" (cdrbsdrv) - "B.H.A Corporation" - C:\WINDOWS\system32\drivers\cdrbsdrv.sys

"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)

"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)

"Keyboard Filter" (kbfiltr) - " " - C:\WINDOWS\System32\DRIVERS\kbfiltr.sys

"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)

"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)

"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)

"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)

"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)

"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)

"PnkBstrK" (PnkBstrK) - ? - C:\WINDOWS\system32\drivers\PnkBstrK.sys  (File found, but it contains no detailed information)

"PRODIGY" (PRODIGY) - "B-phreaks" - C:\WINDOWS\System32\Drivers\PRODIGY.SYS

"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys

"Redirector für WebDav-Client" (MRxDAV) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mrxdav.sys

"Sony Ericsson W800 driver (WDM)" (w800bus) - "MCCI" - C:\WINDOWS\System32\DRIVERS\w800bus.sys

"Sony Ericsson W800 USB WMC Device Management Drivers" (w800mgmt) - "MCCI" - C:\WINDOWS\System32\DRIVERS\w800mgmt.sys

"Sony Ericsson W800 USB WMC Modem Drivers" (w800mdm) - "MCCI" - C:\WINDOWS\System32\DRIVERS\w800mdm.sys

"Sony Ericsson W800 USB WMC Modem Filter" (w800mdfl) - "MCCI" - C:\WINDOWS\System32\DRIVERS\w800mdfl.sys

"Sony Ericsson W800 USB WMC OBEX Interface Drivers" (w800obex) - "MCCI" - C:\WINDOWS\System32\DRIVERS\w800obex.sys

"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys

"StarOpen" (StarOpen) - ? - C:\WINDOWS\system32\drivers\StarOpen.sys  (File not found)

"VSO Software pcouffin" (pcouffin) - "VSO Software" - C:\WINDOWS\System32\Drivers\pcouffin.sys

"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)
 

[Explorer]

-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----

<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} "IE7 Uninstall Stub" - "Microsoft Corporation" - C:\WINDOWS\system32\ieudinit.exe

{6BF52A52-394A-11d3-B153-00C04F79FAA6} "Microsoft Windows Media Player" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub

{44BBA842-CC51-11CF-AAFA-00AA00B6015B} "NetMeeting 3.01" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install

{5945c046-1e7d-11d1-bc44-00c04fd912be} "Windows Messenger 4.7" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----

{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll

-----( HKLM\Software\Classes\Protocols\Filter )-----

{32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} "AP Class Install Handler filter" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll

{8f6b0360-b80d-11d0-a9b3-006097942311} "AP encoding/decoding Filters" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll

{8f6b0360-b80d-11d0-a9b3-006097942311} "AP encoding/decoding Filters" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll

{8f6b0360-b80d-11d0-a9b3-006097942311} "AP encoding/decoding Filters" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll

{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll

{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll

{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll

{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

-----( HKLM\Software\Classes\Protocols\Handler )-----

{3dd53d40-7b8b-11D0-b013-00aa0059ce02} "CDL: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll

{79eac9e7-baf9-11ce-8c82-00aa004ba90b} "file:, local: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll

{79eac9e7-baf9-11ce-8c82-00aa004ba90b} "file:, local: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll

{79eac9e3-baf9-11ce-8c82-00aa004ba90b} "ftp: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll

{79eac9e4-baf9-11ce-8c82-00aa004ba90b} "gopher: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll

{79eac9e2-baf9-11ce-8c82-00aa004ba90b} "http: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll

{79eac9e5-baf9-11ce-8c82-00aa004ba90b} "https: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll

{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll

{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL

{88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll

{3050F406-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML About Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll

{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Javascript Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll

{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Javascript Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll

{3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Mailto Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll

{3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Resource Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll

{76E67A63-06E9-11D2-A840-006008059382} "Microsoft HTML Resource Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll

{79eac9e6-baf9-11ce-8c82-00aa004ba90b} "mk: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll

{91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler )-----

{438755C2-A8BA-11D1-B96B-00A0C90312E1} "Browseui preloader" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{8C7461EF-2B13-11d2-BE35-3078302C2030} "Component Categories cache daemon" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----

{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----

{01E04581-4EEE-11d0-BFE9-00AA005B4383} "&Adresse" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{F2CF5485-4E02-4f68-819C-B92DE9277049} "&Links" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{7e653215-fa25-46bd-a339-34a2790f3cb7} "Accessible" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{88C6C381-2E85-11D0-94DE-444553540000} "ActiveX Cache Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\occache.dll

{A08C11D2-A228-11d0-825B-00AA005B4383} "Address EditBox" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{91EA3F8B-C99B-11d0-9815-00C04FD91972} "Augmented Shell Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{6413BA2C-B461-11d1-A18A-080036B11A03} "Augmented Shell Folder 2" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} "Ausführen..." - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll

{F61FFEC1-754F-11d0-80CA-00AA005B4383} "BandProxy" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{67EA19A0-CCEF-11d0-8024-00C04FD75D13} "CDF Extension Copy Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll

{7D559C10-9FE9-11d0-93F7-00AA0059CE02} "Code Download Agent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll

{E6CC6978-6B6E-11D0-BECA-00C04FD940BE} "ConnectionAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll

{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll  (File not found)

{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} "Custom MRU AutoCompleted List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll

{1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll

{22BF0C20-6DA7-11D0-B373-00A0C9034938} "Download Status" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0} "E-Mail" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll

{EFA24E64-B078-11d0-89E4-00C04FC9E26E} "Explorer-Band" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll

{EFA24E61-B078-11d0-89E4-00C04FC9E26E} "Favorites Band" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll

{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "Global Folder Settings" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll

{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll

{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll

{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll

{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll

{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll

{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll

{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll

{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll

{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll

{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll

{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0} "Hilfe und Support" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll

{FF393560-C2A7-11CF-BFF4-444553540000} "History" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{3028902F-6374-48b2-8DC6-9725E775B926} "IE AutoComplete" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{73CFD649-CD48-4fd8-A272-2070EA56526B} "IE BandProxy" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} "IE Custom MRU AutoCompleted List" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{1C1EDB47-CE22-4bbb-B608-77B48F83C823} "IE Fade Task" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{6CF48EF8-44CD-45d2-8832-A16EA016311B} "IE IShellFolderBand" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{4B78D326-D922-44f9-AF2A-07805C2A3560} "IE Menu Band" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{205D7A97-F16D-4691-86EF-F3075DCCA57D} "IE Menu Desk Bar" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{44C76ECD-F7FA-411c-9929-1B77BA77F524} "IE Menu Site" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{07C45BB1-4A8C-4642-A1F5-237E7215FF66} "IE Microsoft BrowserBand" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{6038EF75-ABFC-4e59-AB6F-12D397F6568D} "IE Microsoft History AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{B31C5FAE-961F-415b-BAF0-E697A5178B94} "IE Microsoft Multiple AutoComplete List Container" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} "IE Microsoft Shell Folder AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} "IE MRU AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{43886CD5-6529-41c4-A707-7B3C92C05E68} "IE Navigation Bar" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} "IE Registry Tree Options Utility" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} "IE RSS Feeds Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{30D02401-6A81-11d0-8274-00C04FD5AE38} "IE Search Band" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{E6EE9AAC-F76B-4947-8260-A9F136138E11} "IE Shell Band Site Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} "IE Shell Rebar BandSite" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} "IE Tracking Shell Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC} "IE4 Suite-Begrüßungsbildschirm" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll

{169A0691-8DF9-11d1-A1C4-00C04FD75D13} "In-pane search" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0} "Internet" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll

{871C5380-42A0-1069-A2EA-08002B30309D} "Internet Name Space" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{FBF23B40-E3F0-101B-8488-00AA003E56F8} "Internet Shortcut" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{131A6951-7F78-11D0-A979-00C04FD705A2} "ISFBand OC" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll

{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)

{00BB2763-6A77-11D0-A535-00C04FD7D062} "Microsoft AutoComplete" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{A5E46E3A-8849-11D1-9D8C-00C04FC99D61} "Microsoft Browser Architecture" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll

{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} "Microsoft Browser Architecture" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{7BA4C742-9E81-11CF-99D3-00AA004AE837} "Microsoft BrowserBand" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{00BB2764-6A77-11D0-A535-00C04FD7D062} "Microsoft History AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{5E6AB780-7743-11CF-A12B-00AA004AE837} "Microsoft Internet Toolbar" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{00BB2765-6A77-11D0-A535-00C04FD7D062} "Microsoft Multiple AutoComplete List Container" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\msohevi.dll

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll

{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\ONFILTER.DLL

{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\MLSHEXT.DLL

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll

{03C036F1-A186-11D0-824A-00AA005B4383} "Microsoft Shell Folder AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{3C374A40-BAE4-11CF-BF7D-00AA006946EE} "Microsoft Url History Service" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{CFBFAE00-17A6-11D0-99CB-00C04FD64497} "Microsoft Url Search Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{6756A641-DE71-11d0-831B-00AA005B4383} "MRU AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Programme\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll

{1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll

{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\OLKFSTUB.DLL

{D8BD2030-6FC9-11D0-864F-00AA006809D9} "PostAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll

{AF4F6510-F982-11d0-8595-00AA004CD6D8} "Registry Tree Options Utility" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{D20EA4E1-3957-11d2-A40B-0C5020524152} "Schriftarten" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll

{9461b922-3c5a-11d2-bf8b-00c04fb93661} "Search Assistant OC" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll

{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0} "Set Program Access and Defaults" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll

{0A89A860-D7B1-11CE-8350-444553540000} "Shell Automation Inproc Service" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll

{ECD4FC4E-521C-11D0-B792-00A0C90312E1} "Shell Band Site Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{ECD4FC4C-521C-11D0-B792-00A0C90312E1} "Shell DeskBar" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{3CCF8A41-5C85-11d0-9796-00AA00B90ADF} "Shell DeskBarApp" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} "Shell DocObject Viewer" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll

{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll

{ECD4FC4D-521C-11D0-B792-00A0C90312E1} "Shell Rebar BandSite" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{21569614-B795-46b1-85F4-E737A8DC09AD} "Shell Search Band" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)

{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll

{F5175861-2688-11d0-9C5E-00AA00A45957} "Subscription Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll

{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} "Subscription Mgr" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll

{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0} "Suchen" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll

{7BD29E00-76C1-11CF-9DD0-00A0C9034933} "Temporary Internet Files" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{7BD29E01-76C1-11CF-9DD0-00A0C9034933} "Temporary Internet Files" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} "The Internet" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

{acf35015-526e-4230-9596-becbe19f0ac9} "Track Popup Bar" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} "TrayAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll

{7376D660-C583-11d0-A3A5-00C04FD706EC} "TridentImageExtractor" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{DD313E04-FEFF-11d1-8ECD-0000F87A470C} "User Assist" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{D20EA4E1-3957-11d2-A40B-0C5020524153} "Verwaltung" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll

{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL

{07798131-AF23-11d1-9111-00A0C98BA67D} "Web Search" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

{E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll

{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} "WebCheck SyncMgr Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll

{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} "WebCheckChannelAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll

{08165EA0-E946-11CF-9C87-00AA005127ED} "WebCheckWebCrawler" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll

{45670FA8-ED97-4F44-BC93-305082590BFB} "Windows XPS Document Metadata Handler" - "Microsoft Corporation" - C:\WINDOWS\System32\XPSSHHDR.DLL

{44121072-A222-48f2-A58A-6D9AD51EBBE9} "Windows XPS Document Thumbnail Handler" - "Microsoft Corporation" - C:\WINDOWS\System32\XPSSHHDR.DLL

{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} "Windows-Sicherheit" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll

{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll  (File found, but it contains no detailed information)

InCDUdfPerm extension "{B3D9AEDE-B2C3-406d-A254-6BE07767B08B}" - ? -   (File not found | COM-object registry key not found)

InCDShellExt extension "{CAE3251E-9B15-4810-B268-852AD9792A59}" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )-----

{E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll
 

[Internet Explorer]

-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----

{EFA24E64-B078-11D0-89E4-00C04FC9E26E} "Explorer-Band" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll

-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----

<binary data> "&Adresse" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll

<binary data> "DVDVideoSoftTB Toolbar" - "Conduit Ltd." - C:\Programme\DVDVideoSoftTB\tbDVD0.dll

<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)

<binary data> "ITBarLayout" - ? -   (File not found | COM-object registry key not found)

<binary data> "{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}" - ? -   (File not found | COM-object registry key not found)

<binary data> "{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}" - ? -   (File not found | COM-object registry key not found)

-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----

{872b5b88-9db5-4310-bdd0-ac189557e5f5} "DVDVideoSoftTB Toolbar" - "Conduit Ltd." - C:\Programme\DVDVideoSoftTB\tbDVD0.dll

{CFBFAE00-17A6-11D0-99CB-00C04FD64497} "Microsoft Url Search Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\ieframe.dll

-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----

{0D41B8C5-2599-4893-8183-00195EC8D5F9} "asusTek_sysctrl Class" - ? - C:\WINDOWS\DOWNLO~1\ASUSTE~1.DLL / hxxp://support.asus.com/common/asusTek_sys_ctrl.cab

{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} "MUWebControl Class" - "Microsoft Corporation" - C:\WINDOWS\system32\muweb.dll / hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1266236137312

{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx / hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

{00000055-9980-0010-8000-00AA00389B71} "{00000055-9980-0010-8000-00AA00389B71}" - ? -   (File not found | COM-object registry key not found) / hxxp://download.microsoft.com/download/A/7/D/A7D1EBE3-8E78-4CBE-B22B-EEECF9E3A1BC/fhg.CAB

{67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} "{67A5F8DC-1A4B-4D66-9F24-A704AD929EEE}" - ? -   (File not found | COM-object registry key not found) / hxxp://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----

{4D5C8C25-D075-11d0-B416-00C04FB90376} "&Tipps und Tricks" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----

{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

{53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" - "Safer Networking Limited" - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL

{898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Plug-In" - "Skype Technologies S.A." - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----

{872b5b88-9db5-4310-bdd0-ac189557e5f5} "DVDVideoSoftTB Toolbar" - "Conduit Ltd." - C:\Programme\DVDVideoSoftTB\tbDVD0.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

{872b5b88-9db5-4310-bdd0-ac189557e5f5} "DVDVideoSoftTB Toolbar" - "Conduit Ltd." - C:\Programme\DVDVideoSoftTB\tbDVD0.dll

{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll

{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll

{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Plug-In" - "Skype Technologies S.A." - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

{53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" - "Safer Networking Limited" - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

{30F9B915-B755-4826-820B-08FBA6BD249D} "{30F9B915-B755-4826-820B-08FBA6BD249D}" - ? -   (File not found | COM-object registry key not found)
 

[Known DLLs]

-----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs )-----

"oleaut32" - "Microsoft Corporation" - C:\WINDOWS\system32\oleaut32.dll

"url" - "Microsoft Corporation" - C:\WINDOWS\system32\url.dll

"urlmon" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll

"wininet" - "Microsoft Corporation" - C:\WINDOWS\system32\wininet.dll
 

[Logon]

-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----

"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini

-----( %UserProfile%\Startmenü\Programme\Autostart )-----

"desktop.ini" - ? - C:\Dokumente und Einstellungen\Dani und Holger\Startmenü\Programme\Autostart\desktop.ini

-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----

"SpybotSD TeaTimer" - "Safer Networking Limited" - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----

"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"

"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"

"ATKHOTKEY" - "ATK0100" - "C:\Programme\ATK Hotkey\Hcontrol.exe"  (File is exclusively opened, access blocked)

"avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min

"Power_Gear" - "ASUSTeK Computer Inc." - C:\Programme\ASUS\Power4 Gear\BatteryLife.exe 1

"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
 

[Network Providers]

-----( HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order )-----

"Atheros Wireless LAN" - ? - C:\WINDOWS\system32\athgina.dll  (File not found)
 

[Print Monitors]

-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----

"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\msonpmon.dll
 

[Services]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

"Atheros-Konfigurationsdienst" (ACS) - "Atheros" - C:\WINDOWS\system32\acs.exe

"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe

"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe

"B's Recorder GOLD Library General Service" (bgsvcgen) - "B.H.A Corporation" - C:\WINDOWS\system32\bgsvcgen.exe

"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe

"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe

"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE

"Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe

"Nero BackItUp Scheduler 4.0" (Nero BackItUp Scheduler 4.0) - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe

"Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\WINDOWS\system32\HPZinw12.dll

"NMIndexingService" (NMIndexingService) - ? - "C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe"  (File not found)

"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE

"Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\WINDOWS\system32\HPZipm12.dll

"ServiceLayer" (ServiceLayer) - "Nokia" - C:\Programme\PC Connectivity Solution\ServiceLayer.exe

"Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
 

[Winlogon]

-----( HKCU\Control Panel\IOProcs )-----

"MVB" - ? - mvfs32.dll  (File not found)

-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )-----

{c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll  (File not found)
 

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

MBRCHECK:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3, v.3264 (build 2600)
Logical Drives Mask: 0x0000003c

Kernel Drivers (total 120):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806D0000 \WINDOWS\system32\hal.dll
0xBADA8000 \WINDOWS\system32\KDCOM.DLL
0xBACB8000 \WINDOWS\system32\BOOTVID.dll
0xBA778000 ACPI.sys
0xBADAA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xBA767000 pci.sys
0xBA8A8000 isapnp.sys
0xBACBC000 compbatt.sys
0xBACC0000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xBAE70000 pciide.sys
0xBAB28000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xBA8B8000 MountMgr.sys
0xBA748000 ftdisk.sys
0xBACC4000 ACPIEC.sys
0xBAE71000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
0xBAB30000 PartMgr.sys
0xBA8C8000 VolSnap.sys
0xBA730000 atapi.sys
0xBA8D8000 disk.sys
0xBA8E8000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xBA710000 fltmgr.sys
0xBA6FE000 sr.sys
0xBA8F8000 PxHelp20.sys
0xBA6E7000 KSecDD.sys
0xBA6D4000 WudfPf.sys
0xBA647000 Ntfs.sys
0xBA61A000 NDIS.sys
0xBA600000 Mup.sys
0xBADB2000 \SystemRoot\system32\DRIVERS\ATKACPI.sys
0xBAA08000 \SystemRoot\system32\DRIVERS\AmdPPM.sys
0xBAA18000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xBADB4000 \SystemRoot\system32\DRIVERS\kbfiltr.sys
0xBABB0000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xBABB8000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xBAD48000 \SystemRoot\system32\DRIVERS\nvsmu.sys
0xBABC0000 \SystemRoot\system32\DRIVERS\usbohci.sys
0xBA594000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xBABC8000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xBAA28000 \SystemRoot\system32\DRIVERS\imapi.sys
0xBAA38000 \SystemRoot\System32\Drivers\cdrbsdrv.SYS
0xBAA48000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xBAA58000 \SystemRoot\system32\DRIVERS\redbook.sys
0xBA571000 \SystemRoot\system32\DRIVERS\ks.sys
0xBA54B000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xBAA68000 \SystemRoot\system32\DRIVERS\nvnetbus.sys
0xBA468000 \SystemRoot\system32\DRIVERS\NVNRM.SYS
0xBA1A2000 \SystemRoot\system32\DRIVERS\athw.sys
0xB9B1B000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xB9B07000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xBAD5C000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xBAFB5000 \SystemRoot\system32\DRIVERS\audstub.sys
0xBAAC8000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xBAD60000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB9AF0000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xBAAD8000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xBAAE8000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xBABE8000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB9A3F000 \SystemRoot\system32\DRIVERS\psched.sys
0xBAAF8000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xBABF0000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xBABF8000 \SystemRoot\system32\DRIVERS\raspti.sys
0xBAB08000 \SystemRoot\system32\DRIVERS\termdd.sys
0xBADC0000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB99E6000 \SystemRoot\system32\DRIVERS\update.sys
0xBAD74000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xBAB18000 \SystemRoot\system32\DRIVERS\wsimd.sys
0xBA938000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xBA948000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xBADC8000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xBA9A8000 \SystemRoot\system32\DRIVERS\NVENETFD.sys
0xB628D000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xB626B000 \SystemRoot\system32\drivers\portcls.sys
0xBA9F8000 \SystemRoot\system32\drivers\drmk.sys
0xB617B000 \SystemRoot\system32\DRIVERS\smserial.sys
0xBAC30000 \SystemRoot\System32\Drivers\Modem.SYS
0xB67D6000 \SystemRoot\system32\drivers\MODEMCSA.sys
0xBADFA000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xBAF7D000 \SystemRoot\System32\Drivers\Null.SYS
0xBADFC000 \SystemRoot\System32\Drivers\Beep.SYS
0xBAC80000 \SystemRoot\System32\drivers\vga.sys
0xBADFE000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xBAE00000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xBAC88000 \SystemRoot\System32\Drivers\Msfs.SYS
0xBAC90000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB67CA000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB60DB000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB6082000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB605A000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB6038000 \SystemRoot\System32\drivers\afd.sys
0xBAA88000 \SystemRoot\system32\DRIVERS\netbios.sys
0xBAC98000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xB5F6D000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB5ED5000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB9AE0000 \SystemRoot\System32\Drivers\Fips.SYS
0xB5EAF000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xB9AD0000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB5E89000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xBAE04000 \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys
0xB9AA0000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xB9A90000 \SystemRoot\system32\drivers\RTSTOR.SYS
0xB5D55000 \SystemRoot\System32\Drivers\StkCMini.sys
0xB5189000 \SystemRoot\System32\Drivers\StkCPipe.sys
0xB5171000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xBAE12000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB684A000 \SystemRoot\System32\drivers\Dxapi.sys
0xBAB88000 \SystemRoot\System32\watchdog.sys
0xBF9C3000 \SystemRoot\System32\drivers\dxg.sys
0xBAEBF000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF9D5000 \SystemRoot\System32\nv4_disp.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xB4453000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xB442F000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB411E000 \SystemRoot\system32\drivers\wdmaud.sys
0xB426B000 \SystemRoot\system32\drivers\sysaudio.sys
0xB4004000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xB3D0A000 \SystemRoot\system32\DRIVERS\srv.sys
0xB3B83000 \??\C:\PROGRA~1\ATKHOT~1\ASNDIS5.SYS
0x7C910000 \WINDOWS\system32\ntdll.dll

Processes (total 46):
0 System Idle Process
4 System
880 C:\WINDOWS\system32\smss.exe
972 csrss.exe
996 C:\WINDOWS\system32\winlogon.exe
1040 C:\WINDOWS\system32\services.exe
1052 C:\WINDOWS\system32\lsass.exe
1212 C:\WINDOWS\system32\svchost.exe
1268 svchost.exe
1308 C:\WINDOWS\system32\svchost.exe
1336 C:\WINDOWS\system32\svchost.exe
1512 svchost.exe
1744 C:\WINDOWS\explorer.exe
1924 C:\WINDOWS\system32\spoolsv.exe
1960 C:\WINDOWS\system32\acs.exe
1984 C:\Programme\Avira\AntiVir Desktop\sched.exe
136 C:\Programme\Avira\AntiVir Desktop\avguard.exe
448 svchost.exe
564 C:\WINDOWS\Hcontrol.exe
644 C:\Programme\ASUS\Power4 Gear\BatteryLife.exe
652 C:\Programme\ATK Hotkey\HControl.exe
676 C:\WINDOWS\RTHDCPL.EXE
696 C:\WINDOWS\system32\rundll32.exe
908 C:\Programme\Avira\AntiVir Desktop\avgnt.exe
916 C:\WINDOWS\ATKOSD.exe
932 C:\Programme\Avira\AntiVir Desktop\avshadow.exe
1524 C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
1540 C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
1888 C:\Programme\Java\jre6\bin\jqs.exe
1368 C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
344 C:\WINDOWS\system32\svchost.exe
392 C:\WINDOWS\system32\nvsvc32.exe
404 C:\WINDOWS\system32\svchost.exe
460 C:\WINDOWS\system32\svchost.exe
560 C:\WINDOWS\system32\StkCSrv.exe
2280 C:\WINDOWS\system32\wbem\wmiapsrv.exe
2360 C:\Programme\ATK Hotkey\KBFiltr.exe
2428 C:\WINDOWS\system32\wscntfy.exe
2444 C:\Programme\ATK Hotkey\WDC.exe
2456 alg.exe
2724 wmiprvse.exe
2340 C:\WINDOWS\system32\ctfmon.exe
2112 C:\Programme\Mozilla Firefox\firefox.exe
2824 C:\Programme\Mozilla Firefox\plugin-container.exe
3860 C:\Dokumente und Einstellungen\Dani und Holger\Desktop\osam.exe
2684 C:\Dokumente und Einstellungen\Dani und Holger\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000001`b5900000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000000f`aee00000 (NTFS)

PhysicalDrive0 Model Number: ST9120822AS, Rev: 3.ALC

Size Device Name MBR Status
--------------------------------------------
111 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: ADFE55CD0C6ED2E00B22375835E4C2736CE9AD11

Done!

Gruß

Holger