die startmelodie stotter und...

kasperhauser · 29.06.2010

mein Laptop braucht seit kurzem voll lange bis er hoch gefahren ist. Ab dem Windows Zeichen bestimmt 3min bis zum Willkommen Bildschirm. und die startmelodie ist verzerrt oder stottert.
brauche unbedingt Hilfe!!!!
die autostart habe ich schon überprüft. und mit tuneup 2010 das System bereinigt. hat aber alles nicht geholfen.

bitte um Rat

balsam60 · 29.06.2010

C:\Dokumente und Einstellungen\Benutzer\Lokale Einstellungen\Temp

Temp schon überprüft und geleert

PCDpan_fee · 29.06.2010

Systemsteuerung - Sounds und Audiogeräte - Registrierkarte Sounds - runterscrollen auf Windows starten und mit der Maus markieren, so das der Eintrag blau hinterlegt ist, ganz unten auf Sounds klicken und in der aufklappenden Liste nach oben scrollen und (Kein) wählen.

pan_fee

kasperhauser · 30.06.2010

balsam60 schrieb:
C:\Dokumente und Einstellungen\Benutzer\Lokale Einstellungen\Temp

Temp schon überprüft und geleert

ja die temp habe ich bereinigt!
ich weiß absolut nicht woran es hängen könnte. Weil er vor 2wochen noch richtig fix war. Virenscann habe ich auch durchgeführt. Auch was gefunden und bereinigt!
:'( :'( :'( :'( :'( :'(

kasperhauser · 30.06.2010

PCDpan_fee schrieb:
Systemsteuerung - Sounds und Audiogeräte - Registrierkarte Sounds - runterscrollen auf Windows starten und mit der Maus markieren, so das der Eintrag blau hinterlegt ist, ganz unten auf Sounds klicken und in der aufklappenden Liste nach oben scrollen und (Kein) wählen.

pan_fee

es geht ja nicht nur drum das die melodie verzerrt ist, sondern das mein laptop auf einmal voll langsam hoch fährt. ab dem xp zeichen bestimmt 3min!

PCDpan_fee · 30.06.2010

wenn der Sound kaputt ist kann Windows sehr wohl Probleme haben mit dem Start.

kasperhauser schrieb:
Virenscann habe ich auch durchgeführt. Auch was gefunden und bereinigt!

da haben wir ja den (evtl.) Übeltäter ....

pan_fee

schrauber · 01.07.2010

hi,

was wurde vom Virenscanner gefunden und wo?

http://www.wintotal-forum.de/index.php/topic,147847.0.html#post_otl
Lade bitte OTL und lass es nach Anleitung laufen. Es enstehen 2 logfiles.

http://www.wintotal-forum.de/index.php/topic,147847.0.html#post_gm
Lade bitte Gmer und lass es nach Anleitung laufen, es ensteht ein logfile.

Poste bitte alle logfiles hier in den thread. Benutze bitte den spoiler-tag um sie zu posten!
http://www.wintotal-forum.de/index.php/topic,156218.0.html

kasperhauser · 04.07.2010

hi,
wollte hier die logfile in einem einsetzen, geht aber leider nicht. Ist viel zu lang überschreitet die 20000 Zeichen. ich könnte dir sie ja als Mail schicken!?

Die Viren die ich gefunden habe: TR/Crypt ZPACK Gem
SPR/Tool NETCAT. B

eos · 04.07.2010

http://www.wintotal-forum.de/index.php/topic,156218.0.html

bitte das versuchen

kasperhauser · 04.07.2010

ich habe das gemacht mit spoiler tag
trotzdem wenn ich das Thema schreiben will,sagt er mir das es soviel Zeichen sind.[br][br]Erstellt am: 04.07.10 um 17:18:20

[br]

kasperhauser schrieb:
ich habe das gemacht mit spoiler tag
trotzdem wenn ich das Thema schreiben will,sagt er mir das es soviel Zeichen sind.

immer wieder bekomme ich das angezeigt Fehler beim Schreiben des Beitrags.
Beitrag hat die max. Länge erreicht (20000 Zeichen).

wenn ich das mit spoiler tag machen will! :|

PCDpan_fee · 05.07.2010

dann teile das Loglile auf 2, 3 oder 4 Postings auf.

pan_fee

kasperhauser · 05.07.2010

ok, dann mache ich das doch!

OTL logfile created on: 04.07.2010 16:21:23 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Dokumente und Einstellungen\unsere liebe\Eigene Dateien\Meine empfangenen Dateien
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

502,00 Mb Total Physical Memory | 101,00 Mb Available Physical Memory | 20,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 55,88 Gb Total Space | 11,61 Gb Free Space | 20,78% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANGEL
Current User Name: admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (All) ==========

PRC - C:\Dokumente und Einstellungen\unsere liebe\Eigene Dateien\Meine empfangenen Dateien\OTL.exe (OldTimer Tools)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\WINDOWS\system32\services.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [RPCSS] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [NETSVCS] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [LOCALSERVICE] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\svchost.exe [BTHSVCS] (Microsoft Corporation)
PRC - C:\WINDOWS\system32\smss.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\csrss.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\alg.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
PRC - C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
PRC - C:\Addon\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
PRC - C:\Programme\Fujitsu\BtnHnd\BtnHnd.exe (FUJITSU LIMITED)
PRC - C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\WINDOWS\system32\LEXBCES.EXE (Lexmark International, Inc.)
PRC - C:\WINDOWS\system32\LEXPPS.EXE (Lexmark International, Inc.)
PRC - C:\Nützlich\Quick Clean\PlgUni.exe (Network Associates, Inc.)

[color=#E56717]========== Modules (All) ==========[/color]
[/spoiler]

kasperhauser · 05.07.2010

MOD - C:\Dokumente und Einstellungen\unsere liebe\Eigene Dateien\Meine empfangenen Dateien\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\shlwapi.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\secur32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\rpcrt4.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\kernel32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msctfime.ime (Microsoft Corporation)
MOD - C:\WINDOWS\system32\advapi32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\ntdll.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\gdi32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\netapi32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\setupapi.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\winspool.drv (Microsoft Corporation)
MOD - C:\WINDOWS\system32\wldap32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\userenv.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\user32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\uxtheme.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\version.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\srclient.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\olepro32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\samlib.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\psapi.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\ntmarta.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msvcrt.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\imm32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\wbem\framedyn.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\comres.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\comdlg32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\clbcatq.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation)
MOD - C:\Nützlich\Quick Clean\imhook.dll (Network Associates, Inc.)

========== Win32 Services (All) ==========

SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (iPod Service) -- C:\Programme\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (TeamViewer5) -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Bonjour Service) -- C:\Programme\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (lanmanworkstation) -- C:\WINDOWS\system32\wkssvc.dll (Microsoft Corporation)
SRV - (PlugPlay) -- C:\WINDOWS\system32\services.exe (Microsoft Corporation)
SRV - (Eventlog) -- C:\WINDOWS\system32\services.exe (Microsoft Corporation)
SRV - (RpcSs) Remoteprozeduraufruf (RPC) -- C:\WINDOWS\system32\rpcss.dll (Microsoft Corporation)
SRV - (DcomLaunch) -- C:\WINDOWS\system32\rpcss.dll (Microsoft Corporation)
SRV - (Wmi) -- C:\WINDOWS\system32\advapi32.dll (Microsoft Corporation)
SRV - (FontCache3.0.0.0) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (idsvc) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (EventSystem) -- C:\WINDOWS\system32\es.dll (Microsoft Corporation)
SRV - (Nla) NLA (Network Location Awareness) -- C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
SRV - (MSIServer) -- C:\WINDOWS\System32\msiexec.exe (Microsoft Corporation)
SRV - (WmiApSrv) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe (Microsoft Corporation)
SRV - (VSS) -- C:\WINDOWS\system32\vssvc.exe (Microsoft Corporation)
SRV - (TlntSvr) -- C:\WINDOWS\system32\tlntsvr.exe (Microsoft Corporation)
SRV - (UPS) -- C:\WINDOWS\system32\ups.exe (Microsoft Corporation)
SRV - (Spooler) -- C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
SRV - (HidServ) -- C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
SRV - (SysmonLog) -- C:\WINDOWS\system32\smlogsvc.exe (Microsoft Corporation)
SRV - (RDSessMgr) -- C:\WINDOWS\system32\sessmgr.exe (Microsoft Corporation)
SRV - (SCardSvr) -- C:\WINDOWS\system32\scardsvr.exe (Microsoft Corporation)
SRV - (NetDDEdsdm) -- C:\WINDOWS\system32\netdde.exe (Microsoft Corporation)
SRV - (NetDDE) -- C:\WINDOWS\system32\netdde.exe (Microsoft Corporation)
SRV - (MSDTC) -- C:\WINDOWS\system32\msdtc.exe (Microsoft Corporation)
SRV - (mnmsrvc) -- C:\WINDOWS\system32\mnmsrvc.exe (Microsoft Corporation)
SRV - (SamSs) -- C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
SRV - (ProtectedStorage) -- C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
SRV - (PolicyAgent) -- C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
SRV - (NtLmSsp) -- C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
SRV - (Netlogon) -- C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
SRV - (RpcLocator) -- C:\WINDOWS\system32\locator.exe (Microsoft Corporation)
SRV - (ImapiService) -- C:\WINDOWS\system32\imapi.exe (Microsoft Corporation)
SRV - (dmadmin) -- C:\WINDOWS\System32\dmadmin.exe (Microsoft Corp., Veritas Software)
SRV - (SwPrv) -- C:\WINDOWS\System32\dllhost.exe (Microsoft Corporation)
SRV - (COMSysApp) -- C:\WINDOWS\System32\dllhost.exe (Microsoft Corporation)
SRV - (ClipSrv) -- C:\WINDOWS\system32\clipsrv.exe (Microsoft Corporation)
SRV - (CiSvc) -- C:\WINDOWS\system32\cisvc.exe (Microsoft Corporation)
SRV - (ALG) -- C:\WINDOWS\system32\alg.exe (Microsoft Corporation)
SRV - (WZCSVC) -- C:\WINDOWS\system32\wzcsvc.dll (Microsoft Corporation)
SRV - (xmlprov) -- C:\WINDOWS\system32\xmlprov.dll (Microsoft Corporation)
SRV - (wuauserv) -- C:\WINDOWS\system32\wuauserv.dll (Microsoft Corporation)
SRV - (stisvc) Windows-Bilderfassung (WIA) -- C:\WINDOWS\system32\wiaservc.dll (Microsoft Corporation)
SRV - (winmgmt) -- C:\WINDOWS\system32\wbem\wmisvc.dll (Microsoft Corporation)
SRV - (wscsvc) -- C:\WINDOWS\system32\wscsvc.dll (Microsoft Corporation)
SRV - (WebClient) -- C:\WINDOWS\system32\webclnt.dll (Microsoft Corporation)
SRV - (upnphost) -- C:\WINDOWS\system32\upnphost.dll (Microsoft Corporation)
SRV - (W32Time) -- C:\WINDOWS\system32\w32time.dll (Microsoft Corporation)
SRV - (HTTPFilter) -- C:\WINDOWS\system32\w3ssl.dll (Microsoft Corporation)
SRV - (TermService) -- C:\WINDOWS\system32\termsrv.dll (Microsoft Corporation)
SRV - (TapiSrv) -- C:\WINDOWS\system32\tapisrv.dll (Microsoft Corporation)
SRV - (srservice) -- C:\WINDOWS\system32\srsvc.dll (Microsoft Corporation)
SRV - (lanmanserver) -- C:\WINDOWS\system32\srvsvc.dll (Microsoft Corporation)
SRV - (TrkWks) Überwachung verteilter Verknüpfungen (Client) -- C:\WINDOWS\system32\trkwks.dll (Microsoft Corporation)
SRV - (SSDPSRV) -- C:\WINDOWS\system32\ssdpsrv.dll (Microsoft Corporation)
SRV - (Themes) -- C:\WINDOWS\system32\shsvcs.dll (Microsoft Corporation)
SRV - (ShellHWDetection) -- C:\WINDOWS\system32\shsvcs.dll (Microsoft Corporation)
SRV - (FastUserSwitchingCompatibility) -- C:\WINDOWS\system32\shsvcs.dll (Microsoft Corporation)
SRV - (SENS) -- C:\WINDOWS\system32\sens.dll (Microsoft Corporation)
SRV - (seclogon) -- C:\WINDOWS\system32\seclogon.dll (Microsoft Corporation)
SRV - (BITS) -- C:\WINDOWS\system32\qmgr.dll (Microsoft Corporation)
SRV - (napagent) NAP-Agent (Network Access Protection) -- C:\WINDOWS\system32\qagentrt.dll (Microsoft Corporation)
SRV - (Schedule) -- C:\WINDOWS\system32\schedsvc.dll (Microsoft Corporation)
SRV - (RasMan) -- C:\WINDOWS\system32\rasmans.dll (Microsoft Corporation)
SRV - (RasAuto) -- C:\WINDOWS\system32\rasauto.dll (Microsoft Corporation)
SRV - (RemoteRegistry) -- C:\WINDOWS\system32\regsvc.dll (Microsoft Corporation)
SRV - (helpsvc) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation)
SRV - (NtmsSvc) -- C:\WINDOWS\system32\ntmssvc.dll (Microsoft Corporation)
SRV - (Netman) -- C:\WINDOWS\system32\netman.dll (Microsoft Corporation)
SRV - (Messenger) -- C:\WINDOWS\system32\msgsvc.dll (Microsoft Corporation)
SRV - (RemoteAccess) -- C:\WINDOWS\system32\mprdim.dll (Microsoft Corporation)
SRV - (hkmsvc) -- C:\WINDOWS\system32\kmsvc.dll (Microsoft Corporation)
SRV - (LmHosts) -- C:\WINDOWS\system32\lmhsvc.dll (Microsoft Corporation)
SRV - (SharedAccess) -- C:\WINDOWS\system32\ipnathlp.dll (Microsoft Corporation)
SRV - (ERSvc) -- C:\WINDOWS\system32\ersvc.dll (Microsoft Corporation)
SRV - (Dot3svc) Automatische Konfiguration (verkabelt) -- C:\WINDOWS\system32\dot3svc.dll (Microsoft Corporation)
SRV - (Dnscache) -- C:\WINDOWS\system32\dnsrslvr.dll (Microsoft Corporation)
SRV - (EapHost) -- C:\WINDOWS\system32\eapsvc.dll (Microsoft Corporation)
SRV - (dmserver) -- C:\WINDOWS\system32\dmserver.dll (Microsoft Corp.)
SRV - (Dhcp) -- C:\WINDOWS\system32\dhcpcsvc.dll (Microsoft Corporation)
SRV - (CryptSvc) -- C:\WINDOWS\system32\cryptsvc.dll (Microsoft Corporation)
SRV - (AppMgmt) -- C:\WINDOWS\system32\appmgmts.dll (Microsoft Corporation)
SRV - (Browser) -- C:\WINDOWS\system32\browser.dll (Microsoft Corporation)
SRV - (AudioSrv) -- C:\WINDOWS\system32\audiosrv.dll (Microsoft Corporation)
SRV - (BthServ) -- C:\WINDOWS\system32\bthserv.dll (Microsoft Corporation)
SRV - (Alerter) -- C:\WINDOWS\system32\alrsvc.dll (Microsoft Corporation)
SRV - (WudfSvc) -- C:\WINDOWS\system32\WudfSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\WMPNetwk.exe (Microsoft

kasperhauser · 05.07.2010

Corporation)
SRV - (WmdmPmSN) -- C:\WINDOWS\system32\mspmsnsv.dll (Microsoft Corporation)
SRV - (RSVP) -- C:\WINDOWS\system32\rsvp.exe (Microsoft Corporation)
SRV - (LexBceS) -- C:\WINDOWS\system32\LEXBCES.EXE (Lexmark International, Inc.)

========== Driver Services (All) ==========

DRV - (ZDPSp50) -- File not found
DRV - (ZD1211U(ZyXEL)) ZyAIR G-220 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyXEL) -- File not found
DRV - (WDICA) -- File not found
DRV - (wanatw) WAN Miniport (ATW) -- File not found
DRV - (vbusax) -- File not found
DRV - (upperdev) -- File not found
DRV - (Simbad) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (pccsmcfd) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (InCDRm) -- File not found
DRV - (InCDPass) -- File not found
DRV - (InCDFs) -- File not found
DRV - (Changer) -- File not found
DRV - (BlueletSCOAudio) -- File not found
DRV - (BlueletAudio) -- File not found
DRV - (Atdisk) -- File not found
DRV - (asbp2poa) -- File not found
DRV - (Abiosdsk) -- File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (MRxSmb) -- C:\WINDOWS\system32\drivers\mrxsmb.sys (Microsoft Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (Srv) -- C:\WINDOWS\system32\drivers\srv.sys (Microsoft Corporation)
DRV - (HTTP) -- C:\WINDOWS\system32\drivers\http.sys (Microsoft Corporation)
DRV - (USBAAPL) -- C:\WINDOWS\system32\drivers\usbaapl.sys (Apple, Inc.)
DRV - (KSecDD) -- C:\WINDOWS\system32\drivers\ksecdd.sys (Microsoft Corporation)
DRV - (GEARAspiWDM) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (AFD) -- C:\WINDOWS\System32\drivers\afd.sys (Microsoft Corporation)
DRV - (Tcpip) -- C:\WINDOWS\system32\drivers\tcpip.sys (Microsoft Corporation)
DRV - (BTHPORT) -- C:\WINDOWS\system32\drivers\bthport.sys (Microsoft Corporation)
DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\WINDOWS\system32\drivers\s0016unic.sys (MCCI Corporation)
DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\WINDOWS\system32\drivers\s0016nd5.sys (MCCI Corporation)
DRV - (s0016mdfl) -- C:\WINDOWS\system32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\WINDOWS\system32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016obex) -- C:\WINDOWS\system32\drivers\s0016obex.sys (MCCI Corporation)
DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\WINDOWS\system32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (RDPWD) -- C:\WINDOWS\system32\drivers\rdpwd.sys (Microsoft Corporation)
DRV - (TermDD) -- C:\WINDOWS\system32\drivers\termdd.sys (Microsoft Corporation)
DRV - (TDTCP) -- C:\WINDOWS\system32\drivers\tdtcp.sys (Microsoft Corporation)
DRV - (TDPIPE) -- C:\WINDOWS\system32\drivers\tdpipe.sys (Microsoft Corporation)
DRV - (sr) -- C:\WINDOWS\system32\DRIVERS\sr.sys (Microsoft Corporation)
DRV - (Pcmcia) -- C:\WINDOWS\system32\DRIVERS\pcmcia.sys (Microsoft Corporation)
DRV - (PCI) -- C:\WINDOWS\system32\DRIVERS\pci.sys (Microsoft Corporation)
DRV - (Parport) -- C:\WINDOWS\system32\drivers\parport.sys (Microsoft Corporation)
DRV - (kbdhid) -- C:\WINDOWS\system32\drivers\kbdhid.sys (Microsoft Corporation)
DRV - (Kbdclass) -- C:\WINDOWS\system32\drivers\kbdclass.sys (Microsoft Corporation)
DRV - (dmio) -- C:\WINDOWS\System32\drivers\dmio.sys (Microsoft Corp., Veritas Software)
DRV - (dmboot) -- C:\WINDOWS\system32\drivers\dmboot.sys (Microsoft Corp., Veritas Software)
DRV - (isapnp) -- C:\WINDOWS\system32\DRIVERS\isapnp.sys (Microsoft Corporation)
DRV - (intelppm) -- C:\WINDOWS\system32\drivers\intelppm.sys (Microsoft Corporation)
DRV - (IntelIde) -- C:\WINDOWS\system32\DRIVERS\intelide.sys (Microsoft Corporation)
DRV - (i8042prt) -- C:\WINDOWS\system32\drivers\i8042prt.sys (Microsoft Corporation)
DRV - (Serial) -- C:\WINDOWS\system32\drivers\serial.sys (Microsoft Corporation)
DRV - (HidBth) -- C:\WINDOWS\system32\drivers\hidbth.sys (Microsoft Corporation)
DRV - (redbook) -- C:\WINDOWS\system32\drivers\redbook.sys (Microsoft Corporation)
DRV - (Fips) -- C:\WINDOWS\system32\drivers\fips.sys (Microsoft Corporation)
DRV - (VolSnap) -- C:\WINDOWS\system32\drivers\volsnap.sys (Microsoft Corporation)
DRV - (AmdK7) -- C:\WINDOWS\system32\drivers\amdk7.sys (Microsoft Corporation)
DRV - (Mouclass) -- C:\WINDOWS\system32\drivers\mouclass.sys (Microsoft Corporation)
DRV - (Modem) -- C:\WINDOWS\system32\drivers\modem.sys (Microsoft Corporation)
DRV - (ACPI) -- C:\WINDOWS\system32\DRIVERS\ACPI.sys (Microsoft Corporation)
DRV - (Rdbss) -- C:\WINDOWS\system32\drivers\rdbss.sys (Microsoft Corporation)
DRV - (NetBT) -- C:\WINDOWS\system32\drivers\netbt.sys (Microsoft Corporation)
DRV - (NdisWan) -- C:\WINDOWS\system32\drivers\ndiswan.sys (Microsoft Corporation)
DRV - (NDIS) -- C:\WINDOWS\system32\drivers\ndis.sys (Microsoft Corporation)
DRV - (PptpMiniport) WAN-Miniport (PPTP) -- C:\WINDOWS\system32\drivers\raspptp.sys (Microsoft Corporation)
DRV - (Rasl2tp) WAN-Miniport (L2TP) -- C:\WINDOWS\system32\drivers\rasl2tp.sys (Microsoft Corporation)
DRV - (IPSec) -- C:\WINDOWS\system32\drivers\ipsec.sys (Microsoft Corporation)
DRV - (wdmaud) -- C:\WINDOWS\system32\drivers\wdmaud.sys (Microsoft Corporation)
DRV - (Mup) -- C:\WINDOWS\system32\drivers\mup.sys (Microsoft Corporation)
DRV - (sysaudio) -- C:\WINDOWS\system32\drivers\sysaudio.sys (Microsoft Corporation)
DRV - (Ntfs) -- C:\WINDOWS\system32\drivers\ntfs.sys (Microsoft Corporation)
DRV - (Fastfat) -- C:\WINDOWS\system32\drivers\fastfat.sys (Microsoft Corporation)
DRV - (Cdfs) -- C:\WINDOWS\system32\drivers\cdfs.sys (Microsoft Corporation)
DRV - (RasPppoe) -- C:\WINDOWS\system32\drivers\raspppoe.sys (Microsoft Corporation)
DRV - (NDProxy) -- C:\WINDOWS\system32\drivers\ndproxy.sys (Microsoft Corporation)
DRV - (AsyncMac) -- C:\WINDOWS\system32\drivers\asyncmac.sys (Microsoft Corporation)
DRV - (NdisTapi) -- C:\WINDOWS\system32\drivers\ndistapi.sys (Microsoft Corporation)
DRV - (Wanarp) -- C:\WINDOWS\system32\drivers\wanarp.sys (Microsoft Corporation)
DRV - (IpNat) -- C:\WINDOWS\system32\drivers\ipnat.sys (Microsoft Corporation)
DRV - (IpInIp) -- C:\WINDOWS\system32\drivers\ipinip.sys (Microsoft Corporation)
DRV - (PSched) -- C:\WINDOWS\system32\drivers\psched.sys (Microsoft Corporation)
DRV - (Gpc) -- C:\WINDOWS\system32\drivers\msgpc.sys (Microsoft Corporation)
DRV - (NetBIOS) -- C:\WINDOWS\system32\drivers\netbios.sys (Microsoft Corporation)
DRV - (Ndisuio) -- C:\WINDOWS\system32\drivers\ndisuio.sys (Microsoft Corporation)
DRV - (IRENUM) -- C:\WINDOWS\system32\drivers\irenum.sys (Microsoft Corporation)
DRV - (Ip6Fw) -- C:\WINDOWS\system32\drivers\ip6fw.sys (Microsoft Corporation)
DRV - (BthPan) Bluetooth-Gerät (PAN) -- C:\WINDOWS\system32\drivers\bthpan.sys (Microsoft Corporation)
DRV - (NIC1394) -- C:\WINDOWS\system32\drivers\nic1394.sys (Microsoft Corporation)
DRV - (Arp1394) -- C:\WINDOWS\system32\drivers\arp1394.sys (Microsoft Corporation)
DRV - (Atmarpc) -- C:\WINDOWS\system32\drivers\atmarpc.sys (Microsoft Corporation)
DRV - (usbprint) -- C:\WINDOWS\system32\drivers\usbprint.sys (Microsoft Corporation)
DRV - (BthEnum) -- C:\WINDOWS\system32\drivers\bthenum.sys (Microsoft Corporation)
DRV - (RFCOMM) Bluetooth-Gerät (RFCOMM-Protokoll-TDI) -- C:\WINDOWS\system32\drivers\rfcomm.sys (Microsoft Corporation)
DRV - (BTHUSB) -- C:\WINDOWS\system32\drivers\bthusb.sys (Microsoft Corporation)
DRV - (NABTSFEC) -- C:\WINDOWS\system32\drivers\NABTSFEC.sys (Microsoft Corporation)
DRV - (WSTCODEC) -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS (Microsoft Corporation)
DRV - (CCDECODE) -- C:\WINDOWS\system32\drivers\CCDECODE.sys (Microsoft Corporation)
DRV - (SLIP) -- C:\WINDOWS\system32\drivers\SLIP.sys (Microsoft Corporation)
DRV - (streamip) -- C:\WINDOWS\system32\drivers\StreamIP.sys (Microsoft Corporation)
DRV - (NdisIP) -- C:\WINDOWS\system32\drivers\NdisIP.sys (Microsoft Corporation)
DRV - (ohci1394) -- C:\WINDOWS\system32\DRIVERS\ohci1394.sys (Microsoft Corporation)
DRV - (usbccgp) -- C:\WINDOWS\system32\drivers\usbccgp.sys (Microsoft Corporation)
DRV - (usbhub) -- C:\WINDOWS\system32\drivers\usbhub.sys (Microsoft Corporation)
DRV - (USBSTOR) -- C:\WINDOWS\system32\drivers\usbstor.sys (Microsoft Corporation)
DRV - (usbehci) -- C:\WINDOWS\system32\drivers\usbehci.sys (Microsoft Corporation)
DRV - (usbuhci) -- C:\WINDOWS\system32\drivers\usbuhci.sys (Microsoft Corporation)
DRV - (usbscan) -- C:\WINDOWS\system32\drivers\usbscan.sys (Microsoft Corporation)
DRV - (HidUsb) -- C:\WINDOWS\system32\drivers\hidusb.sys (Microsoft Corporation)
DRV - (drmkaud) -- C:\WINDOWS\system32\drivers\drmkaud.sys (Microsoft Corporation)
DRV - (kmixer) -- C:\WINDOWS\system32\drivers\kmixer.sys (Microsoft Corporation)
DRV - (swmidi) -- C:\WINDOWS\system32\drivers\swmidi.sys (Microsoft Corporation)
DRV - (splitter) -- C:\WINDOWS\system32\drivers\splitter.sys (Microsoft Corporation)
DRV - (DMusic) -- C:\WINDOWS\system32\drivers\dmusic.sys (Microsoft Corporation)
DRV - (VgaSave) -- C:\WINDOWS\System32\drivers\vga.sys (Microsoft Corporation)
DRV - (i2omp) -- C:\WINDOWS\system32\DRIVERS\i2omp.sys (Microsoft Corporation)
DRV - (i2omgmt) -- C:\WINDOWS\system32\drivers\i2omgmt.sys (Microsoft Corporation)
DRV - (Imapi) -- C:\WINDOWS\system32\drivers\imapi.sys (Microsoft Corporation)
DRV - (PartMgr) -- C:\WINDOWS\system32\drivers\partmgr.sys (Microsoft Corporation)
DRV - (Sfloppy) -- C:\WINDOWS\system32\drivers\sfloppy.sys (Microsoft Corporation)
DRV - (Disk) -- C:\WINDOWS\system32\DRIVERS\disk.sys (Microsoft Corporation)
DRV - (Cdrom) -- C:\WINDOWS\system32\drivers\cdrom.sys (Microsoft Corporation)
DRV - (ViaIde) -- C:\WINDOWS\system32\DRIVERS\viaide.sys (Microsoft Corporation)
DRV - (atapi) -- C:\WINDOWS\system32\DRIVERS\atapi.sys (Microsoft Corporation)
DRV - (Fdc) -- C:\WINDOWS\system32\drivers\fdc.sys (Microsoft Corporation)
DRV - (Flpydisk) -- C:\WINDOWS\system32\drivers\flpydisk.sys (Microsoft Corporation)
DRV - (swenum) -- C:\WINDOWS\system32\drivers\swenum.sys (Microsoft Corporation)
DRV - (MSKSSRV) -- C:\WINDOWS\system32\drivers\mskssrv.sys (Microsoft Corporation)
DRV - (MSPQM) -- C:\WINDOWS\system32\drivers\mspqm.sys (Microsoft Corporation)
DRV - (MSTEE) -- C:\WINDOWS\system32\drivers\MSTEE.sys (Microsoft Corporation)
DRV - (MSPCLOCK) -- C:\WINDOWS\system32\drivers\mspclock.sys (Microsoft Corporation)
DRV - (Update) -- C:\WINDOWS\system32\drivers\update.sys (Microsoft Corporation)
DRV - (MountMgr) -- C:\WINDOWS\system32\drivers\mountmgr.sys (Microsoft Corporation)
DRV - (mssmbios) -- C:\WINDOWS\system32\drivers\mssmbios.sys (Microsoft Corporation)
DRV - (sdbus) -- C:\WINDOWS\system32\drivers\sdbus.sys (Microsoft Corporation)
DRV - (viaagp) -- C:\WINDOWS\system32\DRIVERS\viaagp.sys (Microsoft Corporation)
DRV - (agpCPQ) -- C:\WINDOWS\system32\DRIVERS\agpCPQ.sys (Microsoft Corporation)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (alim1541) -- C:\WINDOWS\system32\DRIVERS\alim1541.sys (Microsoft Corporation)
DRV - (agp440) -- C:\WINDOWS\system32\DRIVERS\agp440.sys (Microsoft Corporation)
DRV - (CmBatt) -- C:\WINDOWS\system32\drivers\cmbatt.sys (Microsoft Corporation)
DRV - (Compbatt) -- C:\WINDOWS\system32\DRIVERS\compbatt.sys (Microsoft Corporation)
DRV - (FltMgr) -- C:\WINDOWS\system32\drivers\fltmgr.sys (Microsoft Corporation)
DRV - (rdpdr) -- C:\WINDOWS\system32\drivers\rdpdr.sys (Microsoft Corporation)
DRV - (MRxDAV) -- C:\WINDOWS\system32\drivers\mrxdav.sys (Microsoft Corporation)
DRV - (Npfs) -- C:\WINDOWS\system32\drivers\npfs.sys (Microsoft Corporation)
DRV - (Msfs) -- C:\WINDOWS\system32\drivers\msfs.sys (Microsoft Corporation)
DRV - (Udfs) -- C:\WINDOWS\system32\drivers\udfs.sys (Microsoft Corporation)
DRV - (BTHMODEM) -- C:\WINDOWS\system32\drivers\bthmodem.sys (Microsoft Corporation)
DRV - (aec) -- C:\WINDOWS\system32\drivers\aec.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)

kasperhauser · 05.07.2010

DRV - (Wdf01000) -- C:\WINDOWS\system32\drivers\wdf01000.sys (Microsoft Corporation)
DRV - (WudfRd) -- C:\WINDOWS\system32\drivers\WudfRd.sys (Microsoft Corporation)
DRV - (WudfPf) -- C:\WINDOWS\system32\DRIVERS\WudfPf.sys (Microsoft Corporation)
DRV - (seehcri) -- C:\WINDOWS\system32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) -- C:\WINDOWS\system32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (WpdUsb) -- C:\WINDOWS\system32\drivers\wpdusb.sys (Microsoft Corporation)
DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (AWISp50) -- C:\WINDOWS\system32\drivers\AWISp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (risdptsk) -- C:\WINDOWS\system32\DRIVERS\risdptsk.sys (REDC)
DRV - (iaStor) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (SLEE_13_DRIVER) -- C:\WINDOWS\system32\drivers\slee13.sys ()
DRV - (w29n51) Intel(R) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (BtnHnd) -- C:\Programme\Fujitsu\BtnHnd\BtnHnd.sys (FUJITSU LIMITED)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (w800obex) -- C:\WINDOWS\system32\drivers\w800obex.sys (MCCI)
DRV - (w800mgmt) -- C:\WINDOWS\system32\drivers\w800mgmt.sys (MCCI)
DRV - (w800bus) Sony Ericsson W800 driver (WDM) -- C:\WINDOWS\system32\drivers\w800bus.sys (MCCI)
DRV - (odysseyIM4) -- C:\WINDOWS\system32\drivers\odysseyIM4.sys (Funk Software, Inc.)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows (R) Server 2003 DDK provider)
DRV - (rismxdp) -- C:\WINDOWS\system32\DRIVERS\rixdptsk.sys (REDC)
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (FUJ02E1) -- C:\WINDOWS\system32\drivers\FUJ02E1.sys (Fujitsu Limited)
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation )
DRV - (IpFilterDriver) -- C:\WINDOWS\system32\drivers\ipfltdrv.sys (Microsoft Corporation)
DRV - (NwlnkFwd) -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys (Microsoft Corporation)
DRV - (Cdaudio) -- C:\WINDOWS\system32\drivers\cdaudio.sys (Microsoft Corporation)
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (Raspti) Parallelanschluss (direkt) -- C:\WINDOWS\system32\drivers\raspti.sys (Microsoft Corporation)
DRV - (NwlnkFlt) -- C:\WINDOWS\system32\drivers\nwlnkflt.sys (Microsoft Corporation)
DRV - (ACPIEC) -- C:\WINDOWS\system32\DRIVERS\ACPIEC.sys (Microsoft Corporation)
DRV - (WS2IFSL) -- C:\WINDOWS\System32\drivers\ws2ifsl.sys (Microsoft Corporation)
DRV - (RasAcd) -- C:\WINDOWS\system32\drivers\rasacd.sys (Microsoft Corporation)
DRV - (ParVdm) -- C:\WINDOWS\system32\drivers\parvdm.sys (Microsoft Corporation)
DRV - (dmload) -- C:\WINDOWS\System32\drivers\dmload.sys (Microsoft Corp., Veritas Software.)
DRV - (RDPCDD) -- C:\WINDOWS\system32\drivers\rdpcdd.sys (Microsoft Corporation)
DRV - (mnmdd) -- C:\WINDOWS\system32\drivers\mnmdd.sys (Microsoft Corporation)
DRV - (Beep) -- C:\WINDOWS\system32\drivers\beep.sys (Microsoft Corporation)
DRV - (Null) -- C:\WINDOWS\system32\drivers\null.sys (Microsoft Corporation)
DRV - (S3SavageNB) -- C:\WINDOWS\system32\drivers\s3gnbm.sys (S3 Graphics, Inc.)
DRV - (FUJ02E3) -- C:\WINDOWS\system32\drivers\fuj02e3.sys (FUJITSU LIMITED)
DRV - (Ftdisk) -- C:\WINDOWS\system32\DRIVERS\ftdisk.sys (Microsoft Corporation)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (mouhid) -- C:\WINDOWS\system32\drivers\mouhid.sys (Microsoft Corporation)
DRV - (TosIde) -- C:\WINDOWS\system32\DRIVERS\toside.sys (Microsoft Corporation)
DRV - (PCIIde) -- C:\WINDOWS\system32\DRIVERS\pciide.sys (Microsoft Corporation)
DRV - (hpn) -- C:\WINDOWS\system32\DRIVERS\hpn.sys (Microsoft Corporation)
DRV - (dpti2o) -- C:\WINDOWS\system32\DRIVERS\dpti2o.sys (Microsoft Corporation)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (perc2hib) -- C:\WINDOWS\system32\DRIVERS\perc2hib.sys (Microsoft Corporation)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (perc2) -- C:\WINDOWS\system32\DRIVERS\perc2.sys (Microsoft Corporation)
DRV - (aic78xx) -- C:\WINDOWS\system32\DRIVERS\aic78xx.sys (Microsoft Corporation)
DRV - (aic78u2) -- C:\WINDOWS\system32\DRIVERS\aic78u2.sys (Microsoft Corporation)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (adpu160m) -- C:\WINDOWS\system32\DRIVERS\adpu160m.sys (Microsoft Corporation)
DRV - (audstub) -- C:\WINDOWS\system32\drivers\audstub.sys (Microsoft Corporation)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (ql1240) -- C:\WINDOWS\system32\DRIVERS\ql1240.sys (Microsoft Corporation)
DRV - (Ql10wnt) -- C:\WINDOWS\system32\DRIVERS\ql10wnt.sys (Microsoft Corporation)
DRV - (dac960nt) -- C:\WINDOWS\system32\DRIVERS\dac960nt.sys (Microsoft Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (ini910u) -- C:\WINDOWS\system32\DRIVERS\ini910u.sys (Microsoft Corporation)
DRV - (cbidf2k) -- C:\WINDOWS\system32\drivers\cbidf2k.sys (Microsoft Corporation)
DRV - (cbidf) -- C:\WINDOWS\system32\DRIVERS\cbidf2k.sys (Microsoft Corporation)
DRV - (Cpqarray) -- C:\WINDOWS\system32\DRIVERS\cpqarray.sys (Microsoft Corporation)
DRV - (cd20xrnt) -- C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys (Microsoft Corporation)
DRV - (asc3350p) -- C:\WINDOWS\system32\DRIVERS\asc3350p.sys (Microsoft Corporation)
DRV - (amsint) -- C:\WINDOWS\system32\DRIVERS\amsint.sys (Microsoft Corporation)
DRV - (Aha154x) -- C:\WINDOWS\system32\DRIVERS\aha154x.sys (Microsoft Corporation)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (abp480n5) -- C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS (Microsoft Corporation)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (FETNDIS) -- C:\WINDOWS\system32\drivers\fetnd5.sys (VIA Technologies, Inc. )
DRV - (FUJ02B1) -- C:\WINDOWS\system32\drivers\fuj02b1.sys (FUJITSU LIMITED)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = about:blank
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: ProxyEnable = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = about:blank
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: ProxyEnable = 0

IE - HKU\S-1-5-21-2078853874-3116500751-1579000496-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-2078853874-3116500751-1579000496-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=13170&l=dis
IE - HKU\S-1-5-21-2078853874-3116500751-1579000496-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2078853874-3116500751-1579000496-1006\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2078853874-3116500751-1579000496-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: ProxyEnable = 0
IE - HKU\S-1-5-21-2078853874-3116500751-1579000496-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: ProxyOverride = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: Ask.com
FF - prefs.js..browser.search.defaultenginename: ICQ Search
FF - prefs.js..browser.search.defaulturl: http://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js..browser.search.order.1: Ask.com
FF - prefs.js..browser.search.selectedEngine: ICQ Search
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: http://www.google.de/
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.1
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.4.1
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.9
FF - prefs.js..keyword.URL: http://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - prefs.js..network.proxy.type: 4
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: Ask.com
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: http://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ICQ Search
FF - prefs.js..browser.startup.homepage: http://www.google.de/
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: http://search.icq.com/search/afe_results.php?ch_id=afex&q=

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.06.28 16:31:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.06.28 16:31:08 | 000,000,000 | ---D | M]

[2009.04.07 17:37:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Extensions
[2010.07.04 16:10:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\m8k09vja.default\extensions
[2009.09.09 10:08:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\m8k09vja.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.01.07 18:58:08 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\m8k09vja.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.12.12 23:24:36 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\m8k09vja.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010.03.31 22:41:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\m8k09vja.default\extensions\[email protected]
[2009.09.25 12:20:09 | 000,002,255 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\m8k09vja.default\searchplugins\askcom.xml
[2010.02.18 21:07:24 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\m8k09vja.default\searchplugins\icqplugin-1.xml
[2010.03.30 11:06:13 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\m8k09vja.default\searchplugins\icqplugin-2.xml
[2010.04.01 10:59:51 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\m8k09vja.default\searchplugins\icqplugin-3.xml
[2010.04.02 14:31:38 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\m8k09vja.default\searchplugins\icqplugin-4.xml
[2010.06.23 19:12:44 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\m8k09vja.default\searchplugins\icqplugin-5.xml
[2010.06.28 16:32:05 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\m8k09vja.default\searchplugins\icqplugin-6.xml
[2008.03.31 10:52:00 | 000,000,168 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\m8k09vja.default\searchplugins\icqplugin.gif
[2008.03.31 10:52:00 | 000,000,618 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\m8k09vja.default\searchplugins\icqplugin.src
[2009.02.22 12:42:34 | 000,000,944 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\m8k09vja.default\searchplugins\icqplugin.xml
[2009.03.28 08:58:08 | 000,001,659 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\m8k09vja.default\searchplugins\live-search.xml
[2009.12.12 23:24:31 | 000,003,915 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\m8k09vja.default\searchplugins\sweetim.xml
[2010.01.07 18:57:25 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009.09.12 15:29:41 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.03.30 11:05:18 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.30 11:05:18 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.30 11:05:18 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.30 11:05:19 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.30 11:05:19 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.09.12 19:22:56 | 000,000,812 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-2078853874-3116500751-1579000496-1006\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\S-1-5-21-2078853874-3116500751-1579000496-1006\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-2078853874-3116500751-1579000496-1006\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Imonitor] C:\Nützlich\Quick Clean\PlgUni.exe (Network Associates, Inc.)
O4 - HKLM..\Run: [IndicatorUtility] C:\Addon\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)

kasperhauser · 05.07.2010

O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LoadBtnHnd] C:\Programme\Fujitsu\BtnHnd\BtnHnd.exe (FUJITSU LIMITED)
O4 - HKU\.DEFAULT..\RunOnce: [SAFECNMEMORY8] C:\Programme\CnMemory Safe\SAFECNMEMORY8.exe ()
O4 - HKU\S-1-5-18..\RunOnce: [SAFECNMEMORY8] C:\Programme\CnMemory Safe\SAFECNMEMORY8.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [SAFECNMEMORY8] C:\Programme\CnMemory Safe\SAFECNMEMORY8.exe ()
O4 - HKU\S-1-5-20..\RunOnce: [SAFECNMEMORY8] C:\Programme\CnMemory Safe\SAFECNMEMORY8.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2078853874-3116500751-1579000496-1006\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
O7 - HKU\S-1-5-21-2078853874-3116500751-1579000496-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2078853874-3116500751-1579000496-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = E3 FF FF 01 [binary data]
O7 - HKU\S-1-5-21-2078853874-3116500751-1579000496-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = [binary data]
O9 - Extra->Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_02\bin\npjpi160_02.dll (Sun Microsystems, Inc.)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra->Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Programme\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1189604695406 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1190667850406 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\PSUTY: DllName - PSUWNP.dll - C:\WINDOWS\System32\PSUWNP.dll (FUJITSU LIMITED)
O21 - SSODL: msmhost - {B2EB7470-AA1D-4F27-BB56-CF1B38454B80} - CLSID or File not found.
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.01.30 21:58:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- %1 %*
O35 - HKLM\..exefile [open] -- %1 %*
O37 - HKLM\...com [@ = comfile] -- %1 %*
O37 - HKLM\...exe [@ = exefile] -- %1 %*

========== Files/Folders - Created Within 30 Days ==========

[2010.07.04 12:25:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010.07.04 11:59:52 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\admin\Recent
[2010.06.30 21:12:15 | 000,176,128 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2010.06.30 20:30:02 | 000,000,000 | ---D | C] -- C:\Programme\ASUS Security Center
[2010.06.30 20:23:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SDA
[2010.06.30 20:06:05 | 000,000,000 | ---D | C] -- C:\Intel
[2010.06.30 19:54:36 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2010.06.30 19:53:52 | 000,487,424 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2010.06.30 19:48:25 | 000,053,248 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxprd32.dll
[2010.06.30 19:48:17 | 002,363,392 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iglicd32.dll
[2010.06.30 19:48:17 | 002,262,528 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpdx32.dll
[2010.06.30 19:48:17 | 001,442,848 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpdv32.dll
[2010.06.30 19:48:17 | 001,181,824 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\drivers\igxpmp32.sys
[2010.06.30 19:48:17 | 000,454,656 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igldev32.dll
[2010.06.30 19:48:17 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difx32.dll
[2010.06.30 19:48:17 | 000,146,432 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpgd32.dll
[2010.06.30 19:47:54 | 000,364,544 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\igxpun.exe
[2010.06.30 19:47:54 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll
[2010.06.30 19:18:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Drivers HeadQuarters
[2010.06.30 19:18:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Anwendungsdaten\PC_Drivers_Headquarters
[2010.06.30 19:16:12 | 000,000,000 | ---D | C] -- C:\Programme\PC Drivers HeadQuarters
[2010.06.28 23:38:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
[2010.06.28 21:51:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Avira
[2010.06.28 21:30:43 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010.06.28 21:30:28 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.06.28 21:30:28 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010.06.28 21:30:28 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010.06.28 21:30:28 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010.06.28 21:30:26 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2010.06.28 19:22:47 | 000,030,536 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2010.06.28 19:22:44 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010.06.28 19:20:58 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2010
[2010.06.28 19:18:46 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.06.10 09:17:54 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.07.04 16:07:14 | 005,242,880 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\ntuser.dat
[2010.07.04 12:49:39 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.07.04 12:48:30 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.07.04 12:48:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.07.04 12:03:00 | 002,139,992 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.07.04 12:00:00 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\admin\ntuser.ini
[2010.07.04 10:30:09 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.30 20:31:13 | 000,462,012 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.06.30 20:31:13 | 000,444,074 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.30 20:31:13 | 000,085,936 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.06.30 20:31:13 | 000,072,608 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.30 20:31:11 | 001,077,724 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.30 19:16:17 | 000,002,198 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Driver Detective.lnk
[2010.06.29 08:58:01 | 000,068,096 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.28 21:31:53 | 000,001,677 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira AntiVir Control Center.lnk
[2010.06.28 19:22:37 | 000,001,715 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[2010.06.28 19:22:37 | 000,001,701 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities.lnk
[2010.06.23 19:00:38 | 005,242,880 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\ntuser.dat_BAK_68930
[2010.06.18 17:18:24 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job
[2010.06.10 09:15:17 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.06.30 19:58:50 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010.06.30 19:48:25 | 000,000,929 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2010.06.30 19:48:17 | 000,655,842 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2010.06.30 19:48:17 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4704.dll
[2010.06.30 19:48:17 | 000,023,632 | ---- | C] () -- C:\WINDOWS\System32\igxpxs32.vp
[2010.06.30 19:48:17 | 000,002,096 | ---- | C] () -- C:\WINDOWS\System32\igxpxk32.vp
[2010.06.30 19:47:54 | 000,121,232 | ---- | C] () -- C:\WINDOWS\System32\IScrNBR.bmp
[2010.06.30 19:47:54 | 000,121,232 | ---- | C] () -- C:\WINDOWS\System32\IScrNB.bmp
[2010.06.30 19:16:17 | 000,002,198 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Driver Detective.lnk
[2010.06.28 21:31:53 | 000,001,677 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira AntiVir Control Center.lnk
[2010.06.28 19:22:37 | 000,001,715 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[2010.06.28 19:22:37 | 000,001,701 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities.lnk
[2010.06.23 18:59:53 | 000,000,000 | -H-- | C] () -- C:\Dokumente und Einstellungen\admin\ntuser.dat_TU_68930.LOG
[2009.10.18 21:04:38 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008.12.07 15:09:23 | 000,000,021 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007.12.01 12:36:15 | 000,000,040 | ---- | C] () -- C:\WINDOWS\RUNAWAY.INI
[2007.11.14 16:55:52 | 000,000,067 | ---- | C] () -- C:\WINDOWS\AVIConverter.INI
[2007.11.11 16:48:29 | 000,120,832 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2007.11.08 16:18:00 | 000,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007.10.09 22:03:36 | 000,000,219 | ---- | C] () -- C:\WINDOWS\System32\piccube.ini
[2007.07.24 21:43:17 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2007.05.25 17:29:24 | 000,005,628 | ---- | C] () -- C:\WINDOWS\fwupgrade.ini
[2007.05.22 20:14:39 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007.05.22 18:53:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AMAPI.INI
[2007.05.22 18:22:30 | 000,000,112 | ---- | C] () -- C:\WINDOWS\init.ini
[2007.05.21 21:00:27 | 000,032,784 | ---- | C] () -- C:\WINDOWS\UNARJ.DLL
[2007.05.07 16:18:13 | 000,068,096 | ---- | C] () -- C:\WINDOWS\System32\lfplt11n.dll
[2007.05.07 16:18:10 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2007.05.07 16:18:10 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2007.05.07 16:17:35 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\iplCubeM6.dll
[2007.05.07 16:17:35 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\iplCubeP6.dll
[2007.05.07 16:17:35 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\iplCubeM5.dll
[2007.05.07 16:17:35 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\iplCubeP5.dll
[2007.05.07 16:17:34 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\iplCubePX.dll
[2007.05.07 16:17:34 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\iplCubeA6.dll
[2007.05.07 16:17:34 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\iplCube.dll
[2007.05.07 16:17:34 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2007.05.07 16:16:21 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Missing.ini
[2007.04.30 19:27:41 | 000,000,209 | ---- | C] () -- C:\WINDOWS\Meisterschach132.INI
[2007.03.27 17:51:31 | 000,000,411 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2007.03.05 13:34:28 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007.01.18 21:27:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MusicMaker.INI
[2007.01.18 21:24:55 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\mgxasio2.dll
[2007.01.18 21:23:16 | 000,006,642 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2007.01.07 18:48:20 | 000,000,053 | ---- | C] () -- C:\WINDOWS\Kyor.ini
[2006.12.17 17:44:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2006.12.06 23:19:02 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.10.04 21:11:42 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Iedit.INI
[2006.09.23 17:03:53 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.08.16 11:36:42 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.01.31 11:18:32 | 000,068,832 | ---- | C] () -- C:\WINDOWS\Slee13x64.sys
[2006.01.30 22:20:28 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006.01.30 21:41:40 | 000,001,052 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005.10.04 18:42:36 | 000,074,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\slee13.sys
[2005.07.12 15:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL
[2005.04.03 07:30:00 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\scardsyn.dll
[2004.03.23 17:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2003.08.18 16:46:38 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBKLCNP.DLL
[2002.11.13 21:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbkvs.dll
[2002.09.13 17:40:06 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\lxbkcoin.ini
[1998.05.06 12:10:00 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\ODMA32.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 115 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:517DBC32
< End of report >

kasperhauser · 05.07.2010

so das war die erste logfile. jetzt kommt die zweite von olt.

OTL Extras logfile created on: 04.07.2010 16:21:23 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Dokumente und Einstellungen\unsere liebe\Eigene Dateien\Meine empfangenen Dateien
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

502,00 Mb Total Physical Memory | 101,00 Mb Available Physical Memory | 20,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 55,88 Gb Total Space | 11,61 Gb Free Space | 20,78% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANGEL
Current User Name: admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-2078853874-3116500751-1579000496-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- %1 %*
cmdfile [open] -- %1 %*
comfile [open] -- %1 %*
exefile [open] -- %1 %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- C:\Programme\Mozilla Firefox\firefox.exe -requestPending -osint -url %1 (Mozilla Corporation)
https [open] -- C:\Programme\Mozilla Firefox\firefox.exe -requestPending -osint -url %1 (Mozilla Corporation)
piffile [open] -- %1 %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- %1
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- %1 /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue %1 ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue %1 ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
FirstRunDisabled = 1
AntiVirusDisableNotify = 0
FirewallDisableNotify = 0
UpdatesDisableNotify = 1
AntiVirusOverride = 1
FirewallOverride = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
139:TCP = 139:TCP:*:Enabled

xpsp2res.dll,-22004
445:TCP = 445:TCP:*:Enabled

xpsp2res.dll,-22005
137:UDP = 137:UDP:*:Enabled

xpsp2res.dll,-22001
138:UDP = 138:UDP:*:Enabled

xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall = 0
DoNotAllowExceptions = 0
DisableNotifications = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
139:TCP = 139:TCP:LocalSubNet:Enabled

xpsp2res.dll,-22004
445:TCP = 445:TCP:LocalSubNet:Enabled

xpsp2res.dll,-22005
137:UDP = 137:UDP:LocalSubNet:Enabled

xpsp2res.dll,-22001
138:UDP = 138:UDP:LocalSubNet:Enabled

xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
C:\Programme\MSN Messenger\livecall.exe = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
C:\Programme\Windows Live\Messenger\wlcsdk.exe = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
C:\Programme\Windows Live\Sync\WindowsLiveSync.exe = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\Programme\Windows Live\Messenger\wlcsdk.exe = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
C:\Programme\BitTorrent\bittorrent.exe = C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
C:\Programme\Windows Live\Sync\WindowsLiveSync.exe = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
C:\Programme\TeamViewer\Version5\TeamViewer.exe = C:\Programme\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
C:\Programme\iTunes\iTunes.exe = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

kasperhauser · 05.07.2010

========== HKEY_LOCAL_MACHINE Uninstall List ==========

der Dienst upnphost
mit den Argumenten gestartet wurde, um den folgenden Server zu verwenden: {204810B9-73B2-11D4-BF42-00B0D0118B56}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
{00000000-5736-4205-1000-911A329139FD} = CnMemory Safe - powered by Steganos (8.0.10)
{04ECD699-9F3A-4F9C-A476-EEAA4E172079} = Fujitsu System Extension Utility
{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
{205C6BDD-7B73-42DE-8505-9A093F35A238} = Windows Live-Uploadtool
{212748BB-0DA5-46DE-82A1-403736DC9F27} = MSVC80_x86
{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} = MSVCRT
{271274D2-92C6-4EEC-A0AD-9DA5272AD5C9} = Lifebook Application Panel
{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD} = QuickTime
{2BA722D1-48D1-406E-9123-8AE5431D63EF} = Windows Live Fotogalerie
{3248F0A8-6813-11D6-A77B-00B0D0150060} = J2SE Runtime Environment 5.0 Update 6
{3248F0A8-6813-11D6-A77B-00B0D0160020} = Java(TM) 6 Update 2
{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227} = WebFldrs XP
{41E654A9-26D0-4EAC-854B-0FA824FFFABB} = Windows Live Messenger
{4640FDE1-B83A-4376-84ED-86F86BEE2D41} = Driver Detective
{52B97218-98CB-4B8B-9283-D213C85E1AA4} = Windows Live Anmelde-Assistent
{5FC68772-6D56-41C6-9DF1-24E868198AE6} = Windows Live Call
{7299052b-02a4-4627-81f2-1818da5d550d} = Microsoft Visual C++ 2005 Redistributable
{76618402-179D-4699-A66B-D351C59436BC} = Windows Live Sync
{76BC2442-0002-47FA-9617-43BAD82BEF4C} = Bonjour
{770657D0-A123-3C07-8E44-1C83EC895118} = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
{79821CAD-999C-443D-B420-96F914C84E27} = Power Saving Utility
{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22} = TuneUp Utilities Language Pack (de-DE)
{805BDB3F-6803-45F7-B959-4FE5B921BC55} = Fujitsu Hotkey Utility
{837b34e3-7c30-493c-8f6a-2b0f04e2912c} = Microsoft Visual C++ 2005 Redistributable
{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} = Microsoft .NET Framework 2.0 Language Pack - DEU
{95120000-00B9-0409-0000-0000000FF1CE} = Microsoft Application Error Reporting
{951DA770-6E72-11D6-B279-0010A4C6B25D} = McAfee QuickClean
{996A2FAA-7514-4628-9D12-A8FC34A0016E} = iTunes
{9CF7DA3A-0BB8-4925-8445-36F14482CB2E} = DirectX for Managed Code Update (February 2005)
{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} = Microsoft .NET Framework 3.0 Service Pack 2
{AC76BA86-7AD7-1031-7B44-A70900000002} = Adobe Reader 7.0.9 - Deutsch
{B5C3B892-0849-476C-9F46-B12F84819D57} = Apple Mobile Device Support
{BAF78226-3200-4DB4-BE33-4D922A799840} = Windows Presentation Foundation
{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} = Microsoft .NET Framework 2.0 Service Pack 2
{C41300B9-185D-475E-BFEC-39EF732F19B1} = Apple Software Update
{C4D738F7-996A-4C81-B8FA-C4E26D767E41} = Windows Live Mail
{C7340571-7773-4A8C-9EBC-4E4243B38C76} = Microsoft XML Parser
{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} = Microsoft .NET Framework 1.1
{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} = Microsoft .NET Framework 3.5 SP1
{D1C6BA81-14FF-4331-8350-350D159A50F4} = Fingerprint Sensor Minimum Install
{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} = TuneUp Utilities
{E0A4805D-280A-4DD7-9E74-3A5F85E302A1} = Windows Live Writer
{E2DFE069-083E-4631-9B6C-43C48E991DE5} = Junk Mail filter update
{E78BFA60-5393-4C38-82AB-E8019E464EB4} = Microsoft .NET Framework 1.1 German Language Pack
{ED00D08A-3C5F-488D-93A0-A04F21F23956} = Windows Live Communications Platform
{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} = Microsoft SQL Server 2005 Compact Edition [ENU]
{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} = Microsoft Choice Guard
{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} = Realtek High Definition Audio Driver
{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F} = Windows Live Essentials
{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Adobe Flash Player ActiveX = Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin = Adobe Flash Player 10 Plugin
Adobe Shockwave Player = Adobe Shockwave Player
Agere Systems Soft Modem = Agere Systems HDA Modem
Ashampoo Burning Studio 2010_is1 = Ashampoo Burning Studio 2010
Avira AntiVir Desktop = Avira AntiVir Personal - Free Antivirus
AviSynth = AviSynth 2.5
AVS Audio CD Grabber 4.1_is1 = AVS Audio CD Grabber version 4.1
CCleaner = CCleaner (remove only)
HDMI = Intel(R) Graphics Media Accelerator Driver
IDNMitigationAPIs = Microsoft Internationalized Domain Names Mitigation APIs
ie8 = Windows Internet Explorer 8
InstallShield_{79821CAD-999C-443D-B420-96F914C84E27} = Power Saving Utility
Lexmark X1100 Series = Lexmark X1100 Series
Microsoft .NET Framework 1.1 (1033) = Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0 Language Pack - DEU = Microsoft .NET Framework 2.0 Language Pack - DEU
Microsoft .NET Framework 3.5 SP1 = Microsoft .NET Framework 3.5 SP1
Mozilla Firefox (3.6.6) = Mozilla Firefox (3.6.6)
MP3-Cutter = MP3-Cutter
MP4 to MP3 Converter 3 = MP4 to MP3 Converter 3
MSCompPackV1 = Microsoft Compression Client Pack 1.0 for Windows XP
NeroVision!UninstallKey = Nero Digital
NLSDownlevelMapping = Microsoft National Language Support Downlevel APIs
sm-un1.u32 = Ashampoo Office 2006 (C:\Programme\Ashampoo\Ashampoo Office 2006)
sm-un2.u32 = TextMaker 2006 - Additional dictionaries (C:\Programme\Ashampoo\Ashampoo Office 2006)
SuperMegaSpoof_is1 = SuperMegaSpoof 2.0
SynTPDeinstKey = Synaptics Pointing Device Driver
TeamViewer 5 = TeamViewer 5
TuneUp Utilities = TuneUp Utilities
Videora iPod Converter = Videora iPod Converter 5.04
VLC media player = VLC media player 0.9.6
Wdf01005 = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Wdf01007 = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
WIC = Windows Imaging Component
Windows Media Format Runtime = Windows Media Format 11 runtime
Windows Media Player = Windows Media Player 11
Windows XP Service Pack = Windows XP Service Pack 3
WinLiveSuite_Wave3 = Windows Live Essentials
WinRAR archiver = WinRAR Archivierer
WMFDist11 = Windows Media Format 11 runtime
wmp11 = Windows Media Player 11
Wordpool_is1 = Wordpool 2.7.7
Wudf01007 = Microsoft User-Mode Driver Framework Feature Pack 1.7
XpsEPSC = XML Paper Specification Shared Components Pack 1.0
Yahoo! Messenger = Yahoo! Messenger

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2078853874-3116500751-1579000496-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 28.06.2010 16:15:36 | Computer Name = ANGEL | Source = VSS | ID = 12289
Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler CreateFileW(\\?\Volume{5abdd43b-4aed-11db-b4b4-806d6172696f},0xc0000000,0x00000003,...).
hr = 0x80070005.

Error - 28.06.2010 16:15:59 | Computer Name = ANGEL | Source = VSS | ID = 5013
Description = Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor RemovableStorageManager
aufgerufene Routine OpenNtmsSessionW ist mit Status 0x80070015 (konvertiert
in 0x800423f3) fehlgeschlagen.

Error - 28.06.2010 16:20:54 | Computer Name = ANGEL | Source = VSS | ID = 12289
Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler CreateFileW(\\?\Volume{5abdd43b-4aed-11db-b4b4-806d6172696f},0xc0000000,0x00000003,...).
hr = 0x80070005.

Error - 28.06.2010 16:21:18 | Computer Name = ANGEL | Source = VSS | ID = 5013
Description = Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor RemovableStorageManager
aufgerufene Routine OpenNtmsSessionW ist mit Status 0x80070015 (konvertiert
in 0x800423f3) fehlgeschlagen.

Error - 28.06.2010 19:20:24 | Computer Name = ANGEL | Source = VSS | ID = 12289
Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler CreateFileW(\\?\Volume{5abdd43b-4aed-11db-b4b4-806d6172696f},0xc0000000,0x00000003,...).
hr = 0x80070005.

Error - 28.06.2010 19:20:49 | Computer Name = ANGEL | Source = VSS | ID = 5013
Description = Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor RemovableStorageManager
aufgerufene Routine OpenNtmsSessionW ist mit Status 0x80070015 (konvertiert
in 0x800423f3) fehlgeschlagen.

Error - 28.06.2010 19:27:26 | Computer Name = ANGEL | Source = VSS | ID = 12289
Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler CreateFileW(\\?\Volume{5abdd43b-4aed-11db-b4b4-806d6172696f},0xc0000000,0x00000003,...).
hr = 0x80070005.

Error - 28.06.2010 19:28:42 | Computer Name = ANGEL | Source = VSS | ID = 5013
Description = Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor RemovableStorageManager
aufgerufene Routine OpenNtmsSessionW ist mit Status 0x80070015 (konvertiert
in 0x800423f3) fehlgeschlagen.

Error - 30.06.2010 13:11:20 | Computer Name = ANGEL | Source = MsiInstaller | ID = 11925
Description = Produkt: Driver Detective -- Fehler 1925. Sie besitzen keine ausreichenden
Berechtigungen, um diese Installation für alle Benutzer dieses Computers auszuführen.
Melden Sie sich als Administrator an, und wiederholen Sie diese Installation.

Error - 02.07.2010 14:45:12 | Computer Name = ANGEL | Source = MsiInstaller | ID = 10005
Description = Product: Microsoft CAPICOM 2.1.0.2 SDK -- You need to be administrative
privileges to install this product.

[ System Events ]
Error - 30.06.2010 15:10:00 | Computer Name = ANGEL | Source = DCOM | ID = 10001
Description = Ein DCOM-Server konnte nicht gestartet werden: {0590AEC3-61EF-4C31-AAED-734A4E619247}
als /. Fehler: %233 aufgetreten beim Starten dieses Befehls: C:\Programme\ASUS Security
Center\ASUS Security Protect Manager\Bin\AsGHost.exe -Embedding

Error - 30.06.2010 15:10:00 | Computer Name = ANGEL | Source = DCOM | ID = 10001
Description = Ein DCOM-Server konnte nicht gestartet werden: {0590AEC3-61EF-4C31-AAED-734A4E619247}
als /. Fehler: %233 aufgetreten beim Starten dieses Befehls: C:\Programme\ASUS Security
Center\ASUS Security Protect Manager\Bin\AsGHost.exe -Embedding

Error - 30.06.2010 15:10:09 | Computer Name = ANGEL | Source = DCOM | ID = 10001
Description = Ein DCOM-Server konnte nicht gestartet werden: {0590AEC3-61EF-4C31-AAED-734A4E619247}
als /. Fehler: %233 aufgetreten beim Starten dieses Befehls: C:\Programme\ASUS Security
Center\ASUS Security Protect Manager\Bin\AsGHost.exe -Embedding

Error - 30.06.2010 15:10:09 | Computer Name = ANGEL | Source = DCOM | ID = 10001
Description = Ein DCOM-Server konnte nicht gestartet werden: {0590AEC3-61EF-4C31-AAED-734A4E619247}
als /. Fehler: %233 aufgetreten beim Starten dieses Befehls: C:\Programme\ASUS Security
Center\ASUS Security Protect Manager\Bin\AsGHost.exe -Embedding

Error - 04.07.2010 04:05:39 | Computer Name = ANGEL | Source = MRxSmb | ID = 8003
Description = Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer EASYBOX,
der
der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{3BEA5F1D-F03A-4B54-A-Transport
zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error - 04.07.2010 04:30:21 | Computer Name = ANGEL | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler %1058 aufgetreten, als der Dienst upnphost
mit den Argumenten gestartet wurde, um den folgenden Server zu verwenden: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 04.07.2010 04:31:54 | Computer Name = ANGEL | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler %1058 aufgetreten, als der Dienst upnphost
mit den Argumenten gestartet wurde, um den folgenden Server zu verwenden: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 04.07.2010 04:32:11 | Computer Name = ANGEL | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler %1058 aufgetreten, als der Dienst upnphost
mit den Argumenten gestartet wurde, um den folgenden Server zu verwenden: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 04.07.2010 04:32:28 | Computer Name = ANGEL | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler %1058 aufgetreten, als der Dienst upnphost
mit den Argumenten gestartet wurde, um den folgenden Server zu verwenden: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 04.07.2010 04:35:59 | Computer Name = ANGEL | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler %1058 aufgetreten, als

< End of report >

kasperhauser · 05.07.2010

jetzt noch die Gmer logfile

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-07-04 16:07:14
Windows 5.1.2600 Service Pack 3
Running: pjp6g3re.exe; Driver: C:\DOKUME~1\admin\LOKALE~1\Temp\pgtdrpow.sys

---- System - GMER 1.0.15 ----

SSDT F8B8C286 ZwCreateKey
SSDT F8B8C27C ZwCreateThread
SSDT F8B8C28B ZwDeleteKey
SSDT F8B8C295 ZwDeleteValueKey
SSDT sptd.sys ZwEnumerateKey [0xF83D0FB2]
SSDT sptd.sys ZwEnumerateValueKey [0xF83D1340]
SSDT F8B8C29A ZwLoadKey
SSDT sptd.sys ZwOpenKey [0xF83CB0B0]
SSDT F8B8C268 ZwOpenProcess
SSDT F8B8C26D ZwOpenThread
SSDT sptd.sys ZwQueryKey [0xF83D1418]
SSDT sptd.sys ZwQueryValueKey [0xF83D1298]
SSDT F8B8C2A4 ZwReplaceKey
SSDT F8B8C29F ZwRestoreKey
SSDT F8B8C290 ZwSetValueKey

---- Kernel code sections - GMER 1.0.15 ----

? C:\WINDOWS\system32\drivers\sptd.sys Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
.text USBPORT.SYS!DllUnload F498A8AC 5 Bytes JMP 82D371C8

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F83CBAD4] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F83CBC1A] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F83CBB9C] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F83CC748] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F83CC61E] sptd.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F83E129A] sptd.sys

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 82FD91E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{E7505E47-8509-4140-BAAE-A8704B669F6C} 823FD1E8

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \Driver\usbuhci \Device\USBPDO-0 82D61790
Device \Driver\dmio \Device\DmControl\DmIoDaemon 82F6C1E8
Device \Driver\dmio \Device\DmControl\DmConfig 82F6C1E8
Device \Driver\dmio \Device\DmControl\DmPnP 82F6C1E8
Device \Driver\dmio \Device\DmControl\DmInfo 82F6C1E8
Device \Driver\usbuhci \Device\USBPDO-1 82D61790
Device \Driver\usbehci \Device\USBPDO-2 82D32790
Device \Driver\usbuhci \Device\USBPDO-3 82D61790
Device \Driver\usbuhci \Device\USBPDO-4 82D61790
Device \Driver\Ftdisk \Device\HarddiskVolume1 82FDB1E8
Device \Driver\Cdrom \Device\CdRom0 82E281E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F8300B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort0 [F8300B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 [F8300B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort2 [F8300B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [F8300B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\NetBT \Device\NetBt_Wins_Export 823FD1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{3BEA5F1D-F03A-4B54-AAEE-CA86F34A1CA6} 823FD1E8
Device \Driver\NetBT \Device\NetbiosSmb 823FD1E8
Device \Driver\usbuhci \Device\USBFDO-0 82D61790
Device \Driver\usbuhci \Device\USBFDO-1 82D61790
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8229F1E8
Device \Driver\usbuhci \Device\USBFDO-2 82D61790
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8229F1E8
Device \Driver\usbuhci \Device\USBFDO-3 82D61790
Device \Driver\usbehci \Device\USBFDO-4 82D32790
Device \Driver\Ftdisk \Device\FtControl 82FDB1E8
Device \FileSystem\Cdfs \Cdfs 8222D1E8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\0009dd106a1b (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\0009dd106a1b@0012ee713bb8 0x56 0xFC 0x5A 0xDE ...
Reg HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\0009dd106a1b@001247645f93 0x4B 0x6B 0xAE 0x22 ...
Reg HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\0009dd106a1b@001262d463ae 0x34 0x6F 0x12 0x92 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x03 0xB6 0x41 0xBC ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0009dd106a1b
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0009dd106a1b@0012ee713bb8 0x56 0xFC 0x5A 0xDE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0009dd106a1b@0025474b248d 0x4D 0x54 0xE4 0x2E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0009dd106a1b@001de9644c7e 0x54 0x82 0xB3 0xBE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x03 0xB6 0x41 0xBC ...
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\0009dd106a1b (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\0009dd106a1b@0012ee713bb8 0x56 0xFC 0x5A 0xDE ...
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\0009dd106a1b@0025474b248d 0x4D 0x54 0xE4 0x2E ...
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\0009dd106a1b@001de9644c7e 0x54 0x82 0xB3 0xBE ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x03 0xB6 0x41 0xBC ...

---- EOF - GMER 1.0.15 ----

kasperhauser · 05.07.2010

so jetzt habe ich alle logfiles drinnen, ist doch ein wenig mehr geworden.
ich danke euch schon mal für die mühen und die hilfe :1

die startmelodie stotter und...

kasperhauser

balsam60

PCDpan_fee

kasperhauser

kasperhauser

PCDpan_fee

schrauber

kasperhauser

eos

kasperhauser

PCDpan_fee

kasperhauser

kasperhauser

kasperhauser

kasperhauser

kasperhauser

kasperhauser

kasperhauser

kasperhauser

kasperhauser

die startmelodie stotter und...

ANGEBOTE & SPONSOREN

Neueste Themen

Statistik des Forums