OSAM :
OSAM Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
Report of OSAM : Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 22:36:20 on 11.02.2011
OS: Windows XP Home Edition Service Pack 3 (Build 2600)
Default Browser: Microsoft Corporation Internet Explorer 8.00.6001.18702
Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures
Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries
[Boot Execute]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager )-----
"BootExecute" - "O&O Software GmbH" - C:\WINDOWS\system32\OODBS.exe
[Common]
-----( %SystemRoot%\Tasks )-----
"FRU Task #Hewlett-Packard#hp psc 1200 series#1156859866.job" - ? - C:\Programme\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Symantec NetDetect.job" - "Symantec Corporation" - C:\Programme\Symantec\LiveUpdate\NDETECT.EXE
[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"NeroBurnRights.cpl" - "Ahead Software AG" - C:\WINDOWS\system32\NeroBurnRights.cpl
"wuaucpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\wuaucpl.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Avira AntiVir Personal" - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl
"QuickTime" - "Apple Computer, Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl
"SYMLIVE" - "Symantec Corporation" - C:\Programme\Symantec\LiveUpdate\S32LUCP1.CPL
[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"ACEDRV07" (ACEDRV07) - "Protect Software GmbH" - C:\WINDOWS\system32\drivers\ACEDRV07.sys
"AFS2k" (AFS2K) - "Oak Technology Inc." - C:\WINDOWS\system32\drivers\AFS2K.sys
"avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\Cofi\catchme.sys (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found)
"GEARAspiWDM" (GEARAspiWDM) - "GEAR Software Inc." - C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found)
"InterCheck Control" (InterCheck Control) - "Sophos Plc" - C:\Programme\Sophos SWEEP for NT\icntdrv5.sys
"InterCheck Filter" (InterCheck Filter) - "Sophos Plc" - C:\Programme\Sophos SWEEP for NT\icntflt5.sys
"InterCheck Support 01" (InterCheck Support 01) - "Sophos Plc" - C:\Programme\Sophos SWEEP for NT\icntst01.sys
"InterCheck Support 02" (InterCheck Support 02) - "Sophos Plc" - C:\Programme\Sophos SWEEP for NT\icntst02.sys
"InterCheck Support 03" (InterCheck Support 03) - "Sophos Plc" - C:\Programme\Sophos SWEEP for NT\icntst03.sys
"InterCheck Support 04" (InterCheck Support 04) - "Sophos Plc" - C:\Programme\Sophos SWEEP for NT\icntst04.sys
"InterCheck Support 05" (InterCheck Support 05) - "Sophos Plc" - C:\Programme\Sophos SWEEP for NT\icntst05.sys
"InterCheck Support 06" (InterCheck Support 06) - "Sophos Plc" - C:\Programme\Sophos SWEEP for NT\icntst06.sys
"InterCheck Support 07" (InterCheck Support 07) - "Sophos Plc" - C:\Programme\Sophos SWEEP for NT\icntst07.sys
"InterCheck Support 08" (InterCheck Support 08) - "Sophos Plc" - C:\Programme\Sophos SWEEP for NT\icntst08.sys
"InterCheck Support 09" (InterCheck Support 09) - "Sophos Plc" - C:\Programme\Sophos SWEEP for NT\icntst09.sys
"InterCheck Support 10" (InterCheck Support 10) - "Sophos Plc" - C:\Programme\Sophos SWEEP for NT\icntst10.sys
"InterCheck Support 11" (InterCheck Support 11) - "Sophos Plc" - C:\Programme\Sophos SWEEP for NT\icntst11.sys
"InterCheck Support 12" (InterCheck Support 12) - "Sophos Plc" - C:\Programme\Sophos SWEEP for NT\icntst12.sys
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found)
"NSNDIS5 NDIS Protocol Driver" (NSNDIS5) - ? - C:\WINDOWS\system32\NSNDIS5.SYS (File not found)
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"TAP VPN Adapter" (tapvpn) - "The OpenVPN Project" - C:\WINDOWS\System32\DRIVERS\tapvpn.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found)
[Explorer]
-----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{BDEADF00-C265-11d0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{5F327514-6C5E-4d60-8F16-D07FA08A78ED} "Auto Update Property Sheet Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\wuaucpl.cpl
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found)
{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - c:\WINDOWS\system32\mscoree.dll
{73B24247-042E-4EF5-ADC2-42F62E6FD654} "ICQ Lite Shell Extension" - ? - (File not found | COM-object registry key not found)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Computer, Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found)
{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} "Microsoft Browser Architecture" - ? - (File not found | COM-object registry key not found)
{59850401-6664-101B-B21C-00AA004BA90B} "Microsoft Office Binder Unbind" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office\1031\UNBIND.DLL
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll
{7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll
{48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} "OODShellExtObj Class" - "O&O Software GmbH" - C:\PROGRA~1\OOSOFT~1\Defrag\oodsh.dll
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office\OLKFSTUB.DLL
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - C:\Program Files\Real\RealPlayer\rpshell.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll (File found, but it contains no detailed information)
{E0D79304-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing LP" - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
{E0D79305-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing LP" - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
{E0D79306-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing LP" - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
{E0D79307-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing LP" - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{F81D52BF-F2F1-4F49-BF5F-05664E803039} "Flash" - "UnH Solutions" - C:\Programme\UnH Solutions\Flash Saving Plugin\FlashSButton.dll
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "EPSON Web-To-Page" - "SEIKO EPSON CORPORATION" - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found)
<binary data> "{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" - ? - (File not found | COM-object registry key not found)
<binary data> "{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}" - ? - (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----
{472734EA-242A-422b-ADF8-83D1E48CC825} "{472734EA-242A-422b-ADF8-83D1E48CC825}" - ? - (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} "DivXBrowserPlugin Object" - "DivX,Inc." - C:\Programme\DivX\DivX Web Player\npdivx32.dll / hxxp://go.divx.com/plugin/DivXBrowserPlugin.cab
{0CCA191D-13A6-4E29-B746-314DEE697D83} "Facebook Photo Uploader 5 Control" - "The Facebook" - C:\WINDOWS\Downloaded Program Files\PhotoUploader5.ocx / hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
{8100D56A-5661-482C-BEE8-AFECE305D968} "Facebook Photo Uploader 5 Control" - "The Facebook" - C:\WINDOWS\Downloaded Program Files\PhotoUploader55.ocx / hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
{AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4} "IPSUploader4 Control" - "IP Labs GmbH - Germany" - C:\WINDOWS\Downloaded Program Files\IPSUploader.ocx / hxxp://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_23" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_23.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} "Java Plug-in 1.6.0_23" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_23.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_23" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_23.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} "MSN Photo Upload Tool" - "Microsoft® Corporation" - C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll / hxxp://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} "QuickTime Object" - "Apple Computer, Inc." - C:\Programme\QuickTime\QTPlugin.ocx / hxxp://www.apple.com/qtactivex/qtplugin.cab
{166B1BCA-3F9C-11CF-8075-444553540000} "Shockwave ActiveX Control" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Adobe\Director\SwDir.dll / hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
{3D3B42C2-11BF-4732-A304-A01384B70D68} "UploadListView Class" - "Google, Inc." - C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UploaderX.dll / hxxp://picasaweb.google.ca/s/v/56.20/uploader2.cab
{474F00F5-3853-492C-AC3A-476512BBC336} "UploadListView Class" - ? - C:\WINDOWS\Downloaded Program Files\UploaderX.dll / hxxp://picasaweb.google.com/s/v/48.11/uploader2.cab
{32C3FEAE-0877-4767-8C20-62A5829A0945} "{32C3FEAE-0877-4767-8C20-62A5829A0945}" - ? - (File not found | COM-object registry key not found) / hxxp://static.ak.facebook.com/fbplugin/win32/axfbootloader.cab
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? - (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} "{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}" - ? - (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? - (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"ICQ6" - "ICQ, LLC." - C:\Programme\ICQ6.5\ICQ.exe
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "EPSON Web-To-Page" - "SEIKO EPSON CORPORATION" - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} "EpsonToolBandKicker Class" - "SEIKO EPSON CORPORATION" - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
{D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} "GMX Browser Configuration by mquadr.at" - "mquadr.at softwareengineering und consulting gmbh" - C:\WINDOWS\system32\ieconfig_1und1.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"swg" - "Google Inc." - "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"ATIPTA" - "ATI Technologies, Inc." - C:\ATI-CPanel\atiptaxx.exe
"avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"EPSON Stylus C66 Series" - "SEIKO EPSON CORPORATION" - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE /P23 "EPSON Stylus C66 Series" /O6 "USB001" /M "Stylus C66"
"NeroFilterCheck" - "Ahead Software Gmbh" - C:\WINDOWS\system32\NeroCheck.exe
"OODefragTray" - "O&O Software GmbH" - C:\Programme\OO Software\Defrag\oodtray.exe
"PDFPrint" - "Geek Software GmbH" - C:\Programme\PDF24\pdf24.exe
"QuickTime Task" - "Apple Computer, Inc." - "C:\Programme\QuickTime\qttask.exe" -atboottime
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
"TkBellExe" - "RealNetworks, Inc." - "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
"WinampAgent" - "Nullsoft, Inc." - C:\Programme\Winamp\winampa.exe
[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"PrimoMon" - ? - C:\WINDOWS\system32\Primomonnt.dll (File found, but it contains no detailed information)
[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll (File not found)
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - ? - C:\MAGIX\Common\Database\bin\fbserver.exe (File not found)
"getPlus(R) Helper" (getPlusHelper) - ? - C:\Programme\NOS\bin\getPlus_Helper.dll (File not found)
"Google Software Updater" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
"iPodService" (iPodService) - "Apple Computer, Inc." - C:\Programme\iPod\bin\iPodService.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"O&O Defrag" (OODefragAgent) - "O&O Software GmbH" - C:\Programme\OO Software\Defrag\oodag.exe
"Process Monitor" (LVPrcSrv) - "Logitech Inc." - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
"Sophos Anti-Virus" (SWEEPSRV.SYS) - "Sophos Plc" - C:\Programme\Sophos SWEEP for NT\SWEEPSRV.SYS
"Sophos Anti-Virus Network" (SweepNet) - "Sophos Plc" - C:\Programme\Sophos SWEEP for NT\SWNETSUP.EXE
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )-----
{c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll (File not found)
===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---
MBRCheck:
HTML-Code:
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000000c
Kernel Drivers (total 125):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806EF000 \WINDOWS\system32\hal.dll
0xF79AE000 \WINDOWS\system32\KDCOM.DLL
0xF78BE000 \WINDOWS\system32\BOOTVID.dll
0xF74AE000 irpsr.sys
0xF745E000 ACPI.sys
0xF79B0000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF744D000 pci.sys
0xF74BE000 isapnp.sys
0xF74CE000 ohci1394.sys
0xF74DE000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xF78C2000 compbatt.sys
0xF78C6000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xF7A76000 pciide.sys
0xF772E000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF742F000 pcmcia.sys
0xF74EE000 MountMgr.sys
0xF7410000 ftdisk.sys
0xF78CA000 ACPIEC.sys
0xF7A77000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
0xF7736000 PartMgr.sys
0xF74FE000 VolSnap.sys
0xF73F8000 atapi.sys
0xF735E000 tffsport.sys
0xF7346000 \WINDOWS\system32\drivers\SCSIPORT.SYS
0xF751E000 disk.sys
0xF752E000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF7326000 fltmgr.sys
0xF7314000 sr.sys
0xF753E000 PxHelp20.sys
0xF72FD000 KSecDD.sys
0xF72EA000 WudfPf.sys
0xF725D000 Ntfs.sys
0xF7230000 NDIS.sys
0xF7216000 Mup.sys
0xF754E000 agp440.sys
0xF750E000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF6D48000 \SystemRoot\system32\DRIVERS\ati2mtag.sys
0xF6D34000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF77BE000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF6D10000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF77C6000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF757E000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xF6CFE000 \SystemRoot\system32\DRIVERS\Rtlnicxp.sys
0xF6CCF000 \SystemRoot\system32\drivers\o2mmb.sys
0xF6AB1000 \SystemRoot\system32\DRIVERS\w29n51.sys
0xF758E000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF77CE000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF6A84000 \SystemRoot\system32\DRIVERS\SynTP.sys
0xF79CE000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF77D6000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF759E000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF75AE000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF75BE000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF6A61000 \SystemRoot\system32\DRIVERS\ks.sys
0xF6A3A000 \SystemRoot\system32\drivers\vinyl97.sys
0xF6A16000 \SystemRoot\system32\drivers\portcls.sys
0xF75CE000 \SystemRoot\system32\drivers\drmk.sys
0xF7992000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xF7AAE000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF75DE000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7996000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF69D7000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF75EE000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF75FE000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF77DE000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF69C6000 \SystemRoot\system32\DRIVERS\psched.sys
0xF760E000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF77E6000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF77EE000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF761E000 \SystemRoot\system32\DRIVERS\tapvpn.sys
0xF762E000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF79D0000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF6968000 \SystemRoot\system32\DRIVERS\update.sys
0xF79A6000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF763E000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF6E8A000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF6E7A000 \SystemRoot\System32\Drivers\AFS2K.SYS
0xF79D2000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7B03000 \SystemRoot\System32\Drivers\Null.SYS
0xF79D4000 \SystemRoot\System32\Drivers\Beep.SYS
0xF780E000 \SystemRoot\System32\drivers\vga.sys
0xF79D6000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF79D8000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF7816000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF781E000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF71D6000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xAA7CD000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xAA774000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xAA74C000 \SystemRoot\system32\DRIVERS\netbt.sys
0xAA72A000 \SystemRoot\System32\drivers\afd.sys
0xF6E6A000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF7826000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xAA65F000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xAA5EF000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF6E5A000 \SystemRoot\System32\Drivers\Fips.SYS
0xAA5C9000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF6E4A000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF6E3A000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xAA5A3000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xF79DC000 \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys
0xF765E000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xAA563000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF79E6000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF6A06000 \SystemRoot\System32\drivers\Dxapi.sys
0xF7856000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7B17000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\ati2dvag.dll
0xBF049000 \SystemRoot\System32\ati2cqag.dll
0xBF081000 \SystemRoot\System32\ati3duag.dll
0xBF290000 \SystemRoot\System32\ativvaxx.dll
0xBF30F000 \SystemRoot\System32\ATMFD.DLL
0xAA436000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xAA3AC000 \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys
0xAA388000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xAA127000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xAA04A000 \SystemRoot\system32\drivers\wdmaud.sys
0xAA234000 \SystemRoot\system32\drivers\sysaudio.sys
0xA9C2C000 \SystemRoot\system32\DRIVERS\srv.sys
0xF779E000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
0xA964B000 \SystemRoot\System32\Drivers\HTTP.sys
0xA92AD000 \SystemRoot\system32\drivers\kmixer.sys
0x7C910000 \WINDOWS\system32\ntdll.dll
Processes (total 42):
0 System Idle Process
4 System
776 C:\WINDOWS\system32\smss.exe
856 csrss.exe
884 C:\WINDOWS\system32\winlogon.exe
928 C:\WINDOWS\system32\services.exe
940 C:\WINDOWS\system32\lsass.exe
1104 C:\WINDOWS\system32\ati2evxx.exe
1120 C:\WINDOWS\system32\svchost.exe
1188 svchost.exe
1284 C:\WINDOWS\system32\svchost.exe
1320 C:\WINDOWS\system32\svchost.exe
1456 svchost.exe
1516 svchost.exe
1788 C:\WINDOWS\system32\spoolsv.exe
1836 C:\Programme\Avira\AntiVir Desktop\sched.exe
1904 svchost.exe
428 C:\WINDOWS\system32\ati2evxx.exe
524 C:\WINDOWS\explorer.exe
696 C:\Programme\Synaptics\SynTP\SynTPLpr.exe
708 C:\Programme\Synaptics\SynTP\SynTPEnh.exe
816 C:\ATI-CPanel\atiptaxx.exe
852 C:\WINDOWS\system32\spool\drivers\w32x86\3\E_S4I0S2.EXE
864 C:\Programme\Avira\AntiVir Desktop\avgnt.exe
1248 C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
1268 C:\Programme\Avira\AntiVir Desktop\avguard.exe
1472 C:\Programme\Java\jre6\bin\jqs.exe
1544 C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
1588 C:\Programme\Avira\AntiVir Desktop\avshadow.exe
1716 C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
1908 C:\Programme\PDF24\pdf24.exe
1052 C:\Programme\Winamp\winampa.exe
984 C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
136 C:\Programme\OO Software\Defrag\oodag.exe
620 C:\WINDOWS\system32\svchost.exe
804 C:\Programme\Sophos SWEEP for NT\SWNETSUP.EXE
3428 alg.exe
3412 C:\Programme\Internet Explorer\iexplore.exe
3860 C:\WINDOWS\system32\ctfmon.exe
3932 C:\Programme\Internet Explorer\iexplore.exe
2212 C:\Programme\Internet Explorer\iexplore.exe
144 C:\Dokumente und Einstellungen\***\Eigene Dateien\Codecs\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
PhysicalDrive0 Model Number: SAMSUNGMP0804H, Rev: UE100-14
Size Device Name MBR Status
--------------------------------------------
74 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: ADFE55CD0C6ED2E00B22375835E4C2736CE9AD11
Done! 
11.02.2011, 22:44
Hybrid-Darstellung
