ok. hier das neue osam-log

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 16:11:37 on 07.04.2011
OS: Windows XP Home Edition Service Pack 3 (Build 2600)
Default Browser: Mozilla Corporation Firefox 3.6.16

Scanner Settings
Rootkits detection (hidden registry)
Rootkits detection (hidden files)
Retrieve files information
Check Microsoft signatures

Filters
Trusted entries
Empty entries
Hidden registry entries (rootkit activity)
Exclusively opened files
Not found files
Files without detailed information
Existing files
Non-startable services
Non-startable drivers
Active entries
Disabled entries

Risk Name Publisher Full Path Status
Control Panel Objects
%SystemRoot%\system32
|||||| "bdeadmin.cpl" C:\WINDOWS\system32\bdeadmin.cpl File exists
|||||| "BrnStiCp.cpl" "Brother Industries,Ltd." C:\WINDOWS\system32\BrnStiCp.cpl File exists
|||||| "DivXControlPanelApplet.cpl" "DivX, Inc." C:\WINDOWS\system32\DivXControlPanelApplet.cpl File exists
|||||| "infocardcpl.cpl" "Microsoft Corporation" C:\WINDOWS\system32\infocardcpl.cpl File exists
|||||| "javacpl.cpl" "Sun Microsystems, Inc." C:\WINDOWS\system32\javacpl.cpl File exists
|||||| "nvcpl.cpl" "NVIDIA Corporation" C:\WINDOWS\system32\nvcpl.cpl File exists
|||||| "nvtuicpl.cpl" "NVIDIA Corporation" C:\WINDOWS\system32\nvtuicpl.cpl File exists
|||||| "PhysX.cpl" C:\WINDOWS\system32\PhysX.cpl File exists
"SERVICE.CPL" "Davilex Software bv" C:\WINDOWS\system32\SERVICE.CPL File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls
|||||| "Avira AntiVir Personal" "Avira GmbH" C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl File exists
|||||| "Avira AntiVir Personal - Free Antivirus " "Avira GmbH" C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl File exists
Drivers
HKLM\SYSTEM\CurrentControlSet\Services
|||||| "atksgt" (atksgt) C:\WINDOWS\System32\DRIVERS\atksgt.sys File found, but it contains no detailed information
|||||| "avgio" (avgio) "Avira GmbH" C:\Programme\Avira\AntiVir Desktop\avgio.sys File exists
|||||| "avgntflt" (avgntflt) "Avira GmbH" C:\WINDOWS\System32\DRIVERS\avgntflt.sys File exists
|||||| "avipbb" (avipbb) "Avira GmbH" C:\WINDOWS\System32\DRIVERS\avipbb.sys File exists
|||||| "Bluetooth Audio Device (WDM) from TOSHIBA" (TosRfSnd) "TOSHIBA Corporation" C:\WINDOWS\System32\drivers\TosRfSnd.sys File exists
|||||| "Bluetooth Personal Area Network from TOSHIBA" (tosrfnds) "TOSHIBA Corporation." C:\WINDOWS\System32\DRIVERS\tosrfnds.sys File exists
|||||| "Bluetooth Port Driver from Toshiba" (tosporte) "TOSHIBA Corporation" C:\WINDOWS\System32\DRIVERS\tosporte.sys File exists
|||||| "Bluetooth RFBNEP from TOSHIBA" (Tosrfbnp) "TOSHIBA Corporation" C:\WINDOWS\System32\Drivers\tosrfbnp.sys File exists
|||||| "Bluetooth RFBUS from TOSHIBA" (Tosrfbd) "TOSHIBA CORPORATION" C:\WINDOWS\System32\Drivers\tosrfbd.sys File exists
|||||| "Bluetooth RFCOMM from TOSHIBA" (Tosrfcom) "TOSHIBA Corporation" C:\WINDOWS\System32\Drivers\tosrfcom.sys File exists
|||||| "Bluetooth RFHID from TOSHIBA" (Tosrfhid) "TOSHIBA Corporation." C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys File exists
|||||| "Bluetooth USB Controller" (Tosrfusb) "TOSHIBA CORPORATION" C:\WINDOWS\System32\Drivers\tosrfusb.sys File exists
|||||| "Brother USB Still Image driver" (BrScnUsb) "Brother Industries Ltd." C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys File exists
"catchme" (catchme) C:\DOKUME~1\Ich\LOKALE~1\Temp\catchme.sys File not found
|||||| "Cdr4_xp" (Cdr4_xp) "Sonic Solutions" C:\WINDOWS\system32\drivers\Cdr4_xp.sys File exists
|||||| "Cdralw2k" (Cdralw2k) "Sonic Solutions" C:\WINDOWS\system32\drivers\Cdralw2k.sys File exists
"Changer" (Changer) C:\WINDOWS\system32\drivers\Changer.sys File not found
|||||| "d347bus" (d347bus) " " C:\WINDOWS\System32\DRIVERS\d347bus.sys File exists
|||||| "d347prt" (d347prt) " " C:\WINDOWS\System32\Drivers\d347prt.sys File exists
|||||| "DAEMON Tools Virtual Bus Driver" (dtsoftbus01) "DT Soft Ltd" C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys File exists
"dump_wmimmc" (dump_wmimmc) C:\Games\gunz\GameGuard\dump_wmimmc.sys File not found
|||||| "FsUsbExDisk" (FsUsbExDisk) C:\WINDOWS\system32\FsUsbExDisk.SYS File found, but it contains no detailed information
|||||| "giveio" (giveio) C:\WINDOWS\System32\giveio.sys File found, but it contains no detailed information
|||||| "Hamachi Network Interface" (hamachi) "LogMeIn, Inc." C:\WINDOWS\System32\DRIVERS\hamachi.sys File exists
"i2omgmt" (i2omgmt) C:\WINDOWS\system32\drivers\i2omgmt.sys File not found
"lbrtfdc" (lbrtfdc) C:\WINDOWS\system32\drivers\lbrtfdc.sys File not found
|||||| "lirsgt" (lirsgt) C:\WINDOWS\System32\DRIVERS\lirsgt.sys File found, but it contains no detailed information
|||||| "MS1000" (MS1000) C:\WINDOWS\System32\DRIVERS\MS1000.sys File found, but it contains no detailed information
|||||| "NPPTNT2" (NPPTNT2) "INCA Internet Co., Ltd." C:\WINDOWS\system32\npptNT2.sys File exists
"PCIDump" (PCIDump) C:\WINDOWS\system32\drivers\PCIDump.sys File not found
"PDCOMP" (PDCOMP) C:\WINDOWS\system32\drivers\PDCOMP.sys File not found
"PDFRAME" (PDFRAME) C:\WINDOWS\system32\drivers\PDFRAME.sys File not found
"PDRELI" (PDRELI) C:\WINDOWS\system32\drivers\PDRELI.sys File not found
"PDRFRAME" (PDRFRAME) C:\WINDOWS\system32\drivers\PDRFRAME.sys File not found
|||||| "PxHelp20" (PxHelp20) "Sonic Solutions" C:\WINDOWS\System32\Drivers\PxHelp20.sys File exists
|||||| "speedfan" (speedfan) "Windows (R) 2000 DDK provider" C:\WINDOWS\System32\speedfan.sys File exists
|||||| "ssmdrv" (ssmdrv) "Avira GmbH" C:\WINDOWS\System32\DRIVERS\ssmdrv.sys File exists
|||||| "StarForce Protection Environment Driver (version 1.x)" (sfdrv01) "Protection Technology" C:\WINDOWS\System32\drivers\sfdrv01.sys File exists
|||||| "StarForce Protection Environment Driver (version 1.x.a)" (sfdrv01a) "Protection Technology (StarForce)" C:\WINDOWS\System32\drivers\sfdrv01a.sys File exists
|||||| "StarForce Protection Helper Driver (version 2.x)" (sfhlp02) "Protection Technology (StarForce)" C:\WINDOWS\System32\drivers\sfhlp02.sys File exists
|||||| "StarForce Protection VFS Driver (version 2.x)" (sfvfs02) "Protection Technology" C:\WINDOWS\System32\drivers\sfvfs02.sys File exists
|||||| "SVKP" (SVKP) "AntiCracking" C:\WINDOWS\System32\SVKP.sys File exists
|||||| "TOSHIBA Bluetooth HID port driver" (toshidpt) "TOSHIBA Corporation." C:\WINDOWS\System32\drivers\Toshidpt.sys File exists
"WDICA" (WDICA) C:\WINDOWS\system32\drivers\WDICA.sys File not found
"EagleXNt" (EagleXNt) C:\WINDOWS\system32\drivers\EagleXNt.sys File not found
"gUSBSTOi" (gUSBSTOi) C:\DOKUME~1\Ich\LOKALE~1\Temp\gUSBSTOi.sys File not found
"XDva384" (XDva384) C:\WINDOWS\system32\XDva384.sys File not found
"XDva385" (XDva385) C:\WINDOWS\system32\XDva385.sys File not found
Explorer
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
|||||| {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" "Microsoft Corporation" c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install File exists
HKLM\Software\Classes\Folder\shellex\ColumnHandlers
|||||| {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" "Adobe Systems, Inc." C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll File exists
HKLM\Software\Classes\Protocols\Filter
|||||| {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" "Microsoft Corporation" C:\WINDOWS\system32\mscoree.dll File exists
|||||| {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" "Microsoft Corporation" C:\WINDOWS\system32\mscoree.dll File exists
|||||| {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" "Microsoft Corporation" C:\WINDOWS\system32\mscoree.dll File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" deskpan.dll File not found
|||||| {1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" "NVIDIA Corporation" C:\WINDOWS\System32\nvshell.dll File exists
|||||| {1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" "NVIDIA Corporation" C:\WINDOWS\System32\nvshell.dll File exists
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" File not found | COM-object registry key not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" File not found | COM-object registry key not found
{32683183-48a0-441b-a342-7c2a440a9478} "Media Band" File not found | COM-object registry key not found
|||||| {78237F62-8EC8-438C-83B0-1DECB4303076} "My Private Folder" "Microsoft Corporation" C:\Programme\Microsoft Private Folder 1.0\ShellExt.dll File exists
|||||| {B0FAF2DA-13EA-41CA-A62F-850DC01D1C01} "My Private Folder" "Microsoft Corporation" C:\Programme\Microsoft Private Folder 1.0\ShellExt.dll File exists
|||||| {1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" "NVIDIA Corporation" C:\WINDOWS\System32\nvshell.dll File exists
|||||| {3B153CB3-A551-4fe6-A68B-F5C96650FF39} "Private Folder" "Microsoft Corporation" C:\Programme\Microsoft Private Folder 1.0\ShellExt.dll File exists
|||||| {A02DEEEB-DD87-4a4f-8F2E-B633A59BA18A} "Private Folder" "Microsoft Corporation" C:\Programme\Microsoft Private Folder 1.0\ShellExt.dll File exists
|||||| {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" "Avira GmbH" C:\Programme\Avira\AntiVir Desktop\shlext.dll File exists
|||||| {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" "Microsoft Corporation" c:\WINDOWS\system32\dfshim.dll File exists
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" File not found | COM-object registry key not found
|||||| {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" "Microsoft Corporation" c:\WINDOWS\system32\dfshim.dll File exists
|||||| {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" C:\Programme\WinRAR\rarext.dll File exists
Internet Explorer
HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars
{32683183-48a0-441b-a342-7c2a440a9478} "{32683183-48a0-441b-a342-7c2a440a9478}" File not found | COM-object registry key not found
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
ITBar7Height "ITBar7Height" File not found | COM-object registry key not found
"ITBar7Layout" File not found | COM-object registry key not found
"ITBarLayout" File not found | COM-object registry key not found
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units
|||| {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\npjpi160_24.dll File exists
|||| {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\npjpi160_24.dll File exists
|||| {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\npjpi160_24.dll File exists
|||||| {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object"
hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab "Adobe Systems, Inc." C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx File exists
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
|||||| {53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" "Safer Networking Limited" C:\PROGRA~1\SPYBOT~1\SDHelper.dll File exists
|||| "ICQ7.2" "ICQ, LLC." C:\Programme\ICQ7.2\ICQ.exe File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
|||||| {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" "Adobe Systems Incorporated" C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll File exists
|||| {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\jp2ssv.dll File exists
|||| {E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" "Sun Microsystems, Inc." C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File exists
|||||| {53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" "Safer Networking Limited" C:\PROGRA~1\SPYBOT~1\SDHelper.dll File exists
Logon
%AllUsersProfile%\Startmenü\Programme\Autostart
|||||| "desktop.ini" C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini File exists
|| "Printkey2000.lnk" "Fred's Software" C:\Programme\PrintKey2000\Printkey2000.exe Shortcut exists | File exists
%UserProfile%\Startmenü\Programme\Autostart
|||||| "desktop.ini" C:\Dokumente und Einstellungen\Ich\Startmenü\Programme\Autostart\desktop.ini File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
|||| "Adobe Reader Speed Launcher" "Adobe Systems Incorporated" "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" File exists
|||||| "avgnt" "Avira GmbH" "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min File exists
Print Monitors
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
|||||| "Canon BJ Language Monitor PIXMA iP1500" "CANON INC." C:\WINDOWS\system32\CNMLM5y.DLL File exists
Services
HKLM\SYSTEM\CurrentControlSet\Services
|||||| ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) "Microsoft Corporation" C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe File exists
"Anwendungsverwaltung" (AppMgmt) C:\WINDOWS\System32\appmgmts.dll File not found
|||||| "ASP.NET-Zustandsdienst" (aspnet_state) "Microsoft Corporation" C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe File exists
|||||| "Avira AntiVir Guard" (AntiVirService) "Avira GmbH" C:\Programme\Avira\AntiVir Desktop\avguard.exe File exists
|||||| "Avira AntiVir Planer" (AntiVirSchedulerService) "Avira GmbH" C:\Programme\Avira\AntiVir Desktop\sched.exe File exists
|| "ICQ Service" (ICQ Service) C:\Programme\ICQ6Toolbar\ICQ Service.exe File exists
|||| "InstallDriver Table Manager" (IDriverT) "Macrovision Corporation" C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe File exists
|||||| "Java Quick Starter" (JavaQuickStarterService) "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\jqs.exe File exists
"nProtect GameGuard Service" (npggsvc) "INCA Internet Co., Ltd." C:\WINDOWS\system32\GameMon.des File exists
|||||| "Private Folder Service" (prfldsvc) C:\Programme\Microsoft Private Folder 1.0\PrfldSvc.exe File found, but it contains no detailed information
|||||| "Windows CardSpace" (idsvc) "Microsoft Corporation" c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe File exists
|||||| "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) "Microsoft Corporation" c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe File exists
Winlogon
HKCU\Control Panel\IOProcs
"MVB" mvfs32.dll File not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions
{c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" appmgmts.dll File not found

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

Zitat:

"EagleXNt" (EagleXNt) C:\WINDOWS\system32\drivers\EagleXNt.sys File not found
"gUSBSTOi" (gUSBSTOi) C:\DOKUME~1\Ich\LOKALE~1\Temp\gUSBSTOi.sys File not found
"XDva384" (XDva384) C:\WINDOWS\system32\XDva384.sys File not found
"XDva385" (XDva385) C:\WINDOWS\system32\XDva385.sys File not found

Die sind da immer noch!

oh sorry ^^


Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 17:11:11 on 07.04.2011
OS: Windows XP Home Edition Service Pack 3 (Build 2600)
Default Browser: Mozilla Corporation Firefox 3.6.16

Scanner Settings
Rootkits detection (hidden registry)
Rootkits detection (hidden files)
Retrieve files information
Check Microsoft signatures

Filters
Trusted entries
Empty entries
Hidden registry entries (rootkit activity)
Exclusively opened files
Not found files
Files without detailed information
Existing files
Non-startable services
Non-startable drivers
Active entries
Disabled entries

Risk Name Publisher Full Path Status
Control Panel Objects
%SystemRoot%\system32
|||||| "bdeadmin.cpl" C:\WINDOWS\system32\bdeadmin.cpl File exists
|||||| "BrnStiCp.cpl" "Brother Industries,Ltd." C:\WINDOWS\system32\BrnStiCp.cpl File exists
|||||| "DivXControlPanelApplet.cpl" "DivX, Inc." C:\WINDOWS\system32\DivXControlPanelApplet.cpl File exists
|||||| "infocardcpl.cpl" "Microsoft Corporation" C:\WINDOWS\system32\infocardcpl.cpl File exists
|||||| "javacpl.cpl" "Sun Microsystems, Inc." C:\WINDOWS\system32\javacpl.cpl File exists
|||||| "nvcpl.cpl" "NVIDIA Corporation" C:\WINDOWS\system32\nvcpl.cpl File exists
|||||| "nvtuicpl.cpl" "NVIDIA Corporation" C:\WINDOWS\system32\nvtuicpl.cpl File exists
|||||| "PhysX.cpl" C:\WINDOWS\system32\PhysX.cpl File exists
"SERVICE.CPL" "Davilex Software bv" C:\WINDOWS\system32\SERVICE.CPL File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls
|||||| "Avira AntiVir Personal" "Avira GmbH" C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl File exists
|||||| "Avira AntiVir Personal - Free Antivirus " "Avira GmbH" C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl File exists
Drivers
HKLM\SYSTEM\CurrentControlSet\Services
|||||| "atksgt" (atksgt) C:\WINDOWS\System32\DRIVERS\atksgt.sys File found, but it contains no detailed information
|||||| "avgio" (avgio) "Avira GmbH" C:\Programme\Avira\AntiVir Desktop\avgio.sys File exists
|||||| "avgntflt" (avgntflt) "Avira GmbH" C:\WINDOWS\System32\DRIVERS\avgntflt.sys File exists
|||||| "avipbb" (avipbb) "Avira GmbH" C:\WINDOWS\System32\DRIVERS\avipbb.sys File exists
|||||| "Bluetooth Audio Device (WDM) from TOSHIBA" (TosRfSnd) "TOSHIBA Corporation" C:\WINDOWS\System32\drivers\TosRfSnd.sys File exists
|||||| "Bluetooth Personal Area Network from TOSHIBA" (tosrfnds) "TOSHIBA Corporation." C:\WINDOWS\System32\DRIVERS\tosrfnds.sys File exists
|||||| "Bluetooth Port Driver from Toshiba" (tosporte) "TOSHIBA Corporation" C:\WINDOWS\System32\DRIVERS\tosporte.sys File exists
|||||| "Bluetooth RFBNEP from TOSHIBA" (Tosrfbnp) "TOSHIBA Corporation" C:\WINDOWS\System32\Drivers\tosrfbnp.sys File exists
|||||| "Bluetooth RFBUS from TOSHIBA" (Tosrfbd) "TOSHIBA CORPORATION" C:\WINDOWS\System32\Drivers\tosrfbd.sys File exists
|||||| "Bluetooth RFCOMM from TOSHIBA" (Tosrfcom) "TOSHIBA Corporation" C:\WINDOWS\System32\Drivers\tosrfcom.sys File exists
|||||| "Bluetooth RFHID from TOSHIBA" (Tosrfhid) "TOSHIBA Corporation." C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys File exists
|||||| "Bluetooth USB Controller" (Tosrfusb) "TOSHIBA CORPORATION" C:\WINDOWS\System32\Drivers\tosrfusb.sys File exists
|||||| "Brother USB Still Image driver" (BrScnUsb) "Brother Industries Ltd." C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys File exists
"catchme" (catchme) C:\DOKUME~1\Ich\LOKALE~1\Temp\catchme.sys File not found
|||||| "Cdr4_xp" (Cdr4_xp) "Sonic Solutions" C:\WINDOWS\system32\drivers\Cdr4_xp.sys File exists
|||||| "Cdralw2k" (Cdralw2k) "Sonic Solutions" C:\WINDOWS\system32\drivers\Cdralw2k.sys File exists
"Changer" (Changer) C:\WINDOWS\system32\drivers\Changer.sys File not found
|||||| "d347bus" (d347bus) " " C:\WINDOWS\System32\DRIVERS\d347bus.sys File exists
|||||| "d347prt" (d347prt) " " C:\WINDOWS\System32\Drivers\d347prt.sys File exists
|||||| "DAEMON Tools Virtual Bus Driver" (dtsoftbus01) "DT Soft Ltd" C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys File exists
"dump_wmimmc" (dump_wmimmc) C:\Games\gunz\GameGuard\dump_wmimmc.sys File not found
|||||| "FsUsbExDisk" (FsUsbExDisk) C:\WINDOWS\system32\FsUsbExDisk.SYS File found, but it contains no detailed information
|||||| "giveio" (giveio) C:\WINDOWS\System32\giveio.sys File found, but it contains no detailed information
|||||| "Hamachi Network Interface" (hamachi) "LogMeIn, Inc." C:\WINDOWS\System32\DRIVERS\hamachi.sys File exists
"i2omgmt" (i2omgmt) C:\WINDOWS\system32\drivers\i2omgmt.sys File not found
"lbrtfdc" (lbrtfdc) C:\WINDOWS\system32\drivers\lbrtfdc.sys File not found
|||||| "lirsgt" (lirsgt) C:\WINDOWS\System32\DRIVERS\lirsgt.sys File found, but it contains no detailed information
|||||| "MS1000" (MS1000) C:\WINDOWS\System32\DRIVERS\MS1000.sys File found, but it contains no detailed information
|||||| "NPPTNT2" (NPPTNT2) "INCA Internet Co., Ltd." C:\WINDOWS\system32\npptNT2.sys File exists
"PCIDump" (PCIDump) C:\WINDOWS\system32\drivers\PCIDump.sys File not found
"PDCOMP" (PDCOMP) C:\WINDOWS\system32\drivers\PDCOMP.sys File not found
"PDFRAME" (PDFRAME) C:\WINDOWS\system32\drivers\PDFRAME.sys File not found
"PDRELI" (PDRELI) C:\WINDOWS\system32\drivers\PDRELI.sys File not found
"PDRFRAME" (PDRFRAME) C:\WINDOWS\system32\drivers\PDRFRAME.sys File not found
|||||| "PxHelp20" (PxHelp20) "Sonic Solutions" C:\WINDOWS\System32\Drivers\PxHelp20.sys File exists
|||||| "speedfan" (speedfan) "Windows (R) 2000 DDK provider" C:\WINDOWS\System32\speedfan.sys File exists
|||||| "ssmdrv" (ssmdrv) "Avira GmbH" C:\WINDOWS\System32\DRIVERS\ssmdrv.sys File exists
|||||| "StarForce Protection Environment Driver (version 1.x)" (sfdrv01) "Protection Technology" C:\WINDOWS\System32\drivers\sfdrv01.sys File exists
|||||| "StarForce Protection Environment Driver (version 1.x.a)" (sfdrv01a) "Protection Technology (StarForce)" C:\WINDOWS\System32\drivers\sfdrv01a.sys File exists
|||||| "StarForce Protection Helper Driver (version 2.x)" (sfhlp02) "Protection Technology (StarForce)" C:\WINDOWS\System32\drivers\sfhlp02.sys File exists
|||||| "StarForce Protection VFS Driver (version 2.x)" (sfvfs02) "Protection Technology" C:\WINDOWS\System32\drivers\sfvfs02.sys File exists
|||||| "SVKP" (SVKP) "AntiCracking" C:\WINDOWS\System32\SVKP.sys File exists
|||||| "TOSHIBA Bluetooth HID port driver" (toshidpt) "TOSHIBA Corporation." C:\WINDOWS\System32\drivers\Toshidpt.sys File exists
"WDICA" (WDICA) C:\WINDOWS\system32\drivers\WDICA.sys File not found
Explorer
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
|||||| {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" "Microsoft Corporation" c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install File exists
HKLM\Software\Classes\Folder\shellex\ColumnHandlers
|||||| {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" "Adobe Systems, Inc." C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll File exists
HKLM\Software\Classes\Protocols\Filter
|||||| {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" "Microsoft Corporation" C:\WINDOWS\system32\mscoree.dll File exists
|||||| {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" "Microsoft Corporation" C:\WINDOWS\system32\mscoree.dll File exists
|||||| {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" "Microsoft Corporation" C:\WINDOWS\system32\mscoree.dll File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" deskpan.dll File not found
|||||| {1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" "NVIDIA Corporation" C:\WINDOWS\System32\nvshell.dll File exists
|||||| {1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" "NVIDIA Corporation" C:\WINDOWS\System32\nvshell.dll File exists
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" File not found | COM-object registry key not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" File not found | COM-object registry key not found
{32683183-48a0-441b-a342-7c2a440a9478} "Media Band" File not found | COM-object registry key not found
|||||| {78237F62-8EC8-438C-83B0-1DECB4303076} "My Private Folder" "Microsoft Corporation" C:\Programme\Microsoft Private Folder 1.0\ShellExt.dll File exists
|||||| {B0FAF2DA-13EA-41CA-A62F-850DC01D1C01} "My Private Folder" "Microsoft Corporation" C:\Programme\Microsoft Private Folder 1.0\ShellExt.dll File exists
|||||| {1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" "NVIDIA Corporation" C:\WINDOWS\System32\nvshell.dll File exists
|||||| {3B153CB3-A551-4fe6-A68B-F5C96650FF39} "Private Folder" "Microsoft Corporation" C:\Programme\Microsoft Private Folder 1.0\ShellExt.dll File exists
|||||| {A02DEEEB-DD87-4a4f-8F2E-B633A59BA18A} "Private Folder" "Microsoft Corporation" C:\Programme\Microsoft Private Folder 1.0\ShellExt.dll File exists
|||||| {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" "Avira GmbH" C:\Programme\Avira\AntiVir Desktop\shlext.dll File exists
|||||| {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" "Microsoft Corporation" c:\WINDOWS\system32\dfshim.dll File exists
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" File not found | COM-object registry key not found
|||||| {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" "Microsoft Corporation" c:\WINDOWS\system32\dfshim.dll File exists
|||||| {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" C:\Programme\WinRAR\rarext.dll File exists
Internet Explorer
HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars
{32683183-48a0-441b-a342-7c2a440a9478} "{32683183-48a0-441b-a342-7c2a440a9478}" File not found | COM-object registry key not found
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
ITBar7Height "ITBar7Height" File not found | COM-object registry key not found
"ITBar7Layout" File not found | COM-object registry key not found
"ITBarLayout" File not found | COM-object registry key not found
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units
|||| {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\npjpi160_24.dll File exists
|||| {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\npjpi160_24.dll File exists
|||| {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\npjpi160_24.dll File exists
|||||| {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object"
hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab "Adobe Systems, Inc." C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx File exists
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
|||||| {53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" "Safer Networking Limited" C:\PROGRA~1\SPYBOT~1\SDHelper.dll File exists
|||| "ICQ7.2" "ICQ, LLC." C:\Programme\ICQ7.2\ICQ.exe File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
|||||| {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" "Adobe Systems Incorporated" C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll File exists
|||| {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\jp2ssv.dll File exists
|||| {E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" "Sun Microsystems, Inc." C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File exists
|||||| {53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" "Safer Networking Limited" C:\PROGRA~1\SPYBOT~1\SDHelper.dll File exists
Logon
%AllUsersProfile%\Startmenü\Programme\Autostart
|||||| "desktop.ini" C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini File exists
|| "Printkey2000.lnk" "Fred's Software" C:\Programme\PrintKey2000\Printkey2000.exe Shortcut exists | File exists
%UserProfile%\Startmenü\Programme\Autostart
|||||| "desktop.ini" C:\Dokumente und Einstellungen\Ich\Startmenü\Programme\Autostart\desktop.ini File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
|||| "Adobe Reader Speed Launcher" "Adobe Systems Incorporated" "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" File exists
|||||| "avgnt" "Avira GmbH" "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min File exists
Print Monitors
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
|||||| "Canon BJ Language Monitor PIXMA iP1500" "CANON INC." C:\WINDOWS\system32\CNMLM5y.DLL File exists
Services
HKLM\SYSTEM\CurrentControlSet\Services
|||||| ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) "Microsoft Corporation" C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe File exists
"Anwendungsverwaltung" (AppMgmt) C:\WINDOWS\System32\appmgmts.dll File not found
|||||| "ASP.NET-Zustandsdienst" (aspnet_state) "Microsoft Corporation" C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe File exists
|||||| "Avira AntiVir Guard" (AntiVirService) "Avira GmbH" C:\Programme\Avira\AntiVir Desktop\avguard.exe File exists
|||||| "Avira AntiVir Planer" (AntiVirSchedulerService) "Avira GmbH" C:\Programme\Avira\AntiVir Desktop\sched.exe File exists
|| "ICQ Service" (ICQ Service) C:\Programme\ICQ6Toolbar\ICQ Service.exe File exists
|||| "InstallDriver Table Manager" (IDriverT) "Macrovision Corporation" C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe File exists
|||||| "Java Quick Starter" (JavaQuickStarterService) "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\jqs.exe File exists
"nProtect GameGuard Service" (npggsvc) "INCA Internet Co., Ltd." C:\WINDOWS\system32\GameMon.des File exists
|||||| "Private Folder Service" (prfldsvc) C:\Programme\Microsoft Private Folder 1.0\PrfldSvc.exe File found, but it contains no detailed information
|||||| "Windows CardSpace" (idsvc) "Microsoft Corporation" c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe File exists
|||||| "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) "Microsoft Corporation" c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe File exists
Winlogon
HKCU\Control Panel\IOProcs
"MVB" mvfs32.dll File not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions
{c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" appmgmts.dll File not found

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

war mir grad nich sicher ob ich nochmal neu gestartet hab deshalb nochmal das log

Report of OSAM: Autorun Manager v5.0.11926.0
Online Solutions. Complex Protection for Information Systems
Saved at 18:36:53 on 07.04.2011
OS: Windows XP Home Edition Service Pack 3 (Build 2600)
Default Browser: Mozilla Corporation Firefox 3.6.16

Scanner Settings
Rootkits detection (hidden registry)
Rootkits detection (hidden files)
Retrieve files information
Check Microsoft signatures

Filters
Trusted entries
Empty entries
Hidden registry entries (rootkit activity)
Exclusively opened files
Not found files
Files without detailed information
Existing files
Non-startable services
Non-startable drivers
Active entries
Disabled entries

Risk Name Publisher Full Path Status
Control Panel Objects
%SystemRoot%\system32
|||||| "bdeadmin.cpl" C:\WINDOWS\system32\bdeadmin.cpl File exists
|||||| "BrnStiCp.cpl" "Brother Industries,Ltd." C:\WINDOWS\system32\BrnStiCp.cpl File exists
|||||| "DivXControlPanelApplet.cpl" "DivX, Inc." C:\WINDOWS\system32\DivXControlPanelApplet.cpl File exists
|||||| "infocardcpl.cpl" "Microsoft Corporation" C:\WINDOWS\system32\infocardcpl.cpl File exists
|||||| "javacpl.cpl" "Sun Microsystems, Inc." C:\WINDOWS\system32\javacpl.cpl File exists
|||||| "nvcpl.cpl" "NVIDIA Corporation" C:\WINDOWS\system32\nvcpl.cpl File exists
|||||| "nvtuicpl.cpl" "NVIDIA Corporation" C:\WINDOWS\system32\nvtuicpl.cpl File exists
|||||| "PhysX.cpl" C:\WINDOWS\system32\PhysX.cpl File exists
"SERVICE.CPL" "Davilex Software bv" C:\WINDOWS\system32\SERVICE.CPL File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls
|||||| "Avira AntiVir Personal" "Avira GmbH" C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl File exists
|||||| "Avira AntiVir Personal - Free Antivirus " "Avira GmbH" C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl File exists
Drivers
HKLM\SYSTEM\CurrentControlSet\Services
|||||| "atksgt" (atksgt) C:\WINDOWS\System32\DRIVERS\atksgt.sys File found, but it contains no detailed information
|||||| "avgio" (avgio) "Avira GmbH" C:\Programme\Avira\AntiVir Desktop\avgio.sys File exists
|||||| "avgntflt" (avgntflt) "Avira GmbH" C:\WINDOWS\System32\DRIVERS\avgntflt.sys File exists
|||||| "avipbb" (avipbb) "Avira GmbH" C:\WINDOWS\System32\DRIVERS\avipbb.sys File exists
|||||| "Bluetooth Audio Device (WDM) from TOSHIBA" (TosRfSnd) "TOSHIBA Corporation" C:\WINDOWS\System32\drivers\TosRfSnd.sys File exists
|||||| "Bluetooth Personal Area Network from TOSHIBA" (tosrfnds) "TOSHIBA Corporation." C:\WINDOWS\System32\DRIVERS\tosrfnds.sys File exists
|||||| "Bluetooth Port Driver from Toshiba" (tosporte) "TOSHIBA Corporation" C:\WINDOWS\System32\DRIVERS\tosporte.sys File exists
|||||| "Bluetooth RFBNEP from TOSHIBA" (Tosrfbnp) "TOSHIBA Corporation" C:\WINDOWS\System32\Drivers\tosrfbnp.sys File exists
|||||| "Bluetooth RFBUS from TOSHIBA" (Tosrfbd) "TOSHIBA CORPORATION" C:\WINDOWS\System32\Drivers\tosrfbd.sys File exists
|||||| "Bluetooth RFCOMM from TOSHIBA" (Tosrfcom) "TOSHIBA Corporation" C:\WINDOWS\System32\Drivers\tosrfcom.sys File exists
|||||| "Bluetooth RFHID from TOSHIBA" (Tosrfhid) "TOSHIBA Corporation." C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys File exists
|||||| "Bluetooth USB Controller" (Tosrfusb) "TOSHIBA CORPORATION" C:\WINDOWS\System32\Drivers\tosrfusb.sys File exists
|||||| "Brother USB Still Image driver" (BrScnUsb) "Brother Industries Ltd." C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys File exists
"catchme" (catchme) C:\DOKUME~1\Ich\LOKALE~1\Temp\catchme.sys File not found
|||||| "Cdr4_xp" (Cdr4_xp) "Sonic Solutions" C:\WINDOWS\system32\drivers\Cdr4_xp.sys File exists
|||||| "Cdralw2k" (Cdralw2k) "Sonic Solutions" C:\WINDOWS\system32\drivers\Cdralw2k.sys File exists
"Changer" (Changer) C:\WINDOWS\system32\drivers\Changer.sys File not found
|||||| "d347bus" (d347bus) " " C:\WINDOWS\System32\DRIVERS\d347bus.sys File exists
|||||| "d347prt" (d347prt) " " C:\WINDOWS\System32\Drivers\d347prt.sys File exists
|||||| "DAEMON Tools Virtual Bus Driver" (dtsoftbus01) "DT Soft Ltd" C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys File exists
"dump_wmimmc" (dump_wmimmc) C:\Games\gunz\GameGuard\dump_wmimmc.sys File not found
|||||| "FsUsbExDisk" (FsUsbExDisk) C:\WINDOWS\system32\FsUsbExDisk.SYS File found, but it contains no detailed information
|||||| "giveio" (giveio) C:\WINDOWS\System32\giveio.sys File found, but it contains no detailed information
|||||| "Hamachi Network Interface" (hamachi) "LogMeIn, Inc." C:\WINDOWS\System32\DRIVERS\hamachi.sys File exists
"i2omgmt" (i2omgmt) C:\WINDOWS\system32\drivers\i2omgmt.sys File not found
"lbrtfdc" (lbrtfdc) C:\WINDOWS\system32\drivers\lbrtfdc.sys File not found
|||||| "lirsgt" (lirsgt) C:\WINDOWS\System32\DRIVERS\lirsgt.sys File found, but it contains no detailed information
|||||| "MS1000" (MS1000) C:\WINDOWS\System32\DRIVERS\MS1000.sys File found, but it contains no detailed information
|||||| "NPPTNT2" (NPPTNT2) "INCA Internet Co., Ltd." C:\WINDOWS\system32\npptNT2.sys File exists
"PCIDump" (PCIDump) C:\WINDOWS\system32\drivers\PCIDump.sys File not found
"PDCOMP" (PDCOMP) C:\WINDOWS\system32\drivers\PDCOMP.sys File not found
"PDFRAME" (PDFRAME) C:\WINDOWS\system32\drivers\PDFRAME.sys File not found
"PDRELI" (PDRELI) C:\WINDOWS\system32\drivers\PDRELI.sys File not found
"PDRFRAME" (PDRFRAME) C:\WINDOWS\system32\drivers\PDRFRAME.sys File not found
|||||| "PxHelp20" (PxHelp20) "Sonic Solutions" C:\WINDOWS\System32\Drivers\PxHelp20.sys File exists
|||||| "speedfan" (speedfan) "Windows (R) 2000 DDK provider" C:\WINDOWS\System32\speedfan.sys File exists
|||||| "ssmdrv" (ssmdrv) "Avira GmbH" C:\WINDOWS\System32\DRIVERS\ssmdrv.sys File exists
|||||| "StarForce Protection Environment Driver (version 1.x)" (sfdrv01) "Protection Technology" C:\WINDOWS\System32\drivers\sfdrv01.sys File exists
|||||| "StarForce Protection Environment Driver (version 1.x.a)" (sfdrv01a) "Protection Technology (StarForce)" C:\WINDOWS\System32\drivers\sfdrv01a.sys File exists
|||||| "StarForce Protection Helper Driver (version 2.x)" (sfhlp02) "Protection Technology (StarForce)" C:\WINDOWS\System32\drivers\sfhlp02.sys File exists
|||||| "StarForce Protection VFS Driver (version 2.x)" (sfvfs02) "Protection Technology" C:\WINDOWS\System32\drivers\sfvfs02.sys File exists
|||||| "SVKP" (SVKP) "AntiCracking" C:\WINDOWS\System32\SVKP.sys File exists
|||||| "TOSHIBA Bluetooth HID port driver" (toshidpt) "TOSHIBA Corporation." C:\WINDOWS\System32\drivers\Toshidpt.sys File exists
"WDICA" (WDICA) C:\WINDOWS\system32\drivers\WDICA.sys File not found
Explorer
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
|||||| {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" "Microsoft Corporation" c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install File exists
HKLM\Software\Classes\Folder\shellex\ColumnHandlers
|||||| {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" "Adobe Systems, Inc." C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll File exists
HKLM\Software\Classes\Protocols\Filter
|||||| {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" "Microsoft Corporation" C:\WINDOWS\system32\mscoree.dll File exists
|||||| {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" "Microsoft Corporation" C:\WINDOWS\system32\mscoree.dll File exists
|||||| {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" "Microsoft Corporation" C:\WINDOWS\system32\mscoree.dll File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" deskpan.dll File not found
|||||| {1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" "NVIDIA Corporation" C:\WINDOWS\System32\nvshell.dll File exists
|||||| {1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" "NVIDIA Corporation" C:\WINDOWS\System32\nvshell.dll File exists
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" File not found | COM-object registry key not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" File not found | COM-object registry key not found
{32683183-48a0-441b-a342-7c2a440a9478} "Media Band" File not found | COM-object registry key not found
|||||| {78237F62-8EC8-438C-83B0-1DECB4303076} "My Private Folder" "Microsoft Corporation" C:\Programme\Microsoft Private Folder 1.0\ShellExt.dll File exists
|||||| {B0FAF2DA-13EA-41CA-A62F-850DC01D1C01} "My Private Folder" "Microsoft Corporation" C:\Programme\Microsoft Private Folder 1.0\ShellExt.dll File exists
|||||| {1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" "NVIDIA Corporation" C:\WINDOWS\System32\nvshell.dll File exists
|||||| {3B153CB3-A551-4fe6-A68B-F5C96650FF39} "Private Folder" "Microsoft Corporation" C:\Programme\Microsoft Private Folder 1.0\ShellExt.dll File exists
|||||| {A02DEEEB-DD87-4a4f-8F2E-B633A59BA18A} "Private Folder" "Microsoft Corporation" C:\Programme\Microsoft Private Folder 1.0\ShellExt.dll File exists
|||||| {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" "Avira GmbH" C:\Programme\Avira\AntiVir Desktop\shlext.dll File exists
|||||| {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" "Microsoft Corporation" c:\WINDOWS\system32\dfshim.dll File exists
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" File not found | COM-object registry key not found
|||||| {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" "Microsoft Corporation" c:\WINDOWS\system32\dfshim.dll File exists
|||||| {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" C:\Programme\WinRAR\rarext.dll File exists
Internet Explorer
HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars
{32683183-48a0-441b-a342-7c2a440a9478} "{32683183-48a0-441b-a342-7c2a440a9478}" File not found | COM-object registry key not found
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
ITBar7Height "ITBar7Height" File not found | COM-object registry key not found
"ITBar7Layout" File not found | COM-object registry key not found
"ITBarLayout" File not found | COM-object registry key not found
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units
|||| {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\npjpi160_24.dll File exists
|||| {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\npjpi160_24.dll File exists
|||| {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\npjpi160_24.dll File exists
|||||| {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object"
hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab "Adobe Systems, Inc." C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx File exists
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
|||||| {53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" "Safer Networking Limited" C:\PROGRA~1\SPYBOT~1\SDHelper.dll File exists
|||| "ICQ7.2" "ICQ, LLC." C:\Programme\ICQ7.2\ICQ.exe File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
|||||| {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" "Adobe Systems Incorporated" C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll File exists
|||| {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\jp2ssv.dll File exists
|||| {E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" "Sun Microsystems, Inc." C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File exists
|||||| {53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" "Safer Networking Limited" C:\PROGRA~1\SPYBOT~1\SDHelper.dll File exists
Logon
%AllUsersProfile%\Startmenü\Programme\Autostart
|||||| "desktop.ini" C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini File exists
|| "Printkey2000.lnk" "Fred's Software" C:\Programme\PrintKey2000\Printkey2000.exe Shortcut exists | File exists
%UserProfile%\Startmenü\Programme\Autostart
|||||| "desktop.ini" C:\Dokumente und Einstellungen\Ich\Startmenü\Programme\Autostart\desktop.ini File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
|||| "Adobe Reader Speed Launcher" "Adobe Systems Incorporated" "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" File exists
|||||| "avgnt" "Avira GmbH" "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min File exists
Print Monitors
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
|||||| "Canon BJ Language Monitor PIXMA iP1500" "CANON INC." C:\WINDOWS\system32\CNMLM5y.DLL File exists
Services
HKLM\SYSTEM\CurrentControlSet\Services
|||||| ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) "Microsoft Corporation" C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe File exists
"Anwendungsverwaltung" (AppMgmt) C:\WINDOWS\System32\appmgmts.dll File not found
|||||| "ASP.NET-Zustandsdienst" (aspnet_state) "Microsoft Corporation" C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe File exists
|||||| "Avira AntiVir Guard" (AntiVirService) "Avira GmbH" C:\Programme\Avira\AntiVir Desktop\avguard.exe File exists
|||||| "Avira AntiVir Planer" (AntiVirSchedulerService) "Avira GmbH" C:\Programme\Avira\AntiVir Desktop\sched.exe File exists
|| "ICQ Service" (ICQ Service) C:\Programme\ICQ6Toolbar\ICQ Service.exe File exists
|||| "InstallDriver Table Manager" (IDriverT) "Macrovision Corporation" C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe File exists
|||||| "Java Quick Starter" (JavaQuickStarterService) "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\jqs.exe File exists
"nProtect GameGuard Service" (npggsvc) "INCA Internet Co., Ltd." C:\WINDOWS\system32\GameMon.des File exists
|||||| "Private Folder Service" (prfldsvc) C:\Programme\Microsoft Private Folder 1.0\PrfldSvc.exe File found, but it contains no detailed information
|||||| "Windows CardSpace" (idsvc) "Microsoft Corporation" c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe File exists
|||||| "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) "Microsoft Corporation" c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe File exists
Winlogon
HKCU\Control Panel\IOProcs
"MVB" mvfs32.dll File not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions
{c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" appmgmts.dll File not found

If You have questions or want to get some help, You can visit Online Solutions :: Index

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

nr.1


SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 04/08/2011 at 00:22 AM

Application Version : 4.50.1002

Core Rules Database Version : 6776
Trace Rules Database Version: 4588

Scan type : Complete Scan
Total Scan Time : 02:34:40

Memory items scanned : 436
Memory threats detected : 0
Registry items scanned : 6439
Registry threats detected : 0
File items scanned : 136013
File threats detected : 3

Adware.Tracking Cookie
C:\Dokumente und Einstellungen\Ich\Cookies\ich@ad2.adfarm1.adition[1].txt
C:\Dokumente und Einstellungen\Ich\Cookies\ich@adfarm1.adition[3].txt

Trojan.Agent/CDesc[Generic]
C:\PROGRAMME\EMULATOREN\PSX\PLUGINS\SPUIORI.DLL



mbam log folgt nach scan

so hier endlich das mbam-log :


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6269

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

08.04.2011 19:22:54
mbam-log-2011-04-08 (19-22-54).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 234325
Laufzeit: 1 Stunde(n), 3 Minute(n), 13 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Zitat:

Datenbank Version: 6269

Du hast Malwarebytes vorher nicht aktualisiert. Bitte updaten und einen Vollscan machen.

diesmal mit aktualisiertem mbam-log ;


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6314

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

08.04.2011 20:55:34
mbam-log-2011-04-08 (20-55-34).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 234486
Laufzeit: 57 Minute(n), 22 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Sieht ok aus, da wurden nur Cookies gefunden und ein Fehlalarm war dabei.
Noch Probleme oder weitere Funde in der Zwischenzeit?

also es läuft wieder alles recht fix allerdings friert der rechner trotzdem ab und zu noch ein. vielleicht liegt es ja doch an etwas anderem. ansonsten ist aber alles wieder ok.

danke dafür.

an was könnte das einfrieren noch liegen?

Ich würde erstmal versuchen rauszufinden, ob das nur unter Windows so ist, oder auch mit anderen Betriebssystemen.
Lad dir mal sowas wie Knoppix oder Ubuntu herunter, brenn die iso Datei per Imagebrennfunktion auf eine CD und boote den Rechner davon.
Teste dann mal den Rechner unter Linux und berichte ob das System dort stabil oder instabil ist.

da wäre das problem dass ich zur zeit garkeine funktionierenden CD\DVD - laufwerke hab

mir ist auch aufgefallen dass es umso häufiger passiert desto mehr der rechner zu verarbeiten hat.
-wenn ich nichts mache passiert in der regel auch nichts
-wenn ich mehrere sachen auf habe passiert es ab und zu bis oft
- wenn ich nen spiel spiele passiert es andauernd

Zitat:

da wäre das problem dass ich zur zeit garkeine funktionierenden CD\DVD - laufwerke hab

Dann muss man sich halt eins besorgen.

fehler gefunden , meine grafikkarte macht probleme. werd mir wohl neue besorgen müssen weil die die ich zum testen benutzt hab echt beschissen ist ^^

aber wenigstens ist der rechner jetzt sauber danke nochmal dafür.