Trojaner-Board - Probleme mit Malware/Spyware

Hier jetzt das LOG von OSAM
----OSAM Logfile:

Code:

Report of OSAM: Autorun Manager v5.0.11926.0

Online Solutions. Complex Protection for Information Systems

Saved at 15:45:54 on 23.03.2011
 

OS: Windows XP Professional Service Pack 3 (Build 2600)

Default Browser: Mozilla Corporation Firefox 3.6.15
 

Scanner Settings

[x] Rootkits detection (hidden registry)

[x] Rootkits detection (hidden files)

[x] Retrieve files information

[x] Check Microsoft signatures
 

Filters

[ ] Trusted entries

[ ] Empty entries

[x] Hidden registry entries (rootkit activity)

[x] Exclusively opened files

[x] Not found files

[x] Files without detailed information

[x] Existing files

[ ] Non-startable services

[ ] Non-startable drivers

[x] Active entries

[x] Disabled entries
 
 

[Common]

-----( %SystemRoot%\Tasks )-----

"AppleSoftwareUpdate.job" - "Apple Inc." - C:\Programme\Apple Software Update\SoftwareUpdate.exe
 

[Control Panel Objects]

-----( %SystemRoot%\system32 )-----

"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl

"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl

"nvcpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.cpl

"viahdcpl.cpl" - "VIA Technologies, Inc" - C:\WINDOWS\system32\viahdcpl.cpl

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----

"Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl

"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl
 

[Drivers]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys

"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys

"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys

"catchme" (catchme) - ? - C:\cofi\catchme.sys  (File not found)

"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)

"cpuz130" (cpuz130) - ? - C:\DOKUME~1\Jobbi\LOKALE~1\Temp\cpuz130\cpuz_x32.sys  (File not found)

"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)

"Lavasoft helper driver" (Lavasoft Kernexplorer) - ? - C:\Programme\Lavasoft\Ad-Aware\KernExplorer.sys  (File not found)

"Lbd" (Lbd) - "Lavasoft AB" - C:\WINDOWS\System32\DRIVERS\Lbd.sys

"LBeepKE" (LBeepKE) - "Logitech, Inc." - C:\WINDOWS\System32\Drivers\LBeepKE.sys

"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)

"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)

"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)

"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)

"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)

"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)

"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys

"RRNetCap Service" (RRNetCap) - "RapidSolution Software AG" - C:\WINDOWS\System32\DRIVERS\rrnetcap.sys

"RRNetCapMP" (RRNetCapMP) - "RapidSolution Software AG" - C:\WINDOWS\System32\DRIVERS\rrnetcap.sys

"SANDRA" (SANDRA) - "SiSoftware" - H:\Programme\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x86\Sandra.sys

"SASDIFSV" (SASDIFSV) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS

"SASKUTIL" (SASKUTIL) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS

"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys

"StarOpen" (StarOpen) - ? - C:\WINDOWS\system32\drivers\StarOpen.sys  (File not found)

"Tunebite High-Speed Dubbing" (tbhsd) - "RapidSolution Software AG" - C:\WINDOWS\System32\drivers\tbhsd.sys

"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)
 

[Explorer]

-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----

{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} "PixiePack Codec Pack 1.1.1200.0" - ? - C:\Programme\PixiePack Codec Pack\InstallerHelper.exe

{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install

-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----

{7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroDigitalExt.dll

{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll

-----( HKLM\Software\Classes\Protocols\Filter )-----

{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll

{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll

{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll

{807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

-----( HKLM\Software\Classes\Protocols\Handler )-----

{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\11\OWC11.DLL

{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll

{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----

{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "SABShellExecuteHook Class" - "SuperAdBlocker.com" - C:\Programme\SUPERAntiSpyware\SASSEH.DLL

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----

{79BC0345-1015-11D2-A299-006008312725} "///FAST project settings" - ? - H:\Programme\Pinnacle\VideoSpin\Programs\BlueShellExt.dll  (File found, but it contains no detailed information)

{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - H:\Programme\7-Zip\7-zip.dll

{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll  (File not found)

{1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll

{1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll

{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll

{872A9397-E0D6-4e28-B64D-52B8D0A7EA35} "DisplayCplExt Class" - "Advanced Micro Devices, Inc." - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiamaxx.dll

{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)

{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - H:\Programme\iTunes\iTunesMiniPlayer.dll

{DC70C4A5-2044-4c59-B806-DEFB9AE0DF7C} "KbLogiExt Class" - "Logitech, Inc." - H:\Programme\Logitech\SetPoint\kbcplext.dll

{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)

{B9B9F083-2B04-452A-8691-83694AC1037B} "LogiExt Class" - "Logitech, Inc." - H:\Programme\Logitech\SetPoint\mcplext.dll

{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\OFFICE11\msohev.dll

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll

{B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroDigitalExt.dll

{7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroDigitalExt.dll

{FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll

{1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll

{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll

{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll

{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)

{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll

{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - "Advanced Micro Devices, Inc." - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll

{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL

{AB4F43CA-ADCD-4384-B9AF-3CECEA7D6544} "Websites" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\12\BIN\FPNSE.DLL

{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - H:\Programme\WinRAR\rarext.dll
 

[Internet Explorer]

-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----

ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)

<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)

<binary data> "ITBarLayout" - ? -   (File not found | COM-object registry key not found)

<binary data> "{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----

{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----

{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----

{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll

{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 

[Logon]

-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----

"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini

-----( %UserProfile%\Startmenü\Programme\Autostart )-----

"desktop.ini" - ? - C:\Dokumente und Einstellungen\Jobbi\Startmenü\Programme\Autostart\desktop.ini

-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----

"PanelApp" - ? - C:\Dokumente und Einstellungen\Jobbi\Lokale Einstellungen\Anwendungsdaten\Meinungsstudie\PanelApp\PanelApp.exe  (File found, but it contains no detailed information)

"Sony Ericsson PC Companion" - "Sony Ericsson" - "C:\Programme\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background

"SUPERAntiSpyware" - "SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----

"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"

"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 10.0\Reader\Reader_sl.exe"

"avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min

"CherryKeyMan" - "ZF Electronics GmbH" - "C:\Programme\Cherry\KeyMan\KeyMan.exe"

"HDAudDeck" - ? - C:\Programme\VIA\VIAudioi\HDADeck\HDeck.exe 1  (File found, but it contains no detailed information)

"NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

"NvMediaCenter" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

"QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\qttask.exe" -atboottime

"StartCCC" - "Advanced Micro Devices, Inc." - "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

"Ulead AutoDetector v2" - "Ulead Systems, Inc." - C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\monitor.exe
 

[Print Monitors]

-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----

"Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\mdimon.dll

"PDFCreator" - ? - C:\WINDOWS\system32\pdfcmnnt.dll  (File found, but it contains no detailed information)
 

[Services]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe

"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe

"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe

"Cherry Device Interface" (Cherry Device Interface) - "ZF Electronics GmbH" - C:\Programme\Cherry\CDI\cdi.exe

"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Programme\Bonjour\mDNSResponder.exe

"getPlus(R) Helper" (getPlusHelper) - "NOS Microsystems Ltd." - C:\Programme\NOS\bin\getPlus_Helper.dll

"getPlus(R) Helper 3004" (nosGetPlusHelper) - "NOS Microsystems Ltd." - C:\Programme\NOS\bin\getPlus_Helper_3004.dll

"Google Updater Service" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe

"Internet Pass-Through Service" (PassThru Service) - ? - C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe

"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Programme\iPod\bin\iPodService.exe

"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe

"Logitech Bluetooth Service" (LBTServ) - "Logitech, Inc." - C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe

"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE

"NVIDIA Display Driver Service" (NVSvc) - "NVIDIA Corporation" - C:\WINDOWS\system32\nvsvc32.exe

"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE

"PanelSvc" (PanelSvc) - ? - C:\Programme\Meinungsstudie\PanelApp\PanelSvc.exe  (File found, but it contains no detailed information)

"SiSoftware Deployment Agent Service" (SandraAgentSrv) - "SiSoftware" - H:\Programme\SiSoftware\SiSoftware Sandra Lite 2010c\RpcAgentSrv.exe

"Sony Ericsson PCCompanion" (Sony Ericsson PCCompanion) - "Avanquest Software" - C:\Programme\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe

"Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
 

[Winlogon]

-----( HKCU\Control Panel\IOProcs )-----

"MVB" - ? - mvfs32.dll  (File not found)

-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----

"!SASWinLogon" - "SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL

"LBTWlgn" - "Logitech, Inc." - c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll

"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll
 

[Winsock Providers]

-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----

"mdnsNSP" - "Apple Inc." - C:\Programme\Bonjour\mdnsNSP.dll
 

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---
If You have questions or want to get some help, You can visit Online Solutions :: Index

Gruß
Holger

Hallo Arne,
hier gleich hinterher der MBR-Check
---
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x00000ff4

Kernel Drivers (total 138):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E6000 \WINDOWS\system32\hal.dll
0xB85A8000 \WINDOWS\system32\KDCOM.DLL
0xB84B8000 \WINDOWS\system32\BOOTVID.dll
0xB7F78000 ACPI.sys
0xB85AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xB7F67000 pci.sys
0xB80A8000 isapnp.sys
0xB8670000 pciide.sys
0xB8328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xB80B8000 MountMgr.sys
0xB7F48000 ftdisk.sys
0xB85AC000 dmload.sys
0xB7F22000 dmio.sys
0xB8330000 PartMgr.sys
0xB80C8000 VolSnap.sys
0xB7F0A000 atapi.sys
0xB80D8000 disk.sys
0xB80E8000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB7EEA000 fltMgr.sys
0xB7ED8000 sr.sys
0xB80F8000 Lbd.sys
0xB8108000 PxHelp20.sys
0xB7EC1000 KSecDD.sys
0xB7E34000 Ntfs.sys
0xB7E07000 NDIS.sys
0xB7DED000 Mup.sys
0xB82C8000 \SystemRoot\system32\DRIVERS\AmdPPM.sys
0xB82D8000 \SystemRoot\system32\DRIVERS\serial.sys
0xB8588000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB774E000 \SystemRoot\system32\DRIVERS\parport.sys
0xB83F8000 \SystemRoot\system32\DRIVERS\nvsmu.sys
0xB8400000 \SystemRoot\system32\DRIVERS\usbohci.sys
0xB772A000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xB8408000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB82E8000 \SystemRoot\system32\DRIVERS\imapi.sys
0xB82F8000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xB8308000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB7707000 \SystemRoot\system32\DRIVERS\ks.sys
0xB8410000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xB76DF000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB8318000 \SystemRoot\system32\DRIVERS\nvnetbus.sys
0xB75F7000 \SystemRoot\system32\DRIVERS\NVNRM.SYS
0xB713C000 \SystemRoot\system32\DRIVERS\ati2mtag.sys
0xB7128000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB8594000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0xB8745000 \SystemRoot\system32\DRIVERS\audstub.sys
0xB8148000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xB8598000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB7111000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xB8158000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xB8168000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xB8418000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB7100000 \SystemRoot\system32\DRIVERS\psched.sys
0xB8178000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xB8420000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xB8428000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB70D0000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xB8188000 \SystemRoot\system32\DRIVERS\termdd.sys
0xB8430000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xB8438000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xB8198000 \SystemRoot\system32\DRIVERS\rrnetcap.sys
0xB85C8000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB6FD2000 \SystemRoot\system32\DRIVERS\update.sys
0xB7DB9000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xB6F7C000 \SystemRoot\system32\drivers\AtiHdmi.sys
0xB6F58000 \SystemRoot\system32\drivers\portcls.sys
0xB81A8000 \SystemRoot\system32\drivers\drmk.sys
0xB81B8000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xB81C8000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xB85CC000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xB81F8000 \SystemRoot\system32\DRIVERS\NVENETFD.sys
0xAA0C3000 \SystemRoot\system32\drivers\viahduaa.sys
0xA9F6F000 \SystemRoot\system32\drivers\monfilt.sys
0xB8440000 \SystemRoot\system32\drivers\nvhda32.sys
0xB85D0000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xB87E3000 \SystemRoot\System32\Drivers\Null.SYS
0xB85D2000 \SystemRoot\System32\Drivers\Beep.SYS
0xB8458000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xB8460000 \SystemRoot\System32\drivers\vga.sys
0xB85D4000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xB85D6000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xB8468000 \SystemRoot\System32\Drivers\Msfs.SYS
0xB8470000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB8558000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xA9EF7000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xA9E9E000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xA9E4E000 \SystemRoot\system32\DRIVERS\netbt.sys
0xA9E28000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xA9E06000 \SystemRoot\System32\drivers\afd.sys
0xB8228000 \SystemRoot\system32\DRIVERS\netbios.sys
0xB8238000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB8478000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xA9D44000 \??\C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS
0xB8480000 \??\C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS
0xA9D19000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xA9CA9000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB8258000 \SystemRoot\System32\Drivers\Fips.SYS
0xB8488000 \SystemRoot\System32\Drivers\LUsbFilt.Sys
0xB8268000 \SystemRoot\System32\Drivers\WDFLDR.SYS
0xA9C83000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xA9C07000 \SystemRoot\system32\DRIVERS\Wdf01000.sys
0xB7776000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xB8288000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xB8490000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xB85DA000 \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys
0xB84A0000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0xB8568000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xB84A8000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0xB70B0000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xB856C000 \SystemRoot\system32\DRIVERS\usbscan.sys
0xB84B0000 \SystemRoot\system32\DRIVERS\usbprint.sys
0xB8340000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xB8574000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xA9B27000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xB85F4000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB6F4C000 \SystemRoot\System32\drivers\Dxapi.sys
0xB8370000 \SystemRoot\System32\watchdog.sys
0xBD000000 \SystemRoot\System32\drivers\dxg.sys
0xB869D000 \SystemRoot\System32\drivers\dxgthk.sys
0xBD012000 \SystemRoot\System32\ati2dvag.dll
0xBD060000 \SystemRoot\System32\ati2cqag.dll
0xBD0FC000 \SystemRoot\System32\atikvmag.dll
0xBD196000 \SystemRoot\System32\atiok3x2.dll
0xBD1FB000 \SystemRoot\System32\ati3duag.dll
0xBD56E000 \SystemRoot\System32\ativvaxx.dll
0xBD78F000 \SystemRoot\System32\ATMFD.DLL
0xA6F71000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xA6F96000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA6C24000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xA6C0F000 \SystemRoot\system32\drivers\wdmaud.sys
0xA6D81000 \SystemRoot\system32\drivers\sysaudio.sys
0xB85AE000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xB877F000 \SystemRoot\System32\Drivers\LBeepKE.sys
0xA6829000 \SystemRoot\system32\DRIVERS\srv.sys
0xA61F8000 \SystemRoot\System32\Drivers\HTTP.sys
0x7C910000 \WINDOWS\system32\ntdll.dll

Processes (total 42):
0 System Idle Process
4 System
876 C:\WINDOWS\system32\smss.exe
924 csrss.exe
956 C:\WINDOWS\system32\winlogon.exe
1000 C:\WINDOWS\system32\services.exe
1012 C:\WINDOWS\system32\lsass.exe
1240 C:\WINDOWS\system32\ati2evxx.exe
1260 C:\WINDOWS\system32\svchost.exe
1308 svchost.exe
1440 C:\WINDOWS\system32\svchost.exe
1592 svchost.exe
1640 svchost.exe
1800 C:\WINDOWS\system32\spoolsv.exe
1828 C:\WINDOWS\system32\ati2evxx.exe
1948 C:\Programme\Avira\AntiVir Desktop\sched.exe
1996 svchost.exe
320 C:\Programme\Avira\AntiVir Desktop\avguard.exe
412 C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
468 C:\Programme\Bonjour\mDNSResponder.exe
584 C:\Programme\Java\jre6\bin\jqs.exe
592 C:\WINDOWS\explorer.exe
792 C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe
1944 C:\WINDOWS\system32\svchost.exe
220 C:\Programme\Avira\AntiVir Desktop\avshadow.exe
812 wmiprvse.exe
2096 C:\Programme\VIA\VIAudioi\HDADeck\HDeck.exe
2104 C:\Programme\Avira\AntiVir Desktop\avgnt.exe
2140 C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\Monitor.exe
2156 C:\Programme\Cherry\KeyMan\KeyMan.exe
2200 C:\Programme\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
2208 C:\Dokumente und Einstellungen\Jobbi\Lokale Einstellungen\Anwendungsdaten\Meinungsstudie\PanelApp\PanelApp.exe
2224 C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe
2240 C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2264 C:\WINDOWS\system32\ctfmon.exe
2288 C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATICDE.EXE
2540 C:\Programme\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
2796 C:\Programme\Cherry\CDI\cdi.exe
3040 alg.exe
160 C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
2336 C:\Programme\Mozilla Firefox\firefox.exe
3088 C:\Dokumente und Einstellungen\Jobbi\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`007e0000 (NTFS)
\\.\H: --> \\.\PhysicalDrive0 at offset 0x00000013`88362e00 (NTFS)

PhysicalDrive0 Model Number: SAMSUNGSP2504C, Rev: VT100-52

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: ADFE55CD0C6ED2E00B22375835E4C2736CE9AD11

Done!