Hab das Osam doch zum laufen gebracht:

Log:
OSAM Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Report of OSAM: Autorun Manager v5.0.11926.0
http://***.online-solutions.ru/en/
Saved at 21:21:12 on 09.12.2010

OS: Windows XP Home Edition Service Pack 2 (Build 2600)
Default Browser: Microsoft Corporation Internet Explorer 6.00.2900.2180

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"AppleSoftwareUpdate.job" - "Apple Inc." - C:\Programme\Apple Software Update\SoftwareUpdate.exe
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-1645522239-484061587-839522115-1004Core1cb6f0a4da624e2.job" - "Google Inc." - C:\Dokumente und Einstellungen\Sandro\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"JAVACPL.CPL" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\JAVACPL.CPL
"NVCPL.CPL" - "NVIDIA Corporation" - C:\WINDOWS\system32\NVCPL.CPL
"RTSndMgr.cpl" - "Realtek Semiconductor Corp." - C:\WINDOWS\system32\RTSndMgr.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl
"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Add Performance Filter Driver" (sisperf) - "Silicon Integrated Systems Corp." - C:\WINDOWS\System32\drivers\sisperf.sys
"avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\DOKUME~1\Sandro\LOKALE~1\Temp\catchme.sys  (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)
"FssFltr" (fssfltr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"pxtdypog" (pxtdypog) - ? - C:\DOKUME~1\Sandro\LOKALE~1\Temp\pxtdypog.sys  (Hidden registry entry, rootkit activity | File not found)
"sisidex" (sisidex) - "Windows (R) 2000 DDK provider" - C:\WINDOWS\System32\drivers\sisidex.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"SVKP" (SVKP) - "AntiCracking" - C:\WINDOWS\system32\SVKP.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Programme\OpenOffice.org 2.3\program\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Programme\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Programme\Windows Live\Mail\mailcomm.dll
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll  (File not found)
{1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll
{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)
{FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Programme\OpenOffice.org 2.3\program\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Programme\OpenOffice.org 2.3\program\shlxthdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Programme\OpenOffice.org 2.3\program\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Programme\OpenOffice.org 2.3\program\shlxthdl.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Programme\WinRAR\rarext.dll
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Programme\Windows Live\Toolbar\wltcore.dll
<binary data> "EPSON Web-To-Page" - "SEIKO EPSON CORPORATION" - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
<binary data> "ITBarLayout" - ? -   (File not found | COM-object registry key not found)
<binary data> "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{0CCA191D-13A6-4E29-B746-314DEE697D83} "Facebook Photo Uploader 5" - "Facebook, Inc." - C:\WINDOWS\Downloaded Program Files\ImageUploader5.ocx / http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_20.dll / http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_20.dll / http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_20.dll / http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
{166B1BCA-3F9C-11CF-8075-444553540000} "Shockwave ActiveX Control" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Adobe\Director\SwDir.dll / http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? -   (File not found | COM-object registry key not found) / http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Programme\Windows Live\Toolbar\wltcore.dll
<binary data> "EPSON Web-To-Page" - "SEIKO EPSON CORPORATION" - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} "EpsonToolBandKicker Class" - "SEIKO EPSON CORPORATION" - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} "Search Helper" - "Microsoft Corporation" - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} "Windows Live Toolbar Helper" - "Microsoft Corporation" - C:\Programme\Windows Live\Toolbar\wltcore.dll
{5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? -   (File not found | COM-object registry key not found)

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"DESKTOP.INI" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\DESKTOP.INI
"McAfee Security Scan.lnk" - "McAfee, Inc." - C:\Programme\McAfee Security Scan\1.0.150\SSScheduler.exe  (Shortcut exists | File exists)
"Utility Tray.lnk" - "Silicon Integrated Systems Corporation" - C:\WINDOWS\system32\sistray.exe  (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"DESKTOP.INI" - ? - C:\Dokumente und Einstellungen\Sandro\Startmenü\Programme\Autostart\DESKTOP.INI
"OpenOffice.org 2.3.lnk" - ? - C:\Programme\OpenOffice.org 2.3\program\quickstart.exe  (Shortcut exists | File found, but it contains no detailed information | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"Google Update" - "Google Inc." - "C:\Dokumente und Einstellungen\Sandro\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe" /c
"MsnMsgr" - "Microsoft Corporation" - "C:\Programme\Windows Live\Messenger\MsnMsgr.Exe" /background
"swg" - "Google Inc." - "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
"NvMediaCenter" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
"nwiz" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nwiz.exe /installquiet
"QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\QTTask.exe" -atboottime
"SiSPower" - "Silicon Integrated Systems Corporation" - Rundll32.exe SiSPower.dll,ModeAgent
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll  (File not found)
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"Google Software Updater" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"NVIDIA Display Driver Service" (NVSvc) - "NVIDIA Corporation" - C:\WINDOWS\system32\nvsvc32.exe
"SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Live Family Safety-Dienst" (fsssvc) - "Microsoft Corporation" - C:\Programme\Windows Live\Family Safety\fsssvc.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )-----
{c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll  (File not found)

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Programme\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===
         

--- --- ---

If You have questions or want to get some help, You can visit http://forum.online-solutions.ru[/QUOTE]

Lade jetzt noch das dritte Prg =)

MBR Check:

Zitat:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 2 (build 2600)
Logical Drives Mask: 0x000002f4

Kernel Drivers (total 119):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E3000 \WINDOWS\system32\hal.dll
0xB85A8000 \WINDOWS\system32\KDCOM.DLL
0xB84B8000 \WINDOWS\system32\BOOTVID.dll
0xB7F78000 ACPI.sys
0xB85AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xB7F67000 pci.sys
0xB80A8000 isapnp.sys
0xB8670000 pciide.sys
0xB8328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xB80B8000 MountMgr.sys
0xB7F48000 ftdisk.sys
0xB8330000 PartMgr.sys
0xB8671000 siside.sys
0xB80C8000 VolSnap.sys
0xB7F30000 atapi.sys
0xB80D8000 disk.sys
0xB80E8000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB7F10000 fltMgr.sys
0xB7EFE000 sr.sys
0xB7EDB000 Fastfat.sys
0xB7EC4000 KSecDD.sys
0xB7E97000 NDIS.sys
0xB80F8000 uagp35.sys
0xB84BC000 sisperf.sys
0xB8108000 sisidex.sys
0xB7E7C000 Mup.sys
0xB8138000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB740C000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB8148000 \SystemRoot\system32\DRIVERS\imapi.sys
0xB8158000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xB8168000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB73E9000 \SystemRoot\system32\DRIVERS\ks.sys
0xB8370000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys
0xB8378000 \SystemRoot\system32\DRIVERS\usbohci.sys
0xB73C6000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xB8380000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB8178000 \SystemRoot\system32\DRIVERS\SiSGbeXP.sys
0xB73A1000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB7390000 \SystemRoot\system32\DRIVERS\serial.sys
0xB8540000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB737C000 \SystemRoot\system32\DRIVERS\parport.sys
0xB8188000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xB8388000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xB7DB7000 \SystemRoot\system32\DRIVERS\audstub.sys
0xB85AC000 \SystemRoot\System32\Drivers\RootMdm.sys
0xB8390000 \SystemRoot\System32\Drivers\Modem.SYS
0xB8198000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xB8544000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB7365000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xB81A8000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xB81B8000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xB8398000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB7354000 \SystemRoot\system32\DRIVERS\psched.sys
0xB81C8000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xB83A0000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xB83A8000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB81D8000 \SystemRoot\system32\DRIVERS\termdd.sys
0xB83B0000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xB85AE000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB72FB000 \SystemRoot\system32\DRIVERS\update.sys
0xB8550000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xB81E8000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xB81F8000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xB85B2000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xB6DB6000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xB6D94000 \SystemRoot\system32\drivers\portcls.sys
0xB8208000 \SystemRoot\system32\drivers\drmk.sys
0xB85B6000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xB7D80000 \SystemRoot\System32\Drivers\Null.SYS
0xB85B8000 \SystemRoot\System32\Drivers\Beep.SYS
0xB83D0000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xB83D8000 \SystemRoot\System32\drivers\vga.sys
0xB85BA000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xB85BC000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xB83E0000 \SystemRoot\System32\Drivers\Msfs.SYS
0xB83E8000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB7E44000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB6D61000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB6D09000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB6CB9000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB6C98000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xB6C76000 \SystemRoot\System32\drivers\afd.sys
0xB8218000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB8228000 \SystemRoot\system32\DRIVERS\netbios.sys
0xB83F0000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xB83F8000 \SystemRoot\system32\DRIVERS\srvkp.sys
0xB6C4B000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB6BDC000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB8238000 \SystemRoot\System32\Drivers\Fips.SYS
0xB6BC0000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xB85C0000 \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys
0xB723B000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xB8258000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xB8268000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xB8400000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xB7237000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xB6B80000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xB85C2000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB7223000 \SystemRoot\System32\drivers\Dxapi.sys
0xB8408000 \SystemRoot\System32\watchdog.sys
0xBD000000 \SystemRoot\System32\drivers\dxg.sys
0xB8742000 \SystemRoot\System32\drivers\dxgthk.sys
0xBFF70000 \SystemRoot\System32\framebuf.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xB6254000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xB6370000 \SystemRoot\system32\DRIVERS\fssfltr_tdi.sys
0xB626C000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB5F30000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xB5EF3000 \SystemRoot\system32\drivers\wdmaud.sys
0xB6094000 \SystemRoot\system32\drivers\sysaudio.sys
0xB865A000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xB59C4000 \SystemRoot\system32\DRIVERS\srv.sys
0xB7DB2000 \??\C:\WINDOWS\system32\SVKP.sys
0xB5523000 \SystemRoot\System32\Drivers\HTTP.sys
0xB5260000 \??\C:\DOKUME~1\Sandro\LOKALE~1\Temp\pxtdypog.sys
0xB5235000 \SystemRoot\system32\drivers\kmixer.sys
0x7C910000 \WINDOWS\System32\ntdll.dll

Processes (total 41):
0 System Idle Process
4 System
580 C:\WINDOWS\System32\SMSS.EXE
644 CSRSS.EXE
668 C:\WINDOWS\System32\WINLOGON.EXE
712 C:\WINDOWS\System32\SERVICES.EXE
724 C:\WINDOWS\System32\LSASS.EXE
936 C:\WINDOWS\System32\SVCHOST.EXE
1004 SVCHOST.EXE
1100 C:\WINDOWS\System32\SVCHOST.EXE
1220 SVCHOST.EXE
1296 SVCHOST.EXE
1468 C:\WINDOWS\System32\SPOOLSV.EXE
1536 C:\Programme\Avira\AntiVir Desktop\SCHED.EXE
1616 SVCHOST.EXE
1824 C:\WINDOWS\EXPLORER.EXE
1976 C:\WINDOWS\RTHDCPL.EXE
2016 C:\Programme\Gemeinsame Dateien\Java\Java Update\JUSCHED.EXE
2024 C:\Programme\Avira\AntiVir Desktop\AVGNT.EXE
128 C:\Programme\Windows Live\Messenger\MSNMSGR.EXE
140 C:\Dokumente und Einstellungen\Sandro\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
152 C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
216 C:\WINDOWS\System32\SISTRAY.EXE
304 C:\Programme\McAfee Security Scan\1.0.150\SSScheduler.exe
472 C:\Programme\OpenOffice.org 2.3\PROGRAM\SOFFICE.EXE
476 C:\Programme\OpenOffice.org 2.3\PROGRAM\SOFFICE.BIN
840 C:\Programme\Avira\AntiVir Desktop\AVGUARD.EXE
1076 C:\Programme\Java\JRE6\BIN\JQS.EXE
1180 C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
1624 C:\WINDOWS\System32\SVCHOST.EXE
2856 C:\WINDOWS\System32\WBEM\wmiapsrv.exe
3036 alg.exe
3516 C:\Dokumente und Einstellungen\Sandro\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\CHROME.EXE
3712 C:\Dokumente und Einstellungen\Sandro\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\CHROME.EXE
4020 C:\WINDOWS\System32\WUAUCLT.EXE
3392 C:\Dokumente und Einstellungen\Sandro\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\CHROME.EXE
1848 C:\Dokumente und Einstellungen\Sandro\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\CHROME.EXE
292 C:\Dokumente und Einstellungen\Sandro\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\CHROME.EXE
1344 C:\Dokumente und Einstellungen\Sandro\Desktop\MFtools\osam\osam.exe
3204 C:\WINDOWS\System32\NOTEPAD.EXE
3132 C:\Dokumente und Einstellungen\Sandro\Eigene Dateien\Downloads\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (FAT32)

PhysicalDrive0 Model Number: SAMSUNGHD250HJ, Rev: FH100-05

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: ADFE55CD0C6ED2E00B22375835E4C2736CE9AD11


Done!

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!