| |
| |||||||
Log-Analyse und Auswertung: Rechner ist so langsam wie nie und friert oft ein!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
07.04.2011, 15:12
| #15 |
 |  Rechner ist so langsam wie nie und friert oft ein! ok. hier das neue osam-log Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 16:11:37 on 07.04.2011 OS: Windows XP Home Edition Service Pack 3 (Build 2600) Default Browser: Mozilla Corporation Firefox 3.6.16 Scanner Settings Rootkits detection (hidden registry) Rootkits detection (hidden files) Retrieve files information Check Microsoft signatures Filters Trusted entries Empty entries Hidden registry entries (rootkit activity) Exclusively opened files Not found files Files without detailed information Existing files Non-startable services Non-startable drivers Active entries Disabled entries Risk Name Publisher Full Path Status Control Panel Objects %SystemRoot%\system32 |||||| "bdeadmin.cpl" C:\WINDOWS\system32\bdeadmin.cpl File exists |||||| "BrnStiCp.cpl" "Brother Industries,Ltd." C:\WINDOWS\system32\BrnStiCp.cpl File exists |||||| "DivXControlPanelApplet.cpl" "DivX, Inc." C:\WINDOWS\system32\DivXControlPanelApplet.cpl File exists |||||| "infocardcpl.cpl" "Microsoft Corporation" C:\WINDOWS\system32\infocardcpl.cpl File exists |||||| "javacpl.cpl" "Sun Microsystems, Inc." C:\WINDOWS\system32\javacpl.cpl File exists |||||| "nvcpl.cpl" "NVIDIA Corporation" C:\WINDOWS\system32\nvcpl.cpl File exists |||||| "nvtuicpl.cpl" "NVIDIA Corporation" C:\WINDOWS\system32\nvtuicpl.cpl File exists |||||| "PhysX.cpl" C:\WINDOWS\system32\PhysX.cpl File exists "SERVICE.CPL" "Davilex Software bv" C:\WINDOWS\system32\SERVICE.CPL File exists HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls |||||| "Avira AntiVir Personal" "Avira GmbH" C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl File exists |||||| "Avira AntiVir Personal - Free Antivirus " "Avira GmbH" C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl File exists Drivers HKLM\SYSTEM\CurrentControlSet\Services |||||| "atksgt" (atksgt) C:\WINDOWS\System32\DRIVERS\atksgt.sys File found, but it contains no detailed information |||||| "avgio" (avgio) "Avira GmbH" C:\Programme\Avira\AntiVir Desktop\avgio.sys File exists |||||| "avgntflt" (avgntflt) "Avira GmbH" C:\WINDOWS\System32\DRIVERS\avgntflt.sys File exists |||||| "avipbb" (avipbb) "Avira GmbH" C:\WINDOWS\System32\DRIVERS\avipbb.sys File exists |||||| "Bluetooth Audio Device (WDM) from TOSHIBA" (TosRfSnd) "TOSHIBA Corporation" C:\WINDOWS\System32\drivers\TosRfSnd.sys File exists |||||| "Bluetooth Personal Area Network from TOSHIBA" (tosrfnds) "TOSHIBA Corporation." C:\WINDOWS\System32\DRIVERS\tosrfnds.sys File exists |||||| "Bluetooth Port Driver from Toshiba" (tosporte) "TOSHIBA Corporation" C:\WINDOWS\System32\DRIVERS\tosporte.sys File exists |||||| "Bluetooth RFBNEP from TOSHIBA" (Tosrfbnp) "TOSHIBA Corporation" C:\WINDOWS\System32\Drivers\tosrfbnp.sys File exists |||||| "Bluetooth RFBUS from TOSHIBA" (Tosrfbd) "TOSHIBA CORPORATION" C:\WINDOWS\System32\Drivers\tosrfbd.sys File exists |||||| "Bluetooth RFCOMM from TOSHIBA" (Tosrfcom) "TOSHIBA Corporation" C:\WINDOWS\System32\Drivers\tosrfcom.sys File exists |||||| "Bluetooth RFHID from TOSHIBA" (Tosrfhid) "TOSHIBA Corporation." C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys File exists |||||| "Bluetooth USB Controller" (Tosrfusb) "TOSHIBA CORPORATION" C:\WINDOWS\System32\Drivers\tosrfusb.sys File exists |||||| "Brother USB Still Image driver" (BrScnUsb) "Brother Industries Ltd." C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys File exists "catchme" (catchme) C:\DOKUME~1\Ich\LOKALE~1\Temp\catchme.sys File not found |||||| "Cdr4_xp" (Cdr4_xp) "Sonic Solutions" C:\WINDOWS\system32\drivers\Cdr4_xp.sys File exists |||||| "Cdralw2k" (Cdralw2k) "Sonic Solutions" C:\WINDOWS\system32\drivers\Cdralw2k.sys File exists "Changer" (Changer) C:\WINDOWS\system32\drivers\Changer.sys File not found |||||| "d347bus" (d347bus) " " C:\WINDOWS\System32\DRIVERS\d347bus.sys File exists |||||| "d347prt" (d347prt) " " C:\WINDOWS\System32\Drivers\d347prt.sys File exists |||||| "DAEMON Tools Virtual Bus Driver" (dtsoftbus01) "DT Soft Ltd" C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys File exists "dump_wmimmc" (dump_wmimmc) C:\Games\gunz\GameGuard\dump_wmimmc.sys File not found |||||| "FsUsbExDisk" (FsUsbExDisk) C:\WINDOWS\system32\FsUsbExDisk.SYS File found, but it contains no detailed information |||||| "giveio" (giveio) C:\WINDOWS\System32\giveio.sys File found, but it contains no detailed information |||||| "Hamachi Network Interface" (hamachi) "LogMeIn, Inc." C:\WINDOWS\System32\DRIVERS\hamachi.sys File exists "i2omgmt" (i2omgmt) C:\WINDOWS\system32\drivers\i2omgmt.sys File not found "lbrtfdc" (lbrtfdc) C:\WINDOWS\system32\drivers\lbrtfdc.sys File not found |||||| "lirsgt" (lirsgt) C:\WINDOWS\System32\DRIVERS\lirsgt.sys File found, but it contains no detailed information |||||| "MS1000" (MS1000) C:\WINDOWS\System32\DRIVERS\MS1000.sys File found, but it contains no detailed information |||||| "NPPTNT2" (NPPTNT2) "INCA Internet Co., Ltd." C:\WINDOWS\system32\npptNT2.sys File exists "PCIDump" (PCIDump) C:\WINDOWS\system32\drivers\PCIDump.sys File not found "PDCOMP" (PDCOMP) C:\WINDOWS\system32\drivers\PDCOMP.sys File not found "PDFRAME" (PDFRAME) C:\WINDOWS\system32\drivers\PDFRAME.sys File not found "PDRELI" (PDRELI) C:\WINDOWS\system32\drivers\PDRELI.sys File not found "PDRFRAME" (PDRFRAME) C:\WINDOWS\system32\drivers\PDRFRAME.sys File not found |||||| "PxHelp20" (PxHelp20) "Sonic Solutions" C:\WINDOWS\System32\Drivers\PxHelp20.sys File exists |||||| "speedfan" (speedfan) "Windows (R) 2000 DDK provider" C:\WINDOWS\System32\speedfan.sys File exists |||||| "ssmdrv" (ssmdrv) "Avira GmbH" C:\WINDOWS\System32\DRIVERS\ssmdrv.sys File exists |||||| "StarForce Protection Environment Driver (version 1.x)" (sfdrv01) "Protection Technology" C:\WINDOWS\System32\drivers\sfdrv01.sys File exists |||||| "StarForce Protection Environment Driver (version 1.x.a)" (sfdrv01a) "Protection Technology (StarForce)" C:\WINDOWS\System32\drivers\sfdrv01a.sys File exists |||||| "StarForce Protection Helper Driver (version 2.x)" (sfhlp02) "Protection Technology (StarForce)" C:\WINDOWS\System32\drivers\sfhlp02.sys File exists |||||| "StarForce Protection VFS Driver (version 2.x)" (sfvfs02) "Protection Technology" C:\WINDOWS\System32\drivers\sfvfs02.sys File exists |||||| "SVKP" (SVKP) "AntiCracking" C:\WINDOWS\System32\SVKP.sys File exists |||||| "TOSHIBA Bluetooth HID port driver" (toshidpt) "TOSHIBA Corporation." C:\WINDOWS\System32\drivers\Toshidpt.sys File exists "WDICA" (WDICA) C:\WINDOWS\system32\drivers\WDICA.sys File not found "EagleXNt" (EagleXNt) C:\WINDOWS\system32\drivers\EagleXNt.sys File not found "gUSBSTOi" (gUSBSTOi) C:\DOKUME~1\Ich\LOKALE~1\Temp\gUSBSTOi.sys File not found "XDva384" (XDva384) C:\WINDOWS\system32\XDva384.sys File not found "XDva385" (XDva385) C:\WINDOWS\system32\XDva385.sys File not found Explorer HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components |||||| {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" "Microsoft Corporation" c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install File exists HKLM\Software\Classes\Folder\shellex\ColumnHandlers |||||| {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" "Adobe Systems, Inc." C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll File exists HKLM\Software\Classes\Protocols\Filter |||||| {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" "Microsoft Corporation" C:\WINDOWS\system32\mscoree.dll File exists |||||| {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" "Microsoft Corporation" C:\WINDOWS\system32\mscoree.dll File exists |||||| {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" "Microsoft Corporation" C:\WINDOWS\system32\mscoree.dll File exists HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved {42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" deskpan.dll File not found |||||| {1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" "NVIDIA Corporation" C:\WINDOWS\System32\nvshell.dll File exists |||||| {1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" "NVIDIA Corporation" C:\WINDOWS\System32\nvshell.dll File exists {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" File not found | COM-object registry key not found {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" File not found | COM-object registry key not found {32683183-48a0-441b-a342-7c2a440a9478} "Media Band" File not found | COM-object registry key not found |||||| {78237F62-8EC8-438C-83B0-1DECB4303076} "My Private Folder" "Microsoft Corporation" C:\Programme\Microsoft Private Folder 1.0\ShellExt.dll File exists |||||| {B0FAF2DA-13EA-41CA-A62F-850DC01D1C01} "My Private Folder" "Microsoft Corporation" C:\Programme\Microsoft Private Folder 1.0\ShellExt.dll File exists |||||| {1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" "NVIDIA Corporation" C:\WINDOWS\System32\nvshell.dll File exists |||||| {3B153CB3-A551-4fe6-A68B-F5C96650FF39} "Private Folder" "Microsoft Corporation" C:\Programme\Microsoft Private Folder 1.0\ShellExt.dll File exists |||||| {A02DEEEB-DD87-4a4f-8F2E-B633A59BA18A} "Private Folder" "Microsoft Corporation" C:\Programme\Microsoft Private Folder 1.0\ShellExt.dll File exists |||||| {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" "Avira GmbH" C:\Programme\Avira\AntiVir Desktop\shlext.dll File exists |||||| {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" "Microsoft Corporation" c:\WINDOWS\system32\dfshim.dll File exists {764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" File not found | COM-object registry key not found |||||| {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" "Microsoft Corporation" c:\WINDOWS\system32\dfshim.dll File exists |||||| {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" C:\Programme\WinRAR\rarext.dll File exists Internet Explorer HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars {32683183-48a0-441b-a342-7c2a440a9478} "{32683183-48a0-441b-a342-7c2a440a9478}" File not found | COM-object registry key not found HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser ITBar7Height "ITBar7Height" File not found | COM-object registry key not found "ITBar7Layout" File not found | COM-object registry key not found "ITBarLayout" File not found | COM-object registry key not found HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units |||| {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\npjpi160_24.dll File exists |||| {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\npjpi160_24.dll File exists |||| {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\npjpi160_24.dll File exists |||||| {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab "Adobe Systems, Inc." C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx File exists HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions |||||| {53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" "Safer Networking Limited" C:\PROGRA~1\SPYBOT~1\SDHelper.dll File exists |||| "ICQ7.2" "ICQ, LLC." C:\Programme\ICQ7.2\ICQ.exe File exists HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects |||||| {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" "Adobe Systems Incorporated" C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll File exists |||| {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\jp2ssv.dll File exists |||| {E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" "Sun Microsystems, Inc." C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File exists |||||| {53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" "Safer Networking Limited" C:\PROGRA~1\SPYBOT~1\SDHelper.dll File exists Logon %AllUsersProfile%\Startmenü\Programme\Autostart |||||| "desktop.ini" C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini File exists || "Printkey2000.lnk" "Fred's Software" C:\Programme\PrintKey2000\Printkey2000.exe Shortcut exists | File exists %UserProfile%\Startmenü\Programme\Autostart |||||| "desktop.ini" C:\Dokumente und Einstellungen\Ich\Startmenü\Programme\Autostart\desktop.ini File exists HKLM\Software\Microsoft\Windows\CurrentVersion\Run |||| "Adobe Reader Speed Launcher" "Adobe Systems Incorporated" "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" File exists |||||| "avgnt" "Avira GmbH" "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min File exists Print Monitors HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors |||||| "Canon BJ Language Monitor PIXMA iP1500" "CANON INC." C:\WINDOWS\system32\CNMLM5y.DLL File exists Services HKLM\SYSTEM\CurrentControlSet\Services |||||| ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) "Microsoft Corporation" C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe File exists "Anwendungsverwaltung" (AppMgmt) C:\WINDOWS\System32\appmgmts.dll File not found |||||| "ASP.NET-Zustandsdienst" (aspnet_state) "Microsoft Corporation" C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe File exists |||||| "Avira AntiVir Guard" (AntiVirService) "Avira GmbH" C:\Programme\Avira\AntiVir Desktop\avguard.exe File exists |||||| "Avira AntiVir Planer" (AntiVirSchedulerService) "Avira GmbH" C:\Programme\Avira\AntiVir Desktop\sched.exe File exists || "ICQ Service" (ICQ Service) C:\Programme\ICQ6Toolbar\ICQ Service.exe File exists |||| "InstallDriver Table Manager" (IDriverT) "Macrovision Corporation" C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe File exists |||||| "Java Quick Starter" (JavaQuickStarterService) "Sun Microsystems, Inc." C:\Programme\Java\jre6\bin\jqs.exe File exists "nProtect GameGuard Service" (npggsvc) "INCA Internet Co., Ltd." C:\WINDOWS\system32\GameMon.des File exists |||||| "Private Folder Service" (prfldsvc) C:\Programme\Microsoft Private Folder 1.0\PrfldSvc.exe File found, but it contains no detailed information |||||| "Windows CardSpace" (idsvc) "Microsoft Corporation" c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe File exists |||||| "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) "Microsoft Corporation" c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe File exists Winlogon HKCU\Control Panel\IOProcs "MVB" mvfs32.dll File not found HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions {c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" appmgmts.dll File not found If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru |
| Themen zu Rechner ist so langsam wie nie und friert oft ein! |
| anti-malware, arten, befehl, bildschirm, brauch, bösartige, dateien, explorer, firefox, friert, hoffe, langsam, logfile, mbam, minute, neu, nichts, rechner, service, starte, starten, startet, unregelmäßige, version, verzeichnisse |
Baum-Darstellung