hier die osam log
OSAM Logfile: Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 18:29:31 on 01.05.2011
OS: Windows XP Professional Service Pack 3 (Build 2600)
Default Browser: Microsoft Corporation Internet Explorer 8.00.6001.18702
Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures
Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries
[Common]
-----( %SystemRoot%\Tasks )-----
"AppleSoftwareUpdate.job" - "Apple Inc." - C:\Programme\Apple Software Update\SoftwareUpdate.exe
"Automatische Problemsuche.job" - "TuneUp Software" - C:\Programme\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe
[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"ALSNDMGR.CPL" - "Realtek Semiconductor Corp." - C:\WINDOWS\system32\ALSNDMGR.CPL
"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\WINDOWS\system32\DivXControlPanelApplet.cpl
"igfxcpl.cpl" - "Intel Corporation" - C:\WINDOWS\system32\igfxcpl.cpl
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"VCCenter.cpl" - "Sony Corporation" - C:\WINDOWS\system32\VCCenter.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl
"Avira AntiVir Personal – Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl
"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl
[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"AEGIS Protocol (IEEE 802.1x) v3.1.0.1" (AegisP) - "Meetinghouse Data Communications" - C:\WINDOWS\System32\DRIVERS\AegisP.sys
"Alps Pointing-device Filter Driver" (ApfiltrService) - "Alps Electric Co., Ltd." - C:\WINDOWS\System32\DRIVERS\Apfiltr.sys
"avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys
"BrPar" (BrPar) - "Brother Industries Ltd." - C:\WINDOWS\System32\drivers\BrPar.sys
"catchme" (catchme) - ? - C:\DOKUME~1\Heisig\LOKALE~1\Temp\catchme.sys (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found)
"Cisco Systems Inc. IPSec Driver" (CVPNDRVA) - "Cisco Systems, Inc." - C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
"HSFHWAZL" (HSFHWAZL) - "Conexant Systems, Inc." - C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys
"HSF_DP" (HSF_DP) - "Conexant Systems, Inc." - C:\WINDOWS\System32\DRIVERS\HSF_DP.sys
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found)
"ialm" (ialm) - "Intel Corporation" - C:\WINDOWS\System32\DRIVERS\ialmnt5.sys
"Intel(R) PRO Network Connection Driver" (E100B) - "Intel Corporation" - C:\WINDOWS\System32\DRIVERS\e100b325.sys
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found)
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"Service for Realtek HD Audio (WDM)" (IntcAzAudAddService) - "Realtek Semiconductor Corp." - C:\WINDOWS\System32\drivers\RtkHDAud.sys
"Sony Notebook Control Device" (SNC) - "Sony Corporation" - C:\WINDOWS\System32\Drivers\SonyNC.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"tifmsony" (tifmsony) - "Texas Instruments" - C:\WINDOWS\System32\drivers\tifmsony.sys
"TuneUpUtilitiesDrv" (TuneUpUtilitiesDrv) - "TuneUp Software" - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
"ugldqpoc" (ugldqpoc) - ? - C:\DOKUME~1\Heisig\LOKALE~1\Temp\ugldqpoc.sys (Hidden registry entry, rootkit activity | File not found)
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found)
"winachsf" (winachsf) - "Conexant Systems, Inc." - C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys
"WLAN Transport" (s24trans) - "Intel Corporation" - C:\WINDOWS\System32\DRIVERS\s24trans.sys
[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll
{91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} "Adobe.Acrobat.ContextMenu" - ? - (File not found | COM-object registry key not found)
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found)
{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\OFFICE11\msohev.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\OFFICE11\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\OFFICE11\OLKFSTUB.DLL
{DEE12703-6333-4D4E-8F34-738C4DCC2E04} "RecordNow! SendToExt" - ? - C:\Programme\Sonic\RecordNow!\shlext.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{ED58A35B-B554-42AF-A26C-6F3D424200D3} "SPMPanel" - "Sony Corporation" - C:\Programme\Sony\VAIO Power Management\SPMPanel.dll
{4838CD50-7E5D-4811-9B17-C47A85539F28} "TuneUp Disk Space Explorer Shell Extension" - "TuneUp Software" - C:\Programme\TuneUp Utilities 2010\DseShExt-x86.dll
{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software" - C:\Programme\TuneUp Utilities 2010\SDShelEx-win32.dll
{44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software" - C:\WINDOWS\System32\uxtuneup.dll
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll (File found, but it contains no detailed information)
{E0D79304-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, Inc." - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
{E0D79305-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, Inc." - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
{E0D79306-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, Inc." - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
{E0D79307-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, Inc." - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "&Google" - "Google Germany GmbH" - c:\programme\google\googletoolbar1.dll
<binary data> "ICQToolBar" - "ICQ" - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found)
<binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found)
<binary data> "{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" - ? - (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----
{855F3B16-6D32-4fe6-8A56-BBB695989046} "ICQToolBar" - "ICQ" - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} "DivXBrowserPlugin Object" - "DivX,Inc." - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll / hxxp://download.divx.com/player/DivXBrowserPlugin.cab
{0CCA191D-13A6-4E29-B746-314DEE697D83} "Facebook Photo Uploader 5 Control" - "The Facebook" - C:\WINDOWS\Downloaded Program Files\PhotoUploader5.ocx / hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
{8100D56A-5661-482C-BEE8-AFECE305D968} "Facebook Photo Uploader 5 Control" - "The Facebook" - C:\WINDOWS\Downloaded Program Files\PhotoUploader55.ocx / hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
{5D637FAD-E202-48D1-8F18-5B9C459BD1E3} "Image Uploader Control" - "Aurigma, Inc." - C:\WINDOWS\Downloaded Program Files\ImageUploader5.ocx / hxxp://theme.naimg.net/120/lib/imageuploader/ImageUploader5.cab
{6E5E167B-1566-4316-B27F-0DDAB3484CF7} "Image Uploader Control" - "Aurigma, Inc." - C:\WINDOWS\Downloaded Program Files\ImageUploader4.ocx / hxxp://www.lokalisten.de/iup/ImageUploader4.cab
{EDFCB7CB-942C-4822-AF14-F0B687409848} "Image Uploader Control" - "Aurigma, Inc." - C:\WINDOWS\Downloaded Program Files\ImageUploader4.ocx / hxxp://www.lokalisten.de/iup/ImageUploader4.cab
{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} "Java Plug-in 1.5.0" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.5.0\bin\npjpi150.dll / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_13" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_13.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} "Java Plug-in 1.6.0_13" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_13.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_13" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_13.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} "Office Update Installation Engine" - "Microsoft Corporation" - C:\WINDOWS\opuc.dll / hxxp://office.microsoft.com/officeupdate/content/opuc2.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash10h.ocx / hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
{166B1BCA-3F9C-11CF-8075-444553540000} "{166B1BCA-3F9C-11CF-8075-444553540000}" - ? - (File not found | COM-object registry key not found) / hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? - (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"eBay - Homepage" - ? - C:\Programme\IrfanView\Ebay\Ebay.htm
"ICQ7" - "ICQ, LLC." - C:\Programme\ICQ7.0\ICQ.exe
"PokerStars.net" - "PokerStars" - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype add-on for Internet Explorer" - "Skype Technologies S.A." - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "&Google" - "Google Germany GmbH" - c:\programme\google\googletoolbar1.dll
{855F3B16-6D32-4fe6-8A56-BBB695989046} "ICQToolBar" - "ICQ" - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Germany GmbH" - c:\programme\google\googletoolbar1.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Programme\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype add-on for Internet Explorer" - "Skype Technologies S.A." - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
"VPN Client.lnk" - "Cisco Systems, Inc." - C:\Programme\Cisco Systems\VPN Client\vpngui.exe (Shortcut exists | File exists)
"WinZip Quick Pick.lnk" - "WinZip Computing, Inc. and H.C. Top Systems B.V." - C:\Programme\WinZip\WZQKPICK.EXE (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\Heisig\Startmenü\Programme\Autostart\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"swg" - "Google Inc." - "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Apoint" - "Alps Electric Co., Ltd." - C:\Programme\Apoint\Apoint.exe
"avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"DivXUpdate" - ? - "C:\Programme\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"HotKeysCmds" - "Intel Corporation" - C:\WINDOWS\system32\hkcmd.exe
"IgfxTray" - "Intel Corporation" - C:\WINDOWS\system32\igfxtray.exe
"Mouse Suite 98 Daemon" - "Primax Electronics Ltd." - ICO.EXE
"QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\qttask.exe" -atboottime
"SonyPowerCfg" - "Sony Corporation" - C:\Programme\Sony\VAIO Power Management\SPMgr.exe
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Java\jre6\bin\jusched.exe"
"VAIO Update 2" - ? - "C:\Programme\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"HP Standard TCP/IP Port" - "Hewlett Packard" - C:\WINDOWS\system32\hptcpmon.dll
"Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\mdimon.dll
[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"Cisco Systems, Inc. VPN Service" (CVPND) - "Cisco Systems, Inc." - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Programme\Bonjour\mDNSResponder.exe
"EvtEng" (EvtEng) - "Intel Corporation" - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
"Google Updater Service" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"ICQ Service" (ICQ Service) - ? - C:\Programme\ICQ6Toolbar\ICQ Service.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Programme\iPod\bin\iPodService.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
"RegSrvc" (RegSrvc) - "Intel Corporation" - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
"Spectrum24 Event Monitor" (S24EventMonitor) - "Intel Corporation " - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
"TuneUp Designerweiterung" (UxTuneUp) - "TuneUp Software" - C:\WINDOWS\System32\uxtuneup.dll
"TuneUp Drive Defrag-Dienst" (TuneUp.Defrag) - "TuneUp Software" - C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe
"TuneUp Utilities Service" (TuneUp.UtilitiesSvc) - "TuneUp Software" - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
"VAIO Cooporated Initialisation" (VCI) - "Sony Corporation" - C:\Programme\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
"VAIO Event Service" (VAIO Event Service) - "Sony Corporation" - C:\Programme\Sony\VAIO Event Service\VESMgr.exe
"VAIO Media Gateway Server" (VAIOMediaPlatform-Mobile-Gateway) - "Sony Corporation" - C:\Programme\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
"VAIO Media Integrated Server" (VAIOMediaPlatform-IntegratedServer-AppServer) - "Sony Corporation" - C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe
"VAIO Media Integrated Server (HTTP)" (VAIOMediaPlatform-IntegratedServer-HTTP) - "Sony Corporation" - C:\Programme\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
"VAIO Media Integrated Server (UPnP)" (VAIOMediaPlatform-IntegratedServer-UPnP) - "Sony Corporation" - C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"igfxcui" - "Intel Corporation" - C:\WINDOWS\system32\igfxsrvc.dll
"VESWinlogon" - "Sony Corporation" - C:\WINDOWS\system32\VESWinlogon.dll
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll
[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Programme\Bonjour\mdnsNSP.dll
===[ Logfile end ]=========================================[ Logfile end ]=== --- --- ---
If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru[/PHP]
und hier der mbr-check: PHP-Code: MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x000000cc
Kernel Drivers (total 138):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806D1000 \WINDOWS\system32\hal.dll
0xF8A26000 \WINDOWS\system32\KDCOM.DLL
0xF8936000 \WINDOWS\system32\BOOTVID.dll
0xF83F6000 ACPI.sys
0xF8A28000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF83E5000 pci.sys
0xF8526000 isapnp.sys
0xF8536000 ohci1394.sys
0xF8546000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xF893A000 compbatt.sys
0xF893E000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xF8AEE000 pciide.sys
0xF87A6000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF8A2A000 intelide.sys
0xF83C7000 pcmcia.sys
0xF8556000 MountMgr.sys
0xF83A8000 ftdisk.sys
0xF8A2C000 dmload.sys
0xF8382000 dmio.sys
0xF8942000 ACPIEC.sys
0xF8AEF000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
0xF87AE000 PartMgr.sys
0xF8566000 VolSnap.sys
0xF836A000 atapi.sys
0xF8576000 disk.sys
0xF8586000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF834A000 fltmgr.sys
0xF8338000 sr.sys
0xF8596000 PxHelp20.sys
0xF8321000 KSecDD.sys
0xF8294000 Ntfs.sys
0xF8267000 NDIS.sys
0xF824D000 Mup.sys
0xF85B6000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xF8656000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF89FA000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xF7514000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xF7500000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF74D8000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF8876000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF74B4000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF887E000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF8666000 \SystemRoot\system32\drivers\tifmsony.sys
0xF71A4000 \SystemRoot\system32\DRIVERS\w29n51.sys
0xF717E000 \SystemRoot\system32\DRIVERS\e100b325.sys
0xF8886000 \SystemRoot\System32\Drivers\SonyNC.sys
0xF8686000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF888E000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF7167000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0xF8896000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF8696000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF86A6000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF86B6000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF7144000 \SystemRoot\system32\DRIVERS\ks.sys
0xF889E000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xF86C6000 \SystemRoot\system32\DRIVERS\avmwan.sys
0xF7126000 \SystemRoot\system32\DRIVERS\dne2000.sys
0xF8C3C000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF86D6000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF8A06000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF710F000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF86E6000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF86F6000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF88AE000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF70FE000 \SystemRoot\system32\DRIVERS\psched.sys
0xF8706000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF88B6000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF88BE000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF70CE000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF8716000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF8A5C000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF7070000 \SystemRoot\system32\DRIVERS\update.sys
0xF8214000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF8726000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF4DCF000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xF4DAB000 \SystemRoot\system32\drivers\portcls.sys
0xF8736000 \SystemRoot\system32\drivers\drmk.sys
0xF4D83000 \SystemRoot\system32\DRIVERS\HSFHWAZL.sys
0xF4C84000 \SystemRoot\system32\DRIVERS\HSF_DP.sys
0xF4BDC000 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
0xF88C6000 \SystemRoot\System32\Drivers\Modem.SYS
0xF8746000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF8A60000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF8ADE000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF8B7B000 \SystemRoot\System32\Drivers\Null.SYS
0xF8AE0000 \SystemRoot\System32\Drivers\Beep.SYS
0xF88E6000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF88EE000 \SystemRoot\System32\drivers\vga.sys
0xF8AE2000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF8AE4000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF88F6000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF88FE000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF89CA000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xF4B00000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xF4AA7000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xF4A7F000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF4A5D000 \SystemRoot\System32\drivers\afd.sys
0xF8786000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF8906000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xF4A32000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xF49C2000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF8796000 \SystemRoot\System32\Drivers\Fips.SYS
0xF499C000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF85C6000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF78C9000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xF890E000 \SystemRoot\system32\DRIVERS\usbprint.sys
0xF8B8F000 \SystemRoot\system32\DRIVERS\DMICall.sys
0xF48B8000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xF8A36000 \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys
0xF7021000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xF8606000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF7011000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xF8616000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xF48A0000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF8A42000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF4BB4000 \SystemRoot\System32\drivers\Dxapi.sys
0xF87D6000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF8C63000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\nv4_disp.dll
0xBF3DC000 \SystemRoot\System32\ATMFD.DLL
0xF25D8000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xF260C000 \SystemRoot\system32\DRIVERS\AegisP.sys
0xF2608000 \SystemRoot\system32\DRIVERS\s24trans.sys
0xF25BC000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xF218B000 \SystemRoot\system32\drivers\wdmaud.sys
0xF2338000 \SystemRoot\system32\drivers\sysaudio.sys
0xF1CEB000 \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
0xF1BCB000 \SystemRoot\system32\DRIVERS\srv.sys
0xF1D9B000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xF1842000 \SystemRoot\System32\Drivers\HTTP.sys
0xF8B3F000 \??\C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
0xF0B7D000 \SystemRoot\System32\Drivers\hiber_WMILIB.SYS
0xF09C9000 \??\C:\DOKUME~1\Heisig\LOKALE~1\Temp\ugldqpoc.sys
0xF099E000 \SystemRoot\system32\drivers\kmixer.sys
0x7C910000 \WINDOWS\system32\ntdll.dll
Processes (total 47):
0 System Idle Process
4 System
1032 C:\WINDOWS\system32\smss.exe
1408 csrss.exe
1480 C:\WINDOWS\system32\winlogon.exe
1572 C:\WINDOWS\system32\services.exe
1584 C:\WINDOWS\system32\lsass.exe
1800 C:\WINDOWS\system32\svchost.exe
1948 svchost.exe
1988 C:\WINDOWS\system32\svchost.exe
196 C:\Programme\Intel\Wireless\Bin\EvtEng.exe
344 C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
432 svchost.exe
608 svchost.exe
996 C:\WINDOWS\system32\BRSVC01A.EXE
1016 C:\WINDOWS\system32\BRSS01A.EXE
1008 C:\WINDOWS\system32\spoolsv.exe
1224 C:\WINDOWS\explorer.exe
1232 C:\Programme\Avira\AntiVir Desktop\sched.exe
2012 C:\Programme\Apoint\Apoint.exe
2032 C:\WINDOWS\system32\ico.exe
1048 C:\Programme\Sony\VAIO Power Management\SPMgr.exe
1060 C:\Programme\Sony\VAIO Update 2\VAIOUpdt.exe
1396 C:\Programme\Java\jre6\bin\jusched.exe
1388 C:\Programme\Avira\AntiVir Desktop\avgnt.exe
1356 C:\Programme\divx\DivX Update\DivXUpdate.exe
1816 C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
532 C:\Programme\Apoint\ApntEx.exe
816 C:\Programme\WinZip\WZQKPICK.EXE
1708 C:\Programme\Avira\AntiVir Desktop\avguard.exe
1904 C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
496 C:\Programme\Bonjour\mDNSResponder.exe
744 C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
1728 C:\Programme\ICQ6Toolbar\ICQ Service.exe
1500 C:\Programme\Java\jre6\bin\jqs.exe
832 C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
1832 C:\WINDOWS\system32\nvsvc32.exe
480 C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
3604 C:\WINDOWS\system32\svchost.exe
3668 C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
3976 C:\Programme\Sony\VAIO Event Service\VESMgr.exe
2208 C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
3136 alg.exe
396 C:\WINDOWS\system32\wbem\wmiapsrv.exe
332 C:\Programme\Mozilla Firefox\firefox.exe
3888 C:\WINDOWS\system32\notepad.exe
3616 C:\Dokumente und Einstellungen\Heisig\Desktop\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000001`bf1f2000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000008`bb9c1e00 (NTFS)
PhysicalDrive0 Model Number: FUJITSUMHT2080AT, Rev: 0022
Size Device Name MBR Status
--------------------------------------------
74 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: ADFE55CD0C6ED2E00B22375835E4C2736CE9AD11
Done!
|