| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Festplatte beschädigt. Private Daten sind in Gefahr //Catalyst Control Center funktioniert nicht mehWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.06.2011, 16:27
| #16 |
 |  Festplatte beschädigt. Private Daten sind in Gefahr //Catalyst Control Center funktioniert nicht meh ne. hab nur tm runtergeschmissen. soll antivir folgen? schmeiss das jetzt auch runter. Geändert von nikelone (21.06.2011 um 16:34 Uhr) |
|
21.06.2011, 16:48
| #17 |
| | Festplatte beschädigt. Private Daten sind in Gefahr //Catalyst Control Center funktioniert nicht meh so denn,
__________________avira ist auch weg. Fragen: 1. Ursache für Infekt gefaktes adobe update (oder eher ominöser facebook virus)?? Dies will sich nämlich wieder updaten; lass aber die Finger davon. 2. Geblockte Autostartprogramme-Meldung auch eine Folge des Infekts? Ansonsten vorerst keine weiteren Fragen; erwarte ggf. weitere Anweisungen und vielen Dank für deinen bisherigen support. Grüße Niko |
|
21.06.2011, 21:44
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Festplatte beschädigt. Private Daten sind in Gefahr //Catalyst Control Center funktioniert nicht meh Erstell bitte ein neues OTL-Custom-Log, da sich die Systemkonfig jetzt ja signifikant verändert hat.
__________________
__________________ |
|
22.06.2011, 08:02
| #19 |
| | Festplatte beschädigt. Private Daten sind in Gefahr //Catalyst Control Center funktioniert nicht meh moin, so, hier der aktuelle otl scan:OTL Logfile: Code:
ATTFilter OTL logfile created on: 22.06.2011 08:33:17 - Run 2 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Nikel\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19048) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,99 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,76% Memory free 6,18 Gb Paging File | 5,12 Gb Available in Paging File | 82,85% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 287,95 Gb Total Space | 36,72 Gb Free Space | 12,75% Space Free | Partition Type: NTFS Drive D: | 10,00 Gb Total Space | 4,58 Gb Free Space | 45,84% Space Free | Partition Type: NTFS Drive F: | 1,86 Gb Total Space | 1,62 Gb Free Space | 87,41% Space Free | Partition Type: FAT Computer Name: SCHLEPPTOP | User Name: Nikel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.06.21 12:40:03 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Nikel\Desktop\OTL.exe PRC - [2010.06.09 01:47:48 | 001,531,904 | ---- | M] (Nokia) -- C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2009.11.13 17:15:00 | 001,807,600 | ---- | M] () -- C:\Programme\Dell DataSafe Online\DataSafeOnline.exe PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2009.02.26 17:02:53 | 000,067,128 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe PRC - [2008.11.07 20:21:16 | 000,132,392 | ---- | M] (CyberLink Corp.) -- C:\Programme\Dell\MediaDirect\PCMService.exe PRC - [2008.10.04 14:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Programme\Dell Support Center\bin\sprtsvc.exe PRC - [2008.10.04 14:58:02 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Programme\Dell Support Center\bin\sprtcmd.exe PRC - [2008.09.23 23:09:52 | 001,295,656 | ---- | M] (Stardock Corporation) -- C:\Programme\Dell\DellDock\DellDock.exe PRC - [2008.09.23 23:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Programme\Dell\DellDock\DockLogin.exe PRC - [2008.07.17 14:00:36 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\hidfind.exe PRC - [2008.07.17 14:00:18 | 000,196,608 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\Apoint.exe PRC - [2008.07.17 14:00:18 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApntEx.exe PRC - [2008.07.17 14:00:16 | 000,046,376 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApMsgFwd.exe PRC - [2008.07.17 12:23:04 | 000,442,433 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\sttray.exe PRC - [2008.07.17 12:23:02 | 000,221,239 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\stacsv.exe PRC - [2008.07.17 12:22:56 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\AEstSrv.exe PRC - [2008.07.09 15:31:46 | 001,616,976 | ---- | M] (Dell Inc.) -- C:\Programme\Dell\QuickSet\quickset.exe PRC - [2008.06.05 16:26:36 | 000,752,168 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2008.06.03 16:54:56 | 000,446,635 | ---- | M] (Creative Technology Ltd.) -- C:\Programme\Dell Webcam\Dell Webcam Central\WebcamDell.exe PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2008.01.09 13:32:08 | 000,789,008 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPoint\SetPoint.exe PRC - [2008.01.09 13:28:58 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Programme\Common Files\Logishrd\KHAL2\KHALMNPR.exe ========== Modules (SafeList) ========== MOD - [2011.06.21 12:40:03 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Nikel\Desktop\OTL.exe MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009.01.29 20:20:06 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist) SRV - [2008.10.04 14:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) SRV - [2008.09.23 23:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Programme\Dell\DellDock\DockLogin.exe -- (DockLoginService) SRV - [2008.07.17 12:23:02 | 000,221,239 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\stacsv.exe -- (STacSV) SRV - [2008.07.17 12:22:56 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\AEstSrv.exe -- (AESTFilters) SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008.01.09 13:30:08 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) ========== Driver Services (SafeList) ========== DRV - [2010.02.26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010.02.26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010.02.26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010.02.26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010.02.26 14:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2010.02.26 14:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2009.03.08 17:06:00 | 000,280,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid) DRV - [2009.03.06 07:30:08 | 000,133,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd) DRV - [2008.11.24 11:16:10 | 003,847,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2008.11.24 11:16:10 | 003,847,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008.07.28 11:46:32 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir) DRV - [2008.07.17 14:00:14 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2008.07.17 12:23:06 | 000,379,904 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008.07.04 07:35:48 | 003,663,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2008.07.03 10:58:26 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2008.07.03 10:58:24 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2008.07.03 10:58:22 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2008.05.29 13:03:34 | 000,203,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink (TM) DRV - [2008.01.21 04:23:25 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2) DRV - [2008.01.21 04:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R) DRV - [2007.11.29 03:17:56 | 000,036,368 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2007.11.29 03:17:48 | 000,035,088 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Personalisierte Startseite IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Personalisierte Startseite IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy2:8080 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google Desktop" FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1 FF - prefs.js..extensions.enabledItems: 6 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: 44 FF - prefs.js..extensions.enabledItems: {22181a4d-af90-4ca3-a569-faed9118d6bc}:1.2.0.1110 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..network.proxy.backup.ftp: "proxy2" FF - prefs.js..network.proxy.backup.ftp_port: 8080 FF - prefs.js..network.proxy.backup.gopher: "proxy2" FF - prefs.js..network.proxy.backup.gopher_port: 8080 FF - prefs.js..network.proxy.backup.socks: "proxy2" FF - prefs.js..network.proxy.backup.socks_port: 8080 FF - prefs.js..network.proxy.backup.ssl: "proxy2" FF - prefs.js..network.proxy.backup.ssl_port: 8080 FF - prefs.js..network.proxy.ftp: "proxy2" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.gopher: "proxy2" FF - prefs.js..network.proxy.gopher_port: 8080 FF - prefs.js..network.proxy.http: "proxy2" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "proxy2" FF - prefs.js..network.proxy.socks_port: 8080 FF - prefs.js..network.proxy.ssl: "proxy2" FF - prefs.js..network.proxy.ssl_port: 8080 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.07.28 16:28:01 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.02 17:58:19 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.07 08:09:35 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.07.28 16:28:02 | 000,000,000 | ---D | M] [2009.02.02 19:35:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nikel\AppData\Roaming\mozilla\Extensions [2011.05.02 08:34:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nikel\AppData\Roaming\mozilla\Firefox\Profiles\srplp6xa.default\extensions [2009.10.06 20:05:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Nikel\AppData\Roaming\mozilla\Firefox\Profiles\srplp6xa.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009.10.06 20:05:41 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Nikel\AppData\Roaming\mozilla\Firefox\Profiles\srplp6xa.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2011.06.11 15:34:24 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.05.23 10:43:20 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2010.05.23 18:52:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.09 21:25:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.11.15 19:12:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.01.10 09:36:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.04.11 07:59:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.06.11 15:34:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} File not found (No name found) -- [2011.05.23 10:43:20 | 000,000,000 | ---D | M] (Skype extension) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2010.03.31 08:57:34 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} [2010.05.23 18:52:43 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.09 21:25:19 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.11.15 19:12:33 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.01.10 09:36:09 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.04.11 07:59:52 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.06.11 15:34:24 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll [2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Programme\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Dell\BAE\BAE.dll (Dell Inc.) O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe () O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - Startup: C:\Users\Nikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation) O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.) O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: HP Sammelmappe - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: HP Intelligente Auswahl - {700259D7-1666-479a-93B1-3250410481E8} - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Programme\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.) O24 - Desktop WallPaper: C:\Users\Nikel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Nikel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{1aa73041-996f-11df-904c-002219ddd3a2}\Shell - "" = Autorun O33 - MountPoints2\{1aa73041-996f-11df-904c-002219ddd3a2}\Shell\AutoRun\command - "" = F:\Install_Nokia_Ovi_Suite.exe O33 - MountPoints2\{6e46fb2c-4fc1-11df-bf46-002219ddd3a2}\Shell - "" = AutoRun O33 - MountPoints2\{6e46fb2c-4fc1-11df-bf46-002219ddd3a2}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.) SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.06.21 16:00:43 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011.06.21 12:40:01 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Nikel\Desktop\OTL.exe [2011.06.20 21:21:25 | 000,000,000 | ---D | C] -- C:\Users\Nikel\AppData\Roaming\Malwarebytes [2011.06.20 21:21:11 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.06.20 21:21:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.06.20 21:21:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.06.20 21:21:06 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.06.20 21:21:05 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.06.20 09:03:27 | 000,000,000 | ---D | C] -- C:\Users\Nikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Repair [2011.06.07 08:09:29 | 000,000,000 | ---D | C] -- C:\Programme\Adobe [2011.05.28 19:42:38 | 000,000,000 | ---D | C] -- C:\Users\Nikel\AppData\Roaming\go [2011.05.28 19:42:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Easybits GO [2011.05.27 11:10:18 | 000,000,000 | ---D | C] -- C:\Users\Nikel\Documents\gegl-0.0 [2011.05.27 11:10:18 | 000,000,000 | ---D | C] -- C:\Users\Nikel\.gimp-2.6 [2011.05.27 11:10:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP [2011.05.27 11:09:41 | 000,000,000 | ---D | C] -- C:\Programme\GIMP-2.0 [2011.05.27 11:06:38 | 000,000,000 | ---D | C] -- C:\Users\Nikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Split And Merge [2011.05.27 11:06:37 | 000,000,000 | ---D | C] -- C:\Programme\pdfsam [2011.05.23 10:43:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras [2011.05.23 10:42:35 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype [2011.05.23 10:42:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2009.09.02 19:06:53 | 008,653,312 | ---- | C] (Dell, Inc. ) -- C:\Users\Nikel\AppData\Roaming\DataSafeDotNet.exe ========== Files - Modified Within 30 Days ========== [2011.06.22 08:26:32 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.06.22 08:23:15 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.06.22 08:23:15 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.06.22 08:23:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.06.22 08:23:05 | 3215,831,040 | -HS- | M] () -- C:\hiberfil.sys [2011.06.21 18:12:16 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011.06.21 17:37:27 | 000,000,680 | ---- | M] () -- C:\Users\Nikel\AppData\Local\d3d9caps.dat [2011.06.21 15:19:59 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.06.21 13:13:45 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.06.21 13:13:45 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.06.21 13:13:45 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.06.21 13:13:45 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.06.21 12:40:03 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Nikel\Desktop\OTL.exe [2011.06.20 09:06:16 | 000,000,392 | ---- | M] () -- C:\ProgramData\50650844 [2011.06.20 09:03:34 | 000,000,216 | ---- | M] () -- C:\ProgramData\~50650844 [2011.06.20 09:03:33 | 000,000,152 | ---- | M] () -- C:\ProgramData\~50650844r [2011.06.20 09:03:29 | 000,000,593 | ---- | M] () -- C:\Users\Nikel\Desktop\Windows Vista Repair.lnk [2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.05.29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.05.27 11:06:38 | 000,000,856 | ---- | M] () -- C:\Users\Nikel\Desktop\pdfsam.lnk ========== Files Created - No Company Name ========== [2011.06.20 09:28:49 | 3215,831,040 | -HS- | C] () -- C:\hiberfil.sys [2011.06.20 09:03:33 | 000,000,216 | ---- | C] () -- C:\ProgramData\~50650844 [2011.06.20 09:03:33 | 000,000,152 | ---- | C] () -- C:\ProgramData\~50650844r [2011.06.20 09:03:29 | 000,000,593 | ---- | C] () -- C:\Users\Nikel\Desktop\Windows Vista Repair.lnk [2011.06.20 09:03:19 | 000,000,392 | ---- | C] () -- C:\ProgramData\50650844 [2011.06.07 08:09:35 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [2011.05.27 11:06:38 | 000,000,856 | ---- | C] () -- C:\Users\Nikel\Desktop\pdfsam.lnk [2010.07.27 15:46:16 | 000,000,256 | ---- | C] () -- C:\Windows\System32\pool.bin [2010.01.09 00:43:06 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat [2009.06.01 19:13:22 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.06.01 19:13:22 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.04.14 09:59:15 | 000,004,096 | ---- | C] () -- C:\Users\Nikel\AppData\Local\keyfile3.drm [2009.02.18 20:51:38 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2009.02.18 17:55:36 | 000,000,680 | ---- | C] () -- C:\Users\Nikel\AppData\Local\d3d9caps.dat [2009.02.04 18:21:01 | 000,158,837 | ---- | C] () -- C:\Windows\hpoins15.dat [2009.02.04 17:54:43 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2009.02.02 20:17:08 | 000,067,072 | ---- | C] () -- C:\Users\Nikel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.01.30 04:40:06 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2009.01.30 04:40:06 | 000,174,819 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2009.01.30 04:40:06 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2009.01.30 04:40:06 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe [2009.01.30 04:37:05 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009.01.29 20:47:56 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009.01.29 20:14:28 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin [2009.01.29 20:06:06 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2008.01.21 09:15:58 | 000,618,442 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.01.21 09:15:58 | 000,122,842 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2007.08.22 10:16:00 | 000,046,456 | R--- | C] () -- C:\Windows\System32\exitwx.exe [2007.06.06 01:04:20 | 000,001,039 | ---- | C] () -- C:\Windows\hpomdl15.dat [2007.04.16 04:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,331,952 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,587,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,101,250 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI [2001.11.14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll ========== LOP Check ========== [2011.03.30 10:14:41 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\elsterformular [2011.06.22 08:27:09 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\go [2010.07.28 16:48:13 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\Nokia [2010.07.28 16:48:14 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\Nokia Ovi Suite [2010.07.28 16:39:55 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\PC Suite [2011.06.21 18:12:16 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2009.02.07 21:33:57 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\Adobe [2010.12.31 14:01:17 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\Ahead [2009.02.02 17:24:28 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\ATI [2009.02.02 19:54:04 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\CyberLink [2009.02.02 17:19:29 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\Dell [2010.07.21 18:44:56 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\DivX [2011.01.21 19:01:57 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\dvdcss [2011.03.30 10:14:41 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\elsterformular [2011.06.22 08:27:09 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\go [2009.02.02 19:31:36 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\Google [2009.02.16 14:34:01 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\HP [2009.02.04 18:29:38 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\HPAppData [2009.02.02 17:23:22 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\Identities [2009.02.02 19:58:56 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\InstallShield [2009.02.26 17:06:04 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\Logitech [2009.02.02 19:32:51 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\Macromedia [2011.06.20 21:21:25 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\Malwarebytes [2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\Media Center Programs [2011.06.20 09:27:02 | 000,000,000 | --SD | M] -- C:\Users\Nikel\AppData\Roaming\Microsoft [2009.02.02 19:35:56 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\Mozilla [2010.07.28 16:48:13 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\Nokia [2010.07.28 16:48:14 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\Nokia Ovi Suite [2010.07.28 16:39:55 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\PC Suite [2010.01.03 11:10:05 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\Roxio [2011.06.22 08:27:03 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\Skype [2011.05.28 18:29:18 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\skypePM [2009.08.31 20:34:34 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\vlc [2009.02.09 19:15:33 | 000,000,000 | ---D | M] -- C:\Users\Nikel\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > [2010.01.18 12:29:05 | 008,653,312 | ---- | M] (Dell, Inc. ) -- C:\Users\Nikel\AppData\Roaming\DataSafeDotNet.exe [2009.02.26 17:03:08 | 000,010,134 | R--- | M] () -- C:\Users\Nikel\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009.01.30 04:22:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys [2009.01.30 04:22:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2009.01.30 04:22:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTORV.SYS > [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: USER32.DLL > [2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll [2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll < MD5 for: USERINIT.EXE > [2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe < MD5 for: WININIT.EXE > [2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe [2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe < MD5 for: WINLOGON.EXE > [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys [2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2008.11.24 11:16:08 | 000,421,888 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll [2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll [2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll [2011.02.22 08:16:39 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll < End of report > gruß niko |
|
22.06.2011, 11:21
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Festplatte beschädigt. Private Daten sind in Gefahr //Catalyst Control Center funktioniert nicht meh Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
O4 - HKCU..\Run: [] File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1aa73041-996f-11df-904c-002219ddd3a2}\Shell - "" = Autorun
O33 - MountPoints2\{1aa73041-996f-11df-904c-002219ddd3a2}\Shell\AutoRun\command - "" = F:\Install_Nokia_Ovi_Suite.exe
O33 - MountPoints2\{6e46fb2c-4fc1-11df-bf46-002219ddd3a2}\Shell - "" = AutoRun
O33 - MountPoints2\{6e46fb2c-4fc1-11df-bf46-002219ddd3a2}\Shell\AutoRun\command - "" = F:\AutoRun.exe
[2011.06.20 09:03:29 | 000,000,593 | ---- | M] () -- C:\Users\Nikel\Desktop\Windows Vista Repair.lnk
[2011.06.20 09:03:27 | 000,000,000 | ---D | C] -- C:\Users\Nikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Repair
[2011.06.20 09:03:29 | 000,000,593 | ---- | C] () -- C:\Users\Nikel\Desktop\Windows Vista Repair.lnk
:Files
C:\ProgramData\~*
C:\ProgramData\5*
:Commands
[purity]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
22.06.2011, 12:02
| #21 |
| | Festplatte beschädigt. Private Daten sind in Gefahr //Catalyst Control Center funktioniert nicht meh so, hier das logfile nach fix: ========== OTL ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! C:\autoexec.bat moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1aa73041-996f-11df-904c-002219ddd3a2}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1aa73041-996f-11df-904c-002219ddd3a2}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1aa73041-996f-11df-904c-002219ddd3a2}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1aa73041-996f-11df-904c-002219ddd3a2}\ not found. File F:\Install_Nokia_Ovi_Suite.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e46fb2c-4fc1-11df-bf46-002219ddd3a2}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e46fb2c-4fc1-11df-bf46-002219ddd3a2}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e46fb2c-4fc1-11df-bf46-002219ddd3a2}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e46fb2c-4fc1-11df-bf46-002219ddd3a2}\ not found. File F:\AutoRun.exe not found. C:\Users\Nikel\Desktop\Windows Vista Repair.lnk moved successfully. C:\Users\Nikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Repair folder moved successfully. File C:\Users\Nikel\Desktop\Windows Vista Repair.lnk not found. ========== FILES ========== C:\ProgramData\~50650844 moved successfully. C:\ProgramData\~50650844r moved successfully. C:\ProgramData\50650844 moved successfully. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.24.1 log created on 06222011_125901 |
|
22.06.2011, 12:19
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Festplatte beschädigt. Private Daten sind in Gefahr //Catalyst Control Center funktioniert nicht meh Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.06.2011, 12:28
| #23 |
| | Festplatte beschädigt. Private Daten sind in Gefahr //Catalyst Control Center funktioniert nicht meh hier das tdss-log: 2011/06/22 13:25:06.0167 1428 TDSS rootkit removing tool 2.5.5.0 Jun 16 2011 15:25:15 2011/06/22 13:25:06.0343 1428 ================================================================================ 2011/06/22 13:25:06.0343 1428 SystemInfo: 2011/06/22 13:25:06.0343 1428 2011/06/22 13:25:06.0343 1428 OS Version: 6.0.6002 ServicePack: 2.0 2011/06/22 13:25:06.0343 1428 Product type: Workstation 2011/06/22 13:25:06.0343 1428 ComputerName: SCHLEPPTOP 2011/06/22 13:25:06.0343 1428 UserName: Nikel 2011/06/22 13:25:06.0343 1428 Windows directory: C:\Windows 2011/06/22 13:25:06.0343 1428 System windows directory: C:\Windows 2011/06/22 13:25:06.0343 1428 Processor architecture: Intel x86 2011/06/22 13:25:06.0343 1428 Number of processors: 2 2011/06/22 13:25:06.0343 1428 Page size: 0x1000 2011/06/22 13:25:06.0343 1428 Boot type: Normal boot 2011/06/22 13:25:06.0343 1428 ================================================================================ 2011/06/22 13:25:07.0510 1428 Initialize success 2011/06/22 13:25:10.0309 3128 ================================================================================ 2011/06/22 13:25:10.0309 3128 Scan started 2011/06/22 13:25:10.0309 3128 Mode: Manual; 2011/06/22 13:25:10.0309 3128 ================================================================================ 2011/06/22 13:25:11.0521 3128 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2011/06/22 13:25:11.0591 3128 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 2011/06/22 13:25:11.0643 3128 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 2011/06/22 13:25:11.0683 3128 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 2011/06/22 13:25:11.0715 3128 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 2011/06/22 13:25:11.0798 3128 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys 2011/06/22 13:25:11.0844 3128 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 2011/06/22 13:25:11.0884 3128 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/06/22 13:25:11.0917 3128 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 2011/06/22 13:25:11.0951 3128 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 2011/06/22 13:25:11.0978 3128 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 2011/06/22 13:25:12.0007 3128 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 2011/06/22 13:25:12.0033 3128 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 2011/06/22 13:25:12.0085 3128 ApfiltrService (1de27858a431a5749e0f3df54ba935b9) C:\Windows\system32\DRIVERS\Apfiltr.sys 2011/06/22 13:25:12.0127 3128 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 2011/06/22 13:25:12.0170 3128 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 2011/06/22 13:25:12.0206 3128 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/06/22 13:25:12.0274 3128 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 2011/06/22 13:25:12.0428 3128 atikmdag (47dcf5d78c395159d72c65c25129fc44) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/06/22 13:25:12.0532 3128 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2011/06/22 13:25:12.0580 3128 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 2011/06/22 13:25:12.0662 3128 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 2011/06/22 13:25:12.0697 3128 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/06/22 13:25:12.0722 3128 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/06/22 13:25:12.0759 3128 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/06/22 13:25:12.0785 3128 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/06/22 13:25:12.0815 3128 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/06/22 13:25:12.0841 3128 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/06/22 13:25:12.0908 3128 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 2011/06/22 13:25:12.0961 3128 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/06/22 13:25:13.0006 3128 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 2011/06/22 13:25:13.0063 3128 BthPort (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys 2011/06/22 13:25:13.0114 3128 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys 2011/06/22 13:25:13.0149 3128 btwaudio (58c4b59d0ebfb637e2e296cf4a686ba0) C:\Windows\system32\drivers\btwaudio.sys 2011/06/22 13:25:13.0181 3128 btwavdt (e8cc9436cc464d6975adbc4aece0ba7b) C:\Windows\system32\drivers\btwavdt.sys 2011/06/22 13:25:13.0254 3128 btwl2cap (ecb98391c756a7b9cfbae89d9d1235e1) C:\Windows\system32\DRIVERS\btwl2cap.sys 2011/06/22 13:25:13.0304 3128 btwrchid (62ed55843f8216eb25a909a820613033) C:\Windows\system32\DRIVERS\btwrchid.sys 2011/06/22 13:25:13.0352 3128 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/06/22 13:25:13.0426 3128 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2011/06/22 13:25:13.0457 3128 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys 2011/06/22 13:25:13.0518 3128 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2011/06/22 13:25:13.0608 3128 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/06/22 13:25:13.0641 3128 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 2011/06/22 13:25:13.0656 3128 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 2011/06/22 13:25:13.0678 3128 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 2011/06/22 13:25:13.0706 3128 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 2011/06/22 13:25:13.0787 3128 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys 2011/06/22 13:25:13.0869 3128 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2011/06/22 13:25:13.0941 3128 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys 2011/06/22 13:25:13.0988 3128 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys 2011/06/22 13:25:14.0029 3128 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys 2011/06/22 13:25:14.0093 3128 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2011/06/22 13:25:14.0141 3128 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 2011/06/22 13:25:14.0198 3128 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys 2011/06/22 13:25:14.0232 3128 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/06/22 13:25:14.0312 3128 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2011/06/22 13:25:14.0376 3128 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 2011/06/22 13:25:14.0407 3128 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 2011/06/22 13:25:14.0491 3128 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2011/06/22 13:25:14.0551 3128 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2011/06/22 13:25:14.0587 3128 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 2011/06/22 13:25:14.0630 3128 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2011/06/22 13:25:14.0660 3128 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2011/06/22 13:25:14.0691 3128 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/06/22 13:25:14.0756 3128 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2011/06/22 13:25:14.0804 3128 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2011/06/22 13:25:14.0840 3128 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 2011/06/22 13:25:14.0976 3128 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys 2011/06/22 13:25:15.0056 3128 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/06/22 13:25:15.0095 3128 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/06/22 13:25:15.0134 3128 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys 2011/06/22 13:25:15.0181 3128 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2011/06/22 13:25:15.0222 3128 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 2011/06/22 13:25:15.0312 3128 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2011/06/22 13:25:15.0338 3128 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 2011/06/22 13:25:15.0374 3128 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/06/22 13:25:15.0417 3128 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 2011/06/22 13:25:15.0456 3128 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/06/22 13:25:15.0510 3128 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 2011/06/22 13:25:15.0548 3128 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2011/06/22 13:25:15.0594 3128 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/06/22 13:25:15.0645 3128 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 2011/06/22 13:25:15.0668 3128 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2011/06/22 13:25:15.0700 3128 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2011/06/22 13:25:15.0726 3128 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 2011/06/22 13:25:15.0781 3128 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/06/22 13:25:15.0811 3128 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/06/22 13:25:15.0857 3128 itecir (8bcd857c7932ad005d5f9c89329da2e1) C:\Windows\system32\DRIVERS\itecir.sys 2011/06/22 13:25:15.0892 3128 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/06/22 13:25:15.0939 3128 k57nd60x (a67e8cfcad7d4f8b35643d6c79ba64c3) C:\Windows\system32\DRIVERS\k57nd60x.sys 2011/06/22 13:25:15.0967 3128 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/06/22 13:25:16.0016 3128 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/06/22 13:25:16.0092 3128 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2011/06/22 13:25:16.0177 3128 LHidFilt (23d84187822a0020b9f1ea71c7db3193) C:\Windows\system32\DRIVERS\LHidFilt.Sys 2011/06/22 13:25:16.0210 3128 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/06/22 13:25:16.0239 3128 LMouFilt (596499c81cb4b5841f91cfe3f514d202) C:\Windows\system32\DRIVERS\LMouFilt.Sys 2011/06/22 13:25:16.0277 3128 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 2011/06/22 13:25:16.0307 3128 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 2011/06/22 13:25:16.0351 3128 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 2011/06/22 13:25:16.0388 3128 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2011/06/22 13:25:16.0427 3128 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 2011/06/22 13:25:16.0578 3128 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 2011/06/22 13:25:16.0611 3128 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2011/06/22 13:25:16.0638 3128 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2011/06/22 13:25:16.0662 3128 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2011/06/22 13:25:16.0681 3128 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2011/06/22 13:25:16.0709 3128 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2011/06/22 13:25:16.0743 3128 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 2011/06/22 13:25:16.0769 3128 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2011/06/22 13:25:16.0798 3128 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/06/22 13:25:16.0835 3128 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2011/06/22 13:25:16.0918 3128 mrxsmb (5fe5cf325f5b02ebc60832d3440cb414) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/06/22 13:25:16.0946 3128 mrxsmb10 (30b9c769446af379a2afb72b0392604d) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/06/22 13:25:16.0970 3128 mrxsmb20 (fea239b3ec4877e2b7e23204af589ddf) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/06/22 13:25:17.0035 3128 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys 2011/06/22 13:25:17.0080 3128 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 2011/06/22 13:25:17.0109 3128 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2011/06/22 13:25:17.0138 3128 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2011/06/22 13:25:17.0189 3128 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2011/06/22 13:25:17.0213 3128 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/06/22 13:25:17.0240 3128 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2011/06/22 13:25:17.0305 3128 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2011/06/22 13:25:17.0332 3128 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/06/22 13:25:17.0353 3128 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2011/06/22 13:25:17.0374 3128 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2011/06/22 13:25:17.0461 3128 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2011/06/22 13:25:17.0549 3128 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2011/06/22 13:25:17.0593 3128 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/06/22 13:25:17.0614 3128 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/06/22 13:25:17.0657 3128 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/06/22 13:25:17.0687 3128 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2011/06/22 13:25:17.0727 3128 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2011/06/22 13:25:17.0786 3128 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2011/06/22 13:25:17.0945 3128 NETw5v32 (0b214c6a4728f085fb64a29ed9c4de94) C:\Windows\system32\DRIVERS\NETw5v32.sys 2011/06/22 13:25:17.0998 3128 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/06/22 13:25:18.0060 3128 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\Windows\system32\drivers\ccdcmb.sys 2011/06/22 13:25:18.0114 3128 nmwcdc (3859c69a77793180548802dac9f34a38) C:\Windows\system32\drivers\ccdcmbo.sys 2011/06/22 13:25:18.0205 3128 nmwcdnsu (338f83ee9cb9e15eeacf0cbb90218cbf) C:\Windows\system32\drivers\nmwcdnsu.sys 2011/06/22 13:25:18.0293 3128 nmwcdnsuc (d15bac979144fb69ed28f97b2dd84d48) C:\Windows\system32\drivers\nmwcdnsuc.sys 2011/06/22 13:25:18.0334 3128 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2011/06/22 13:25:18.0391 3128 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2011/06/22 13:25:18.0485 3128 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2011/06/22 13:25:18.0515 3128 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/06/22 13:25:18.0552 3128 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2011/06/22 13:25:18.0600 3128 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 2011/06/22 13:25:18.0638 3128 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 2011/06/22 13:25:18.0683 3128 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 2011/06/22 13:25:18.0775 3128 OA001Ufd (2cf21d5f8f1b74bb1922135ac2b12ddb) C:\Windows\system32\DRIVERS\OA001Ufd.sys 2011/06/22 13:25:18.0809 3128 OA001Vid (4075063d25af9da64101769854b83787) C:\Windows\system32\DRIVERS\OA001Vid.sys 2011/06/22 13:25:18.0874 3128 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/06/22 13:25:18.0929 3128 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/06/22 13:25:18.0992 3128 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2011/06/22 13:25:19.0019 3128 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/06/22 13:25:19.0085 3128 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys 2011/06/22 13:25:19.0154 3128 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2011/06/22 13:25:19.0181 3128 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 2011/06/22 13:25:19.0211 3128 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/06/22 13:25:19.0272 3128 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/06/22 13:25:19.0371 3128 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2011/06/22 13:25:19.0397 3128 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 2011/06/22 13:25:19.0475 3128 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2011/06/22 13:25:19.0540 3128 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys 2011/06/22 13:25:19.0604 3128 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 2011/06/22 13:25:19.0635 3128 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/06/22 13:25:19.0665 3128 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2011/06/22 13:25:19.0780 3128 R300 (47dcf5d78c395159d72c65c25129fc44) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/06/22 13:25:19.0824 3128 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2011/06/22 13:25:19.0857 3128 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/06/22 13:25:19.0917 3128 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/06/22 13:25:19.0966 3128 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2011/06/22 13:25:20.0030 3128 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2011/06/22 13:25:20.0046 3128 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/06/22 13:25:20.0086 3128 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 2011/06/22 13:25:20.0102 3128 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2011/06/22 13:25:20.0147 3128 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2011/06/22 13:25:20.0204 3128 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 2011/06/22 13:25:20.0259 3128 rimmptsk (c2ef513bbe069f0d4ee0938a76f975d3) C:\Windows\system32\DRIVERS\rimmptsk.sys 2011/06/22 13:25:20.0282 3128 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys 2011/06/22 13:25:20.0372 3128 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys 2011/06/22 13:25:20.0389 3128 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys 2011/06/22 13:25:20.0426 3128 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys 2011/06/22 13:25:20.0460 3128 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2011/06/22 13:25:20.0498 3128 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/06/22 13:25:20.0568 3128 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys 2011/06/22 13:25:20.0600 3128 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/06/22 13:25:20.0632 3128 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2011/06/22 13:25:20.0666 3128 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2011/06/22 13:25:20.0695 3128 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2011/06/22 13:25:20.0753 3128 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys 2011/06/22 13:25:20.0777 3128 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 2011/06/22 13:25:20.0840 3128 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys 2011/06/22 13:25:20.0868 3128 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/06/22 13:25:20.0904 3128 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 2011/06/22 13:25:20.0933 3128 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 2011/06/22 13:25:20.0963 3128 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 2011/06/22 13:25:21.0028 3128 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2011/06/22 13:25:21.0051 3128 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2011/06/22 13:25:21.0111 3128 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 2011/06/22 13:25:21.0173 3128 srv2 (a5940ca32ed206f90be9fabdf6e92de4) C:\Windows\system32\DRIVERS\srv2.sys 2011/06/22 13:25:21.0238 3128 srvnet (37aa1d560d5fa486c4b11c2f276ada61) C:\Windows\system32\DRIVERS\srvnet.sys 2011/06/22 13:25:21.0312 3128 STHDA (5af1feec6945f4fa5efd00e0c6d8f9b9) C:\Windows\system32\DRIVERS\stwrt.sys 2011/06/22 13:25:21.0364 3128 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2011/06/22 13:25:21.0422 3128 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/06/22 13:25:21.0466 3128 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/06/22 13:25:21.0501 3128 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/06/22 13:25:21.0595 3128 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys 2011/06/22 13:25:21.0640 3128 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys 2011/06/22 13:25:21.0706 3128 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2011/06/22 13:25:21.0741 3128 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2011/06/22 13:25:21.0770 3128 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2011/06/22 13:25:21.0830 3128 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2011/06/22 13:25:21.0911 3128 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2011/06/22 13:25:21.0957 3128 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/06/22 13:25:21.0999 3128 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2011/06/22 13:25:22.0034 3128 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2011/06/22 13:25:22.0062 3128 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 2011/06/22 13:25:22.0243 3128 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2011/06/22 13:25:22.0295 3128 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 2011/06/22 13:25:22.0334 3128 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 2011/06/22 13:25:22.0360 3128 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/06/22 13:25:22.0395 3128 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/06/22 13:25:22.0425 3128 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2011/06/22 13:25:22.0479 3128 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys 2011/06/22 13:25:22.0564 3128 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/06/22 13:25:22.0592 3128 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/06/22 13:25:22.0651 3128 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/06/22 13:25:22.0679 3128 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2011/06/22 13:25:22.0708 3128 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2011/06/22 13:25:22.0758 3128 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 2011/06/22 13:25:22.0809 3128 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 2011/06/22 13:25:22.0885 3128 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys 2011/06/22 13:25:22.0934 3128 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys 2011/06/22 13:25:22.0986 3128 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/06/22 13:25:23.0048 3128 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/06/22 13:25:23.0113 3128 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/06/22 13:25:23.0150 3128 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2011/06/22 13:25:23.0185 3128 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 2011/06/22 13:25:23.0213 3128 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 2011/06/22 13:25:23.0249 3128 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 2011/06/22 13:25:23.0282 3128 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2011/06/22 13:25:23.0354 3128 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2011/06/22 13:25:23.0419 3128 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2011/06/22 13:25:23.0470 3128 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 2011/06/22 13:25:23.0544 3128 VSTHWBS2 (c466021d31ff6c0a6069d12299d80c0b) C:\Windows\system32\DRIVERS\VSTBS23.SYS 2011/06/22 13:25:23.0613 3128 VST_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS 2011/06/22 13:25:23.0662 3128 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/06/22 13:25:23.0693 3128 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/06/22 13:25:23.0716 3128 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/06/22 13:25:23.0758 3128 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 2011/06/22 13:25:23.0818 3128 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 2011/06/22 13:25:23.0899 3128 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 2011/06/22 13:25:23.0964 3128 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/06/22 13:25:24.0032 3128 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 2011/06/22 13:25:24.0063 3128 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/06/22 13:25:24.0145 3128 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/06/22 13:25:24.0289 3128 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 2011/06/22 13:25:24.0307 3128 ================================================================================ 2011/06/22 13:25:24.0307 3128 Scan finished 2011/06/22 13:25:24.0307 3128 ================================================================================ 2011/06/22 13:25:24.0316 4828 Detected object count: 0 2011/06/22 13:25:24.0316 4828 Actual detected object count: 0 |
|
22.06.2011, 13:17
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Festplatte beschädigt. Private Daten sind in Gefahr //Catalyst Control Center funktioniert nicht meh Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.06.2011, 13:58
| #25 |
| | Festplatte beschädigt. Private Daten sind in Gefahr //Catalyst Control Center funktioniert nicht meh so hier der cofi log: Combofix Logfile: Code:
ATTFilter ComboFix 11-06-21.08 - Nikel 22.06.2011 14:49:19.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3066.1748 [GMT 2:00]
ausgeführt von:: c:\users\Nikel\Desktop\cofi.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\AutoRun.inf
c:\windows\system32\service
c:\windows\system32\service\01072009_TIS17_SfFniAU.log
c:\windows\system32\service\05052009_TIS17_SfFniAU.log
c:\windows\system32\service\07042009_TIS17_SfFniAU.log
c:\windows\system32\service\13012010_TIS17_SfFniAU.log
c:\windows\system32\service\13102009_TIS17_SfFniAU.log
c:\windows\system32\service\14022011_TIS17_SfFniAU.log
c:\windows\system32\service\15012011_TIS17_SfFniAU.log
c:\windows\system32\service\18122010_TIS17_SfFniAU.log
c:\windows\system32\service\21042009_TIS17_SfFniAU.log
c:\windows\system32\service\21052011_TIS17_SfFniAU.log
c:\windows\system32\service\21072010_TIS17_SfFniAU.log
c:\windows\system32\service\22032009_TIS17_SfFniAU.log
c:\windows\system32\service\24122010_TIS17_SfFniAU.log
c:\windows\system32\service\25022011_TIS17_SfFniAU.log
c:\windows\system32\service\27012011_TIS17_SfFniAU.log
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-05-22 bis 2011-06-22 ))))))))))))))))))))))))))))))
.
.
2011-06-22 12:53 . 2011-06-22 12:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-22 10:59 . 2011-06-22 10:59 -------- d-----w- C:\_OTL
2011-06-20 19:21 . 2011-06-20 19:21 -------- d-----w- c:\users\Nikel\AppData\Roaming\Malwarebytes
2011-06-20 19:21 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-20 19:21 . 2011-06-20 19:21 -------- d-----w- c:\programdata\Malwarebytes
2011-06-20 19:21 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-20 19:21 . 2011-06-20 19:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-05-28 17:42 . 2011-06-22 06:27 -------- d-----w- c:\users\Nikel\AppData\Roaming\go
2011-05-28 17:42 . 2011-06-22 12:47 -------- d-----w- c:\programdata\Easybits GO
2011-05-27 09:10 . 2011-05-27 09:12 -------- d-----w- c:\users\Nikel\.gimp-2.6
2011-05-27 09:09 . 2011-05-27 09:09 -------- d-----w- c:\program files\GIMP-2.0
2011-05-27 09:06 . 2011-05-27 09:06 -------- d-----w- c:\program files\pdfsam
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-20 06:47 . 2011-05-22 14:28 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-04 02:52 . 2010-05-23 16:52 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-14 16:40 . 2011-05-02 15:58 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-08-04 20:15 . 2009-02-02 17:58 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-29 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-04-18 15146376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-07-17 196608]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-04 30192]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-06-03 446635]
"Dell DataSafe Online"="c:\program files\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-11-07 132392]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-10-04 206064]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-11-29 55824]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-07-17 442433]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-05-29 1047656]
.
c:\users\Nikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-23 1295656]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-6-5 752168]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2009-2-26 67128]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-2-26 789008]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-7-9 1616976]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-23 1295656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-01-29 18:20 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R2 {2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7};Power Control [2009/02/02 18:59];c:\program files\Dell\MediaDirect\000.fcl [x]
R2 gupdate1c9bdf9c2d92d68;Google Update Service (gupdate1c9bdf9c2d92d68);c:\program files\Google\Update\GoogleUpdate.exe [2009-04-15 133104]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-06-16 29736]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-04 30192]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-04-15 133104]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
R3 VST_DPV;VST_DPV;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
R3 VSTHWBS2;VSTHWBS2;c:\windows\system32\DRIVERS\VSTBS23.SYS [2008-01-21 251904]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\aestsrv.exe [2008-07-17 73728]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-09-23 155648]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2008-07-28 54784]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2008-05-29 203264]
S3 NETw5v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32-Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-07-04 3663360]
S3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\DRIVERS\OA001Ufd.sys [2009-03-06 133632]
S3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\DRIVERS\OA001Vid.sys [2009-03-08 280096]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 80072156
*Deregistered* - 80072156
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2011-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-15 18:41]
.
2011-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-15 18:41]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=5090130
uInternet Settings,ProxyServer = proxy2:8080
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.2.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\users\Nikel\AppData\Roaming\Mozilla\Firefox\Profiles\srplp6xa.default\
FF - prefs.js: browser.search.selectedEngine - Google Desktop
FF - prefs.js: browser.startup.homepage - Google
FF - prefs.js: network.proxy.ftp - proxy2
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - proxy2
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - proxy2
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - proxy2
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - proxy2
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-06-22 14:53
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7}]
"ImagePath"="\??\c:\program files\Dell\MediaDirect\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2011-06-22 14:54:45
ComboFix-quarantined-files.txt 2011-06-22 12:54
.
Vor Suchlauf: 12 Verzeichnis(se), 38.550.781.952 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 38.489.022.464 Bytes frei
.
- - End Of File - - 158EEFDAB709429F52E8807BC9ADA623
|
|
22.06.2011, 14:31
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Festplatte beschädigt. Private Daten sind in Gefahr //Catalyst Control Center funktioniert nicht meh Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.06.2011, 18:02
| #27 |
| | Festplatte beschädigt. Private Daten sind in Gefahr //Catalyst Control Center funktioniert nicht meh so hier die logs in beschriebener reihenfolge. GMER Logfile: Code:
ATTFilter GMER 1.0.15.15640 - hxxp://www.gmer.net
Rootkit scan 2011-06-22 18:17:43
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-1 WDC_WD3200BEVT-75ZCT2 rev.11.01A11
Running: 1j3w4wmh.exe; Driver: C:\Users\Nikel\AppData\Local\Temp\uxloikod.sys
---- Kernel code sections - GMER 1.0.15 ----
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x8DE0A000, 0x20BE32, 0xE8000020]
? C:\Windows\system32\Drivers\PROCEXP113.SYS Das System kann die angegebene Datei nicht finden. !
? C:\Users\Nikel\AppData\Local\Temp\catchme.sys Das System kann die angegebene Datei nicht finden. !
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\explorer.exe[1720] @ C:\Windows\explorer.exe [gdiplus.dll!GdiplusShutdown] [73E47817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[1720] @ C:\Windows\explorer.exe [gdiplus.dll!GdipCloneImage] [73E9A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[1720] @ C:\Windows\explorer.exe [gdiplus.dll!GdipDrawImageRectI] [73E4BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[1720] @ C:\Windows\explorer.exe [gdiplus.dll!GdipSetInterpolationMode] [73E3F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[1720] @ C:\Windows\explorer.exe [gdiplus.dll!GdiplusStartup] [73E475E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[1720] @ C:\Windows\explorer.exe [gdiplus.dll!GdipCreateFromHDC] [73E3E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[1720] @ C:\Windows\explorer.exe [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73E78395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[1720] @ C:\Windows\explorer.exe [gdiplus.dll!GdipCreateBitmapFromStream] [73E4DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[1720] @ C:\Windows\explorer.exe [gdiplus.dll!GdipGetImageHeight] [73E3FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[1720] @ C:\Windows\explorer.exe [gdiplus.dll!GdipGetImageWidth] [73E3FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[1720] @ C:\Windows\explorer.exe [gdiplus.dll!GdipDisposeImage] [73E371CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[1720] @ C:\Windows\explorer.exe [gdiplus.dll!GdipLoadImageFromFileICM] [73ECCAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[1720] @ C:\Windows\explorer.exe [gdiplus.dll!GdipLoadImageFromFile] [73E6C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[1720] @ C:\Windows\explorer.exe [gdiplus.dll!GdipDeleteGraphics] [73E3D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[1720] @ C:\Windows\explorer.exe [gdiplus.dll!GdipFree] [73E36853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[1720] @ C:\Windows\explorer.exe [gdiplus.dll!GdipAlloc] [73E3687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[1720] @ C:\Windows\explorer.exe [gdiplus.dll!GdipSetCompositingMode] [73E42AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BthPort\Parameters\Keys\00225f4b348c
Reg HKLM\SYSTEM\ControlSet003\Services\BthPort\Parameters\Keys\00225f4b348c (not active ControlSet)
---- EOF - GMER 1.0.15 ----
OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 18:25:19 on 22.06.2011 OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Mozilla Corporation Firefox 4.0.1 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [AppInit DLLs] -----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )----- "AppInit_DLLs" - "Google" - C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "BlackBerry-Smartphone" (RimUsb) - ? - C:\Windows\System32\Drivers\RimUsb.sys (File not found) "catchme" (catchme) - ? - C:\Users\Nikel\AppData\Local\Temp\catchme.sys (File not found) "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "mbr" (mbr) - ? - C:\cofi\mbr.sys (Hidden registry entry, rootkit activity | File not found) "Power Control [2009/02/02 18:59:26]" ({2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7}) - ? - C:\Program Files\Dell\MediaDirect\000.fcl (File not found) "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys "uxloikod" (uxloikod) - ? - C:\Users\Nikel\AppData\Local\Temp\uxloikod.sys (Hidden registry entry, rootkit activity | File not found) [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {9462A756-7B47-47BC-8C80-C34B9B80B32B} "BackWeb GA Pluggable Protocol" - "Logitech Inc." - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll {32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL {3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {DC70C4A5-2044-4c59-B806-DEFB9AE0DF7C} "KbLogiExt Class" - "Logitech, Inc." - C:\Program Files\Logitech\SetPoint\kbcplext.dll {B9B9F083-2B04-452A-8691-83694AC1037B} "LogiExt Class" - "Logitech, Inc." - C:\Program Files\Logitech\SetPoint\mcplext.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\OFFICE11\msohev.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\OFFICE11\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\Windows\system32\btncopy.dll {0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\OFFICE11\OLKFSTUB.DLL {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? - (File not found | COM-object registry key not found) {5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files\WinRAR\rarext.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "@btrez.dll,-4015" - ? - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm {A93C41D8-01F8-4F8B-B14C-DE20B117E636} "HP Intelligente Auswahl" - "Hewlett-Packard Co." - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll {E763472E-A716-4CD9-89BD-DBDA6122F741} "HP Sammelmappe" - "Hewlett-Packard Co." - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll "PokerStars" - "PokerStars" - C:\Program Files\PokerStars\PokerStarsUpdate.exe {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {CA6319C0-31B7-401E-A518-A07C3DB8F777} "CBrowserHelperObject Object" - "Dell Inc." - C:\Program Files\Dell\BAE\BAE.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll {053F9267-DC04-4294-A72C-58F732D338C0} "HP Print Clips" - "Hewlett-Packard Co." - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "Dell Dock.lnk" - "Stardock Corporation" - C:\Program Files\Dell\DellDock\DellDock.exe (Shortcut exists | File exists) "desktop.ini" - ? - C:\Users\Nikel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "Bluetooth.lnk" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Shortcut exists | File exists) "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Shortcut exists | File exists) "Logitech Desktop Messenger.lnk" - "Logitech Inc." - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Shortcut exists | File exists) "Logitech SetPoint.lnk" - "Logitech, Inc." - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Shortcut exists | File exists) "QuickSet.lnk" - "Dell Inc." - C:\Program Files\Dell\QuickSet\quickset.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Skype" - "Skype Technologies S.A." - "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized "swg" - "Google Inc." - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Dell DataSafe Online" - ? - "C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe" /m "Dell Webcam Central" - "Creative Technology Ltd." - "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2 "dellsupportcenter" - "SupportSoft, Inc." - "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter "Google Desktop Search" - "Google" - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup "HP Software Update" - "Hewlett-Packard Co." - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe "Malwarebytes' Anti-Malware (reboot)" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript "NokiaMServer" - "Nokia" - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup "PCMService" - "CyberLink Corp." - "C:\Program Files\Dell\MediaDirect\PCMService.exe" "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\Windows\system32\mdimon.dll "PCL Language Monitor" - "Hewlett-Packard Company" - C:\Windows\system32\hpz3l5ha.dll "PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe "Dock Login Service" (DockLoginService) - "Stardock Corporation" - C:\Program Files\Dell\DellDock\DockLogin.exe "Google Desktop Manager 5.9.1005.12335" (GoogleDesktopManager-051210-111108) - "Google" - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe "Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe "Google Update Service (gupdate1c9bdf9c2d92d68)" (gupdate1c9bdf9c2d92d68) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoToAssist" (GoToAssist) - "Citrix Online, a division of Citrix Systems, Inc." - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe "HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll "hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll "Logitech Bluetooth Service" (LBTServ) - "Logitech, Inc." - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe "Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll "ServiceLayer" (ServiceLayer) - "Nokia" - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe "stllssvr" (stllssvr) - "MicroVision Development, Inc." - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe "SupportSoft Sprocket Service (DellSupportCenter)" (sprtsvc_DellSupportCenter) - "SupportSoft, Inc." - C:\Program Files\Dell Support Center\bin\sprtsvc.exe [Winlogon] -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "GoToAssist" - "Citrix Online, a division of Citrix Systems, Inc." - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows Vista Home Premium Edition Windows Information: Service Pack 2 (build 6002), 32-bit Base Board Manufacturer: Dell Inc. BIOS Manufacturer: Dell Inc. System Manufacturer: Dell Inc. System Product Name: Studio 1537 Logical Drives Mask: 0x0000001c Kernel Drivers (total 153): 0x82210000 \SystemRoot\system32\ntkrnlpa.exe 0x825CA000 \SystemRoot\system32\hal.dll 0x80403000 \SystemRoot\system32\kdcom.dll 0x8040A000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x8047A000 \SystemRoot\system32\PSHED.dll 0x8048B000 \SystemRoot\system32\BOOTVID.dll 0x80493000 \SystemRoot\system32\CLFS.SYS 0x804D4000 \SystemRoot\system32\CI.dll 0x8060C000 \SystemRoot\system32\drivers\Wdf01000.sys 0x8067D000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x8068B000 \SystemRoot\system32\drivers\acpi.sys 0x806D1000 \SystemRoot\system32\drivers\WMILIB.SYS 0x806DA000 \SystemRoot\system32\drivers\msisadrv.sys 0x806E2000 \SystemRoot\system32\drivers\pci.sys 0x80709000 \SystemRoot\System32\drivers\partmgr.sys 0x80718000 \SystemRoot\system32\DRIVERS\compbatt.sys 0x8071B000 \SystemRoot\system32\DRIVERS\BATTC.SYS 0x80725000 \SystemRoot\system32\drivers\volmgr.sys 0x80734000 \SystemRoot\System32\drivers\volmgrx.sys 0x8077E000 \SystemRoot\System32\drivers\mountmgr.sys 0x8078E000 \SystemRoot\system32\drivers\atapi.sys 0x80796000 \SystemRoot\system32\drivers\ataport.SYS 0x807B4000 \SystemRoot\system32\drivers\msahci.sys 0x807BE000 \SystemRoot\system32\drivers\PCIIDEX.SYS 0x807CC000 \SystemRoot\system32\drivers\fltmgr.sys 0x805B4000 \SystemRoot\system32\drivers\fileinfo.sys 0x80600000 \SystemRoot\System32\Drivers\PxHelp20.sys 0x8A008000 \SystemRoot\System32\Drivers\ksecdd.sys 0x8A079000 \SystemRoot\system32\drivers\ndis.sys 0x8A184000 \SystemRoot\system32\drivers\msrpc.sys 0x8A1AF000 \SystemRoot\system32\drivers\NETIO.SYS 0x8A209000 \SystemRoot\System32\drivers\tcpip.sys 0x8A2F3000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x8A40E000 \SystemRoot\System32\Drivers\Ntfs.sys 0x8A51E000 \SystemRoot\system32\drivers\volsnap.sys 0x8A557000 \SystemRoot\System32\Drivers\spldr.sys 0x8A55F000 \SystemRoot\System32\Drivers\mup.sys 0x8A56E000 \SystemRoot\System32\drivers\ecache.sys 0x8A595000 \SystemRoot\system32\drivers\disk.sys 0x8A5A6000 \SystemRoot\system32\drivers\CLASSPNP.SYS 0x8A5C7000 \SystemRoot\system32\drivers\crcdisk.sys 0x8A5F2000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x8A400000 \SystemRoot\system32\DRIVERS\tunmp.sys 0x8DE09000 \SystemRoot\system32\DRIVERS\atikmdag.sys 0x8A30E000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x8E3A0000 \SystemRoot\System32\drivers\watchdog.sys 0x8E60E000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x8E69B000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0x8E6A6000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x8E6E4000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x8E80D000 \SystemRoot\system32\DRIVERS\NETw5v32.sys 0x8EB95000 \SystemRoot\system32\DRIVERS\k57nd60x.sys 0x8EBCA000 \SystemRoot\system32\DRIVERS\ohci1394.sys 0x8EBDA000 \SystemRoot\system32\DRIVERS\1394BUS.SYS 0x8E6F3000 \SystemRoot\system32\DRIVERS\sdbus.sys 0x8EBE8000 \SystemRoot\system32\DRIVERS\rimmptsk.sys 0x8E70D000 \SystemRoot\system32\DRIVERS\rimsptsk.sys 0x8E721000 \SystemRoot\system32\DRIVERS\rixdptsk.sys 0x8E773000 \SystemRoot\system32\DRIVERS\itecir.sys 0x8E7CB000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0x8E800000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x8E3AC000 \SystemRoot\system32\DRIVERS\Apfiltr.sys 0x8E7DE000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x8E3D9000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x8E7E9000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x8E600000 \SystemRoot\system32\DRIVERS\wmiacpi.sys 0x8EBF9000 \SystemRoot\system32\DRIVERS\CmBatt.sys 0x8A3AE000 \SystemRoot\system32\DRIVERS\msiscsi.sys 0x8EE03000 \SystemRoot\system32\DRIVERS\storport.sys 0x8EE44000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x8EE4F000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x8EE66000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x8EE71000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x8EE94000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x8EEA3000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x8EEB7000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x8EECC000 \SystemRoot\system32\DRIVERS\termdd.sys 0x8EEDC000 \SystemRoot\system32\DRIVERS\swenum.sys 0x8EEDE000 \SystemRoot\system32\DRIVERS\ks.sys 0x8EF08000 \SystemRoot\system32\DRIVERS\circlass.sys 0x8EF16000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0x8EF20000 \SystemRoot\system32\DRIVERS\umbus.sys 0x8EF2D000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x8EF62000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x8EF73000 \SystemRoot\system32\drivers\HdAudio.sys 0x8EFB2000 \SystemRoot\system32\drivers\portcls.sys 0x805C4000 \SystemRoot\system32\drivers\drmk.sys 0x8F202000 \SystemRoot\system32\DRIVERS\stwrt.sys 0x8F263000 \SystemRoot\system32\DRIVERS\hidir.sys 0x8F26E000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0x8F27E000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0x8F285000 \SystemRoot\system32\DRIVERS\kbdhid.sys 0x8F28E000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x8F296000 \SystemRoot\System32\Drivers\Fs_Rec.SYS 0x8F29F000 \SystemRoot\System32\Drivers\Null.SYS 0x8F2A6000 \SystemRoot\System32\Drivers\Beep.SYS 0x8F2AD000 \SystemRoot\System32\drivers\vga.sys 0x8F2B9000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x8F2DA000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x8F2E2000 \SystemRoot\system32\drivers\rdpencdd.sys 0x8F2EA000 \SystemRoot\System32\Drivers\Msfs.SYS 0x8F2F5000 \SystemRoot\System32\Drivers\Npfs.SYS 0x8F303000 \SystemRoot\System32\DRIVERS\rasacd.sys 0x8F30C000 \SystemRoot\system32\DRIVERS\tdx.sys 0x8F322000 \SystemRoot\system32\DRIVERS\smb.sys 0x8F336000 \SystemRoot\system32\drivers\afd.sys 0x8F37E000 \SystemRoot\System32\DRIVERS\netbt.sys 0x8F3B0000 \SystemRoot\system32\DRIVERS\pacer.sys 0x8F3C6000 \SystemRoot\system32\DRIVERS\netbios.sys 0x8F3D4000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x8F405000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x8F441000 \SystemRoot\system32\drivers\nsiproxy.sys 0x8F44B000 \SystemRoot\System32\Drivers\dfsc.sys 0x8F462000 \SystemRoot\System32\Drivers\crashdmp.sys 0x8F46F000 \SystemRoot\System32\Drivers\dump_dumpata.sys 0x8F47A000 \SystemRoot\System32\Drivers\dump_msahci.sys 0x8F499000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x8F49B000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x97260000 \SystemRoot\System32\win32k.sys 0x8F4B2000 \SystemRoot\System32\drivers\Dxapi.sys 0x8F4BC000 \SystemRoot\system32\DRIVERS\OA001Vid.sys 0x8F501000 \SystemRoot\system32\DRIVERS\OA001Ufd.sys 0x8F522000 \SystemRoot\system32\DRIVERS\hidusb.sys 0x8F52B000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys 0x8F532000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys 0x8F53A000 \SystemRoot\system32\DRIVERS\monitor.sys 0x97480000 \SystemRoot\System32\TSDDD.dll 0x974A0000 \SystemRoot\System32\cdd.dll 0x8F549000 \SystemRoot\system32\drivers\luafv.sys 0x81804000 \SystemRoot\system32\drivers\spsys.sys 0x818B4000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x818C4000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x818EE000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x818F8000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x8190B000 \SystemRoot\system32\drivers\HTTP.sys 0x81978000 \SystemRoot\System32\Drivers\fastfat.SYS 0x819A0000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x819BD000 \SystemRoot\system32\DRIVERS\bowser.sys 0x819D6000 \SystemRoot\System32\drivers\mpsdrv.sys 0x8F564000 \SystemRoot\system32\drivers\mrxdav.sys 0x8F585000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x8F5A4000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x8F5DD000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x9B407000 \SystemRoot\System32\DRIVERS\srv2.sys 0x9B42F000 \SystemRoot\System32\DRIVERS\srv.sys 0x9B496000 \SystemRoot\system32\drivers\peauth.sys 0x9B574000 \SystemRoot\System32\Drivers\secdrv.SYS 0x9B57E000 \SystemRoot\System32\drivers\tcpipreg.sys 0x9B5B1000 \SystemRoot\system32\DRIVERS\cdfs.sys 0x9B5DC000 \??\C:\Windows\system32\Drivers\PROCEXP113.SYS 0x9B5DE000 \??\C:\Users\Nikel\AppData\Local\Temp\catchme.sys 0x9B5E6000 \??\C:\Users\Nikel\AppData\Local\Temp\uxloikod.sys 0x77570000 \Windows\System32\ntdll.dll Processes (total 78): 0 System Idle Process 4 System 412 C:\Windows\System32\smss.exe 544 csrss.exe 604 C:\Windows\System32\wininit.exe 616 csrss.exe 652 C:\Windows\System32\services.exe 688 C:\Windows\System32\lsass.exe 696 C:\Windows\System32\lsm.exe 768 C:\Windows\System32\winlogon.exe 884 C:\Windows\System32\svchost.exe 948 C:\Windows\System32\svchost.exe 1056 C:\Windows\System32\Ati2evxx.exe 1076 C:\Windows\System32\svchost.exe 1104 C:\Windows\System32\svchost.exe 1120 C:\Windows\System32\svchost.exe 1172 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\stacsv.exe 1232 C:\Windows\System32\audiodg.exe 1300 C:\Windows\System32\svchost.exe 1320 C:\Windows\System32\SLsvc.exe 1368 C:\Windows\System32\svchost.exe 1500 C:\Program Files\Dell\DellDock\DockLogin.exe 1596 C:\Windows\System32\svchost.exe 1744 C:\Windows\System32\Ati2evxx.exe 1856 C:\Windows\System32\spoolsv.exe 1888 C:\Windows\System32\svchost.exe 320 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\AEstSrv.exe 344 C:\Windows\System32\svchost.exe 432 C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe 548 C:\Windows\System32\svchost.exe 708 C:\Windows\System32\svchost.exe 692 C:\Windows\System32\svchost.exe 1032 C:\Windows\System32\svchost.exe 2020 C:\Windows\System32\svchost.exe 872 C:\Windows\System32\svchost.exe 2104 C:\Windows\System32\SearchIndexer.exe 2628 C:\Windows\System32\taskeng.exe 3176 C:\Windows\System32\svchost.exe 3332 C:\Program Files\Dell Support Center\bin\sprtsvc.exe 4016 C:\Windows\System32\dwm.exe 1036 C:\Windows\System32\taskeng.exe 2348 C:\Program Files\Dell\DellDock\DellDock.exe 920 C:\Program Files\DellTPad\Apoint.exe 2692 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe 2764 C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe 1156 C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe 2768 C:\Program Files\Dell\MediaDirect\PCMService.exe 2824 C:\Program Files\Dell Support Center\bin\sprtcmd.exe 2184 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe 2760 C:\Program Files\IDT\WDM\sttray.exe 2780 C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe 2700 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe 2716 C:\Program Files\Common Files\Java\Java Update\jusched.exe 2204 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2708 C:\Windows\ehome\ehtray.exe 1216 C:\Program Files\Windows Media Player\wmpnscfg.exe 1044 C:\Program Files\Skype\Phone\Skype.exe 2096 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe 2840 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe 2880 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe 2868 C:\Program Files\Logitech\SetPoint\SetPoint.exe 2888 C:\Program Files\Dell\QuickSet\quickset.exe 2900 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 1276 C:\Windows\ehome\ehmsas.exe 3068 C:\Program Files\Windows Media Player\wmpnetwk.exe 4076 WmiPrvSE.exe 1492 C:\Program Files\DellTPad\ApMsgFwd.exe 3736 C:\Program Files\DellTPad\hidfind.exe 3952 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 2932 C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe 2688 C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe 4668 C:\Program Files\Skype\Plugin Manager\skypePM.exe 4280 C:\Windows\System32\conime.exe 1720 C:\Windows\explorer.exe 3636 C:\Windows\System32\SearchProtocolHost.exe 5004 C:\Program Files\Mozilla Firefox\firefox.exe 4064 C:\Windows\System32\SearchFilterHost.exe 4396 C:\Users\Nikel\Desktop\MBRCheck.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`88e00000 (NTFS) \\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`08e00000 (NTFS) PhysicalDrive0 Model Number: WDCWD3200BEVT-75ZCT2, Rev: 11.01A11 Size Device Name MBR Status -------------------------------------------- 298 GB \\.\PhysicalDrive0 Windows Vista MBR code detected SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979 Done! |
|
22.06.2011, 18:52
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Festplatte beschädigt. Private Daten sind in Gefahr //Catalyst Control Center funktioniert nicht meh Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.06.2011, 09:25
| #29 |
| | Festplatte beschädigt. Private Daten sind in Gefahr //Catalyst Control Center funktioniert nicht meh moinsen, hier der MBAM log: Malwarebytes' Anti-Malware 1.51.0.1200 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: 6923 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19048 23.06.2011 10:19:37 mbam-log-2011-06-23 (10-19-37).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Durchsuchte Objekte: 332577 Laufzeit: 1 Stunde(n), 4 Minute(n), 16 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) SAS log folgt asap gruß niko |
|
23.06.2011, 14:14
| #30 |
| | Festplatte beschädigt. Private Daten sind in Gefahr //Catalyst Control Center funktioniert nicht meh sas hat etwas gefunden, siehe log. Entsprechende Datei befindet sich in Quarantäne. Schiebe den ESET scan auf bis ich weiss, wie ich verfahren soll. Beste Grüße SUPERAntiSpyware Scan Log SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware! Generated 06/23/2011 at 01:09 PM Application Version : 4.54.1000 Core Rules Database Version : 7313 Trace Rules Database Version: 5125 Scan type : Complete Scan Total Scan Time : 02:35:00 Memory items scanned : 847 Memory threats detected : 0 Registry items scanned : 9563 Registry threats detected : 0 File items scanned : 179518 File threats detected : 1 Trojan.Agent/Gen-FakeAV C:\PROGRAM FILES\WINRAR\DEFAULT.SFX |
|
| Themen zu Festplatte beschädigt. Private Daten sind in Gefahr //Catalyst Control Center funktioniert nicht meh |
| bildschirm, center, control, driver, fehler, festplatte, festplatten, folge, funktioniert, funktioniert nicht, gefahr, hard disk, malware, meldungen, platte, programme, retten, schwarzer bildschirm, system neu, trojan.agent, trojan.fakealert, trojan.fakealert.gen, vista, wichtige daten |
Linear-Darstellung
