BOO/TDss.M im Masterbootsektor/HD0 entdeckt

Ifron · 24.07.2011, 22:51

Hey M-K-D-B,

hier die logs:

OTL-Fix:

Code:

ATTFilter

All processes killed
========== OTL ==========
Service wpsdrvnt stopped successfully!
Service wpsdrvnt deleted successfully!
C:\Windows\SysWOW64\drivers\wpsdrvnt.sys moved successfully.
Service Teefer stopped successfully!
Service Teefer deleted successfully!
C:\Windows\SysWOW64\drivers\Teefer.sys moved successfully.
Service wg3n stopped successfully!
Service wg3n deleted successfully!
C:\Windows\SysWOW64\drivers\wg3n.sys moved successfully.
Prefs.js: "Game Master 1.1 Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2856449&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Game Master 1.1 Customized Web Search" removed from browser.search.selectedEngine
Prefs.js: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2 removed from extensions.enabledItems
Prefs.js: engine@conduit.com:3.3.3.2 removed from extensions.enabledItems
C:\Users\Ann-Marie\AppData\Roaming\mozilla\Firefox\Profiles\bl3lem6s.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin folder moved successfully.
C:\Users\Ann-Marie\AppData\Roaming\mozilla\Firefox\Profiles\bl3lem6s.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF folder moved successfully.
C:\Users\Ann-Marie\AppData\Roaming\mozilla\Firefox\Profiles\bl3lem6s.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\lib folder moved successfully.
C:\Users\Ann-Marie\AppData\Roaming\mozilla\Firefox\Profiles\bl3lem6s.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults folder moved successfully.
C:\Users\Ann-Marie\AppData\Roaming\mozilla\Firefox\Profiles\bl3lem6s.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components folder moved successfully.
C:\Users\Ann-Marie\AppData\Roaming\mozilla\Firefox\Profiles\bl3lem6s.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome folder moved successfully.
C:\Users\Ann-Marie\AppData\Roaming\mozilla\Firefox\Profiles\bl3lem6s.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} folder moved successfully.
C:\Users\Ann-Marie\AppData\Roaming\mozilla\Firefox\Profiles\bl3lem6s.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\Ann-Marie\AppData\Roaming\mozilla\Firefox\Profiles\bl3lem6s.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\Ann-Marie\AppData\Roaming\mozilla\Firefox\Profiles\bl3lem6s.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\Ann-Marie\AppData\Roaming\mozilla\Firefox\Profiles\bl3lem6s.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\Ann-Marie\AppData\Roaming\mozilla\Firefox\Profiles\bl3lem6s.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\Ann-Marie\AppData\Roaming\mozilla\Firefox\Profiles\bl3lem6s.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\Ann-Marie\AppData\Roaming\mozilla\Firefox\Profiles\bl3lem6s.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\Ann-Marie\AppData\Roaming\mozilla\Firefox\Profiles\bl3lem6s.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\Ann-Marie\AppData\Roaming\Mozilla\Firefox\Profiles\bl3lem6s.default\searchplugins\conduit.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
C:\Users\Ann-Marie\AppData\Local\{DDEF54B3-0B02-43E0-8134-DED37598DC14} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{13D1B040-B56B-4B67-85D6-628BB3E80A81} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{B342C8B4-5EF9-49E3-96CB-D70678747FDC} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{CED6590A-550C-4BDC-9FDE-7DA5AA16B566} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{D4F34911-DDD3-4080-9362-5E7E43772570} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{58A7FFB2-7A6C-4829-BAD3-5D3C141FF498} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{4A750548-BFCB-44A1-8FA9-A65945050B6A} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{37E444B9-328A-4DC7-9DA5-CDF548036B97} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{D50495AE-374D-4F2D-8676-A065A5A9484B} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{ADE4BA66-CC25-4458-B292-E9DC94190A98} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{D7C3F2DC-645F-44B2-B09C-3EA6F0507701} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{D1AA260A-2E89-4507-9F7C-F60413894039} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{727D3D80-261F-4BE2-A867-005CAD2F0EA2} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{BA5EEFC1-A869-4382-AA98-ECFB5523B547} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{50EA10F7-56BE-4F01-A195-BA4EDA0C250F} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{827F7D1F-E9FE-43CE-AEC3-83D8BD8D3DE6} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{786278F3-F4AF-4FDD-A10D-0062C2E14F8D} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{04927D79-B2DA-4304-A0C9-ED1C882A35F8} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{73F861E5-C43E-4944-9F8C-188DA170386E} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{85CF987B-1571-441D-8F1B-1A42A54FA8A9} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{E9298AAD-92BE-4761-BF74-191828F5BAA9} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{09702910-F054-4AC9-AEF5-F435F98B2876} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{38556073-EB8D-424F-8EB0-43E34B3C408B} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{FD8A7B68-4071-466D-B3AD-3D67D91335E4} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{622A6E00-B664-4645-80C9-CDC86D1110D8} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{3C7A15F0-3BDB-455D-9508-BD67422CE3F1} folder moved successfully.
C:\Users\Ann-Marie\AppData\Local\{5FDC8781-A78A-40F8-BB69-16F919BDCA10} folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
 
User: All Users
 
User: Ann-Marie
->Temp folder emptied: 295532 bytes
->Temporary Internet Files folder emptied: 75713036 bytes
->Java cache emptied: 128656 bytes
->FireFox cache emptied: 85799664 bytes
->Flash cache emptied: 41180 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 65907 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67899 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 155,00 mb
 
 
OTL by OldTimer - Version 3.2.26.1 log created on 07242011_160412

Files\Folders moved on Reboot...
C:\Users\Ann-Marie\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Eset:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=f71a85fb83c7104ea45255f1509e68d4
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-07-24 07:44:26
# local_time=2011-07-24 09:44:26 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode=1797 16775165 100 94 342682 48064090 212315 0
# compatibility_mode=5893 16776573 100 94 15906869 63162077 0 0
# compatibility_mode=8192 67108863 100 0 14921 14921 0 0
# scanned=165651
# found=0
# cleaned=0
# scan_time=4440

Security check:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.17  
 Windows 7   
 Internet Explorer 8  
`````````````````````````````` 
Antivirus/Firewall Check: 
 Avira AntiVir Personal - Free Antivirus 
 ESET Online Scanner v3   
 Sygate Personal Firewall Platinum   
 WMI entry may not exist for antivirus; attempting automatic update. 
``````````````````````````````` 
Anti-malware/Other Utilities Check: 
 Malwarebytes' Anti-Malware    
Flash Player Out of Date! 
 Adobe Flash Player 	10.2.152.26  
 Adobe Reader X (10.1.0) 
 Mozilla Firefox (3.6.13) Firefox Out of Date!  
```````````````````````````````` 
Process Check:  
objlist.exe by Laurent 
 Malwarebytes' Anti-Malware mbamservice.exe  
 Malwarebytes' Anti-Malware mbamgui.exe  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
``````````End of Log````````````

BOO/TDss.M im Masterbootsektor/HD0 entdeckt

Plagegeister aller Art und deren Bekämpfung: BOO/TDss.M im Masterbootsektor/HD0 entdeckt

BOO/TDss.M im Masterbootsektor/HD0 entdeckt

Ähnliche Themen: BOO/TDss.M im Masterbootsektor/HD0 entdeckt