Ich kenn das Tool nicht. Was sagt aswMBR? unknown oder wie stuft es den ein?

Zitat:

Zitat von cosinus

Ich kenn das Tool nicht. Was sagt aswMBR? unknown oder wie stuft es den ein?

Danke für deine Antwort, Cosinus.

Ja, als "unknown":

Zitat:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-03-30 22:19:31
-----------------------------
22:19:31.308 OS Version: Windows 6.1.7601 Service Pack 1
22:19:31.308 Number of processors: 2 586 0x1C0A
22:19:31.313 ComputerName: ### UserName: ###
22:19:34.435 Initialize success
22:19:35.486 AVAST engine defs: 12033000
22:19:37.463 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
22:19:37.472 Disk 0 Vendor: SAMSUNG_ HH10 Size: 152627MB BusType: 3
22:19:37.502 Disk 0 MBR read successfully
22:19:37.509 Disk 0 MBR scan
22:19:37.520 Disk 0 unknown MBR code
22:19:37.535 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15360 MB offset 2048
22:19:37.564 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 31459328
22:19:37.600 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 68581 MB offset 31664128
22:19:37.642 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 68584 MB offset 172118016
22:19:37.660 Disk 0 scanning sectors +312578048
22:19:37.758 Disk 0 scanning C:\windows\system32\drivers
22:19:57.075 Service scanning
22:20:15.897 Service pxkbf C:\windows\System32\drivers\pxkbf.sys **LOCKED** 32
22:20:15.972 Service pxscan C:\windows\System32\drivers\pxscan.sys **LOCKED** 32
22:20:28.047 Modules scanning
22:20:45.885 Disk 0 trace - called modules:
22:20:45.917 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll
22:20:45.921 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84e736f0]
22:20:45.924 3 CLASSPNP.SYS[86d7059e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x84410038]
22:20:46.400 AVAST engine scan C:\windows
22:20:49.827 AVAST engine scan C:\windows\system32
22:24:42.393 AVAST engine scan C:\windows\system32\drivers
22:24:59.686 AVAST engine scan C:\Users\###
22:25:56.234 Disk 0 MBR has been saved successfully to "C:\Users\###\Desktop\MBR.dat"
22:25:56.279 The log file has been saved successfully to "C:\Users\###\Desktop\aswMBR.txt"

NoVirusThanks Antirootkit meldet:

Zitat:

==========================================================================================================================
NoVirusThanks Anti-Rootkit v1.2 (FREE EDITION)
Microsoft Windows Version 6.1 Build: 7601 Service Pack: 1
Detected CPUs: (2)
Scanning Commenced... 3/30/2012 10:30:51 PM
==========================================================================================================================
>>>Master Boot Record (MBR)<<<
==========================================================================================================================

Warning: Master Boot Record (MBR) appears to be modified and could be the result of an infection!

==========================================================================================================================
Scan Complete... 3/30/2012 10:30:51 PM
==========================================================================================================================

Sonst melden keine anderen Tools eine Bootkit Infektion. Ein Upload des dump datei an Avira hat bisher noch keine Rückmeldung ergeben. Sie analysieren noch.