| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: nach Security Tool eigenständiges öffnen v. webseiten und javaWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
30.09.2010, 17:15
| #1 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  nach Security Tool eigenständiges öffnen v. webseiten und java So ganz überzeugt bin ich von der Bereinigung hier nicht. Diese "patches" installieren oft richtig fiese Sachen nach. Vermutlich wirst Du um format c: nicht herumkommen und diesen dubiosen Mist darfst Du dann auch nicht mehr ausführen wenn Du einen sauberen Rechner haben willst. Wir können aber noch weiterprobieren. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus Anschließend den bootkit_remover herunterladen. Entpacke das Tool in einen eigenen Ordner auf dem Desktop und führe in diesem Ordner die Datei remove.exe aus. Wenn Du Windows Vista oder Windows 7 verwendest, musst Du die remover.exe über ein Rechtsklick => als Administrator ausführen Ein schwarzes Fenster wird sich öffnen und automatisch nach bösartigen Veränderungen im MBR suchen. Poste dann bitte, ob es Veränderungen gibt und wenn ja in welchem device. Am besten alles posten was die remover.exe ausgibt.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
02.10.2010, 22:40
| #2 |
 | nach Security Tool eigenständiges öffnen v. webseiten und java sorry, ich hatte gestern keine gelegenheit die scans zu erledigen. der Bootkit Remover gibt eine fehlermeldung aus, konnte ihn daher leider nicht ausführen (siehe angehängtes bild). GMER log: Code:
ATTFilter GMER 1.0.15.15281 - hxxp://www.gmer.net
Rootkit scan 2010-10-02 23:17:14
Windows 6.1.7600
Running: 44pfno5x.exe; Driver: C:\Users\Tim\AppData\Local\Temp\pwloikow.sys
---- System - GMER 1.0.15 ----
INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E2EAF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E2E104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E2E3F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E16634
INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E16898
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E2E1DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E2E958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E2E6F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E2EF2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E2F1A8
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82E8E599 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82EB2F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x91A0C000, 0x2D50D6, 0xE8000020]
.text peauth.sys AB02EC9D 28 Bytes [CF, 9B, DF, B7, 2E, 5E, 52, ...]
.text peauth.sys AB02ECC1 28 Bytes [CF, 9B, DF, B7, 2E, 5E, 52, ...]
? C:\Users\Tim\AppData\Local\Temp\catchme.sys The system cannot find the file specified. !
? C:\Windows\system32\Drivers\PROCEXP113.SYS The system cannot find the file specified. !
? C:\Users\Tim\AppData\Local\Temp\mbr.sys The system cannot find the file specified. !
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\explorer.exe[3124] @ C:\Windows\explorer.exe [gdiplus.dll!GdipAlloc] [73EF2494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3124] @ C:\Windows\explorer.exe [gdiplus.dll!GdiplusStartup] [73ED5624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3124] @ C:\Windows\explorer.exe [gdiplus.dll!GdiplusShutdown] [73ED56E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3124] @ C:\Windows\explorer.exe [gdiplus.dll!GdipFree] [73EF250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3124] @ C:\Windows\explorer.exe [gdiplus.dll!GdipDeleteGraphics] [73EE8573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3124] @ C:\Windows\explorer.exe [gdiplus.dll!GdipDisposeImage] [73EE4D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3124] @ C:\Windows\explorer.exe [gdiplus.dll!GdipGetImageWidth] [73EE50CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3124] @ C:\Windows\explorer.exe [gdiplus.dll!GdipGetImageHeight] [73EE51A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3124] @ C:\Windows\explorer.exe [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [73EE66D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3124] @ C:\Windows\explorer.exe [gdiplus.dll!GdipCreateFromHDC] [73EE82CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3124] @ C:\Windows\explorer.exe [gdiplus.dll!GdipSetCompositingMode] [73EE8819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3124] @ C:\Windows\explorer.exe [gdiplus.dll!GdipSetInterpolationMode] [73EE907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3124] @ C:\Windows\explorer.exe [gdiplus.dll!GdipDrawImageRectI] [73EEE21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3124] @ C:\Windows\explorer.exe [gdiplus.dll!GdipCloneImage] [73EE4C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\00000053 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd507b97
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0009dd507b97@0022a5cc6205 0xA0 0x13 0x30 0xB2 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x5B 0x81 0x3A 0x4B ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xFC 0xE7 0x18 0x40 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x80 0x28 0x24 0x30 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd507b97 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0009dd507b97@0022a5cc6205 0xA0 0x13 0x30 0xB2 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x5B 0x81 0x3A 0x4B ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xFC 0xE7 0x18 0x40 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x80 0x28 0x24 0x30 ...
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 23:33:09 on 02.10.2010 OS: Windows 7 (Build 7600), 32-bit Default Browser: Mozilla Corporation Firefox 3.6.3 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl "PSUNCpl.cpl" - "Panda Security, S.L." - C:\Windows\system32\PSUNCpl.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "HP 3D DriveGuard" - "Hewlett-Packard" - C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\hpaccelerometercp.CPL "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\MLCFG32.CPL "Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl "PSUNCPL" - ? - C:\Windows\syst (File not found) "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Amd Disk Lower Filter Driver" (Amddfltr) - "Advanced Micro Devices" - C:\Windows\System32\DRIVERS\Amddfltr.sys "catchme" (catchme) - ? - C:\Users\Tim\AppData\Local\Temp\catchme.sys (File not found) "EagleNT" (EagleNT) - ? - C:\Windows\system32\drivers\EagleNT.sys (File not found) "PSINAflt" (PSINAflt) - "Panda Security, S.L." - C:\Windows\System32\DRIVERS\PSINAflt.sys "PSINFile" (PSINFile) - "Panda Security, S.L." - C:\Windows\System32\DRIVERS\PSINFile.sys "PSINKNC" (PSINKNC) - "Panda Security, S.L." - C:\Windows\System32\DRIVERS\psinknc.sys "PSINProc" (PSINProc) - "Panda Security, S.L." - C:\Windows\System32\DRIVERS\PSINProc.sys "PSINProt" (PSINProt) - "Panda Security, S.L." - C:\Windows\System32\DRIVERS\PSINProt.sys "TfFsMon" (TfFsMon) - ? - C:\Windows\System32\drivers\TfFsMon.sys (File not found) "TfNetMon" (TfNetMon) - ? - C:\Windows\system32\drivers\TfNetMon.sys (File not found) "TfSysMon" (TfSysMon) - ? - C:\Windows\System32\drivers\TfSysMon.sys (File not found) [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {10880D85-AAD9-4558-ABDC-2AB1552D831F} "LightScribe Control Panel" - "Hewlett-Packard Company" - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe" -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {83EC570E-9FFA-11D2-9559-006008594011} "HTSProtHandler.CHtapHandler" - "PtahSoft GmbH, ZTD Freiburg" - C:\Program Files\Hogrefe\Common\HTSProtHandler.dll {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {872A9397-E0D6-4e28-B64D-52B8D0A7EA35} "DisplayCplExt Class" - "Advanced Micro Devices, Inc." - c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamaxx.dll {D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll {83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll {C080DC3F-9095-4E4B-95E6-D67D077130E8} "IconsHandlerNano Class" - "Panda Security, S.L." - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll {DC70C4A5-2044-4c59-B806-DEFB9AE0DF7C} "KbLogiExt Class" - "Logitech, Inc." - C:\Program Files\Logitech\SetPoint\kbcplext.dll {B9B9F083-2B04-452A-8691-83694AC1037B} "LogiExt Class" - "Logitech, Inc." - C:\Program Files\Logitech\SetPoint\mcplext.dll {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\OLKFSTUB.DLL {80AEF606-7FFA-4EF6-86C4-0B86FEF4E0CD} "ShellExt Class" - "Panda Security, S.L." - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL {5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - "Advanced Micro Devices, Inc." - c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_19" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} "Java Plug-in 1.6.0_19" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_19" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_19.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab {7530BFB8-7293-4D34-9923-61A11451AFC5} "OnlineScanner Control" - "Eset" - C:\PROGRA~1\ESET\ESETON~1\ONLINE~1.OCX / hxxp://download.eset.com/special/eos/OnlineScanner.cab {E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? - (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "@C:\Windows\WindowsMobile\INetRepl.dll,-222" - "Microsoft Corporation" - C:\Windows\WindowsMobile\INetRepl.dll {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "ClsidExtension" - "Microsoft Corporation" - C:\Windows\WindowsMobile\INetRepl.dll "ICQ7" - "ICQ, Inc." - C:\Program Files\ICQ7.0\ICQ.exe {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} "Panda Security Toolbar" - ? - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} "Panda Security Toolbar" - ? - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? - (File not found | COM-object registry key not found) [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Logitech SetPoint.lnk" - "Logitech, Inc." - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Shortcut exists | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" - "Nero AG" - "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" "TomTomHOME.exe" - "TomTom" - "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "DivXUpdate" - ? - "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "FreePDF Assistant" - "shbox.de" - C:\Program Files\FreePDF_XP\fpassist.exe "iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe" "PSUNMain" - "Panda Security, S.L." - "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar "QlbCtrl.exe" - " Hewlett-Packard Development Company, L.P." - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start "QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime "StartCCC" - "Advanced Micro Devices, Inc." - "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" "YouCam Mirage" - "CyberLink" - "C:\Program Files\CyberLink\YouCam\YCMMirage.exe" "YouCam Tray" - "CyberLink Corp." - "C:\Program Files\CyberLink\YouCam\YouCam.exe" /s [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\Windows\system32\mdimon.dll "Redirected Port" - ? - C:\Windows\system32\redmonnt.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "Com4QLBEx" (Com4QLBEx) - "Hewlett-Packard Development Company, L.P." - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "FABS - Helping agent for MAGIX media database" (Fabs) - "MAGIX AG" - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe "Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "hpqwmiex" (hpqwmiex) - "Hewlett-Packard Development Company, L.P." - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Program Files\Common Files\LightScribe\LSSrvc.exe "Logitech Bluetooth Service" (LBTServ) - "Logitech, Inc." - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe "Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "NBService" (NBService) - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe "NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Panda Cloud Antivirus Service" (NanoServiceMain) - "Panda Security, S.L." - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe "PLFlash DeviceIoControl Service" (PLFlash DeviceIoControl Service) - "Prolific Technology Inc." - C:\Windows\system32\IoctlSvc.exe "SBSD Security Center Service" (SBSDWSCService) - "Safer Networking Ltd." - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe "TomTomHOMEService" (TomTomHOMEService) - "TomTom" - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [Winlogon] -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "LBTWlgn" - "Logitech, Inc." - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru |
|
03.10.2010, 13:27
| #3 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | nach Security Tool eigenständiges öffnen v. webseiten und java Downloade Dir bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________
__________________ |
|
03.10.2010, 14:10
| #4 |
| | nach Security Tool eigenständiges öffnen v. webseiten und java MBR Check: Code:
ATTFilter MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Professional
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: Quanta
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Pavilion dv5 Notebook PC
Logical Drives Mask: 0x0000001c
Kernel Drivers (total 210):
0x82E17000 \SystemRoot\system32\ntkrnlpa.exe
0x83227000 \SystemRoot\system32\halmacpi.dll
0x80BAB000 \SystemRoot\system32\kdcom.dll
0x8B00B000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
0x8B016000 \SystemRoot\system32\PSHED.dll
0x8B027000 \SystemRoot\system32\BOOTVID.dll
0x8B02F000 \SystemRoot\system32\CLFS.SYS
0x8B071000 \SystemRoot\system32\CI.dll
0x8B11C000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8B18D000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8B19B000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x8B1E3000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x8B1EC000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x8B1F4000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x8B23F000 \SystemRoot\system32\DRIVERS\pci.sys
0x8B269000 \SystemRoot\System32\drivers\partmgr.sys
0x8B27A000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8B282000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8B28D000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x8B29D000 \SystemRoot\System32\drivers\volmgrx.sys
0x8B2E8000 \SystemRoot\system32\DRIVERS\pciide.sys
0x8B2EF000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x8B2FD000 \SystemRoot\System32\drivers\mountmgr.sys
0x8B313000 \SystemRoot\system32\DRIVERS\atapi.sys
0x8B31C000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x8B33F000 \SystemRoot\system32\DRIVERS\msahci.sys
0x8B349000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x8B352000 \SystemRoot\system32\drivers\fltmgr.sys
0x8B386000 \SystemRoot\system32\drivers\fileinfo.sys
0x8B41C000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8B54B000 \SystemRoot\System32\Drivers\msrpc.sys
0x8B576000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8B589000 \SystemRoot\System32\Drivers\cng.sys
0x8B5E6000 \SystemRoot\System32\drivers\pcw.sys
0x8B5F4000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x8B62F000 \SystemRoot\system32\drivers\ndis.sys
0x8B6E6000 \SystemRoot\system32\drivers\NETIO.SYS
0x8B724000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x8B839000 \SystemRoot\System32\drivers\tcpip.sys
0x8B982000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8B9B3000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
0x8B9BC000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x8B800000 \SystemRoot\System32\Drivers\spldr.sys
0x8B808000 \SystemRoot\System32\drivers\rdyboost.sys
0x8B749000 \SystemRoot\System32\Drivers\mup.sys
0x8B759000 \SystemRoot\System32\drivers\hwpolicy.sys
0x8B761000 \SystemRoot\system32\DRIVERS\hpdskflt.sys
0x8B76A000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x8B79C000 \SystemRoot\system32\DRIVERS\disk.sys
0x8B7AD000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x8B7D2000 \SystemRoot\system32\DRIVERS\AtiPcie.sys
0x8B7DA000 \SystemRoot\system32\DRIVERS\Amddfltr.sys
0x8B397000 \SystemRoot\system32\DRIVERS\ahcix86s.sys
0x8BA06000 \SystemRoot\system32\DRIVERS\storport.sys
0x8BAB5000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8BAD4000 \SystemRoot\System32\Drivers\Null.SYS
0x8BADB000 \SystemRoot\System32\Drivers\Beep.SYS
0x8BAE2000 \SystemRoot\System32\drivers\vga.sys
0x8BAEE000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8BB0F000 \SystemRoot\System32\drivers\watchdog.sys
0x8BB1C000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8BB24000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8BB2C000 \SystemRoot\system32\drivers\rdprefmp.sys
0x8BB34000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8BB3F000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8BB4D000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8BB64000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8BB6F000 \SystemRoot\system32\drivers\afd.sys
0x8BBC9000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8B7E2000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x8B600000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8B7E9000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x8B61F000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8B400000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8B3D7000 \SystemRoot\system32\DRIVERS\termdd.sys
0x9080B000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x9084C000 \SystemRoot\system32\DRIVERS\psinknc.sys
0x9086E000 \SystemRoot\system32\drivers\nsiproxy.sys
0x90878000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x90882000 \SystemRoot\System32\drivers\discache.sys
0x9088E000 \SystemRoot\system32\drivers\csc.sys
0x908F2000 \SystemRoot\System32\Drivers\dfsc.sys
0x9090A000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x90918000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x90939000 \SystemRoot\system32\DRIVERS\amdppm.sys
0x91A2C000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x91F41000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x9094A000 \SystemRoot\System32\drivers\dxgmms1.sys
0x91A00000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x9156B000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
0x91591000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x91597000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x915A1000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x915EC000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x90983000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x91A1F000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
0x9099B000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x909A8000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x915FB000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x909D8000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x909E5000 \SystemRoot\system32\DRIVERS\enecir.sys
0x90800000 \SystemRoot\system32\DRIVERS\Accelerometer.sys
0x91400000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8B413000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8B3E7000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x91FF8000 \SystemRoot\system32\DRIVERS\clwvd.sys
0x8B200000 \SystemRoot\system32\DRIVERS\ks.sys
0x92A21000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x92A33000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x92A4B000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x92A56000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x92A78000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x92A90000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x92AA7000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x92ABE000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x92AC8000 \SystemRoot\system32\DRIVERS\swenum.sys
0x92ACA000 \SystemRoot\system32\DRIVERS\circlass.sys
0x92AD8000 \SystemRoot\system32\DRIVERS\umbus.sys
0x92AE6000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x92B2A000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x92B3B000 \SystemRoot\system32\drivers\AtiHdmi.sys
0x92B57000 \SystemRoot\system32\drivers\portcls.sys
0x92B86000 \SystemRoot\system32\drivers\drmk.sys
0x97E24000 \SystemRoot\system32\DRIVERS\stwrt.sys
0x97E8C000 \SystemRoot\system32\DRIVERS\hidir.sys
0x97E9B000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x97EAE000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x97EB5000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x97EC1000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x985B0000 \SystemRoot\System32\win32k.sys
0x97ECC000 \SystemRoot\System32\drivers\Dxapi.sys
0x97EEC000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x97F03000 \SystemRoot\System32\Drivers\usbvideo.sys
0x98410000 \SystemRoot\System32\TSDDD.dll
0x98440000 \SystemRoot\System32\cdd.dll
0x97F32000 \SystemRoot\system32\drivers\luafv.sys
0x97F4D000 \SystemRoot\system32\DRIVERS\PSINAflt.sys
0x97F74000 \SystemRoot\system32\DRIVERS\PSINProt.sys
0x97F92000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x97FA8000 \SystemRoot\System32\Drivers\crashdmp.sys
0x97FB5000 \SystemRoot\System32\Drivers\dump_diskdump.sys
0x97FBF000 \SystemRoot\System32\Drivers\dump_ahcix86s.sys
0x97E00000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x92B9F000 \SystemRoot\system32\DRIVERS\PSINFile.sys
0x92BBB000 \SystemRoot\system32\DRIVERS\PSINProc.sys
0x92BD9000 \SystemRoot\system32\drivers\WudfPf.sys
0x97E11000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x8BA4D000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x92A00000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x8BA93000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xA9A3A000 \SystemRoot\system32\drivers\HTTP.sys
0xA9AC8000 \SystemRoot\system32\DRIVERS\bowser.sys
0xA9AE1000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA9AF3000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA9B16000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA9B51000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xAA408000 \SystemRoot\system32\drivers\peauth.sys
0xAA49F000 \SystemRoot\System32\Drivers\secdrv.SYS
0xAA4A9000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xAA4CA000 \SystemRoot\System32\drivers\tcpipreg.sys
0xAA4D7000 \SystemRoot\System32\DRIVERS\srv2.sys
0xAA526000 \SystemRoot\System32\DRIVERS\srv.sys
0xAA598000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x91404000 \SystemRoot\system32\DRIVERS\athr.sys
0xAA5A1000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0xAA5AB000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0xAA5CA000 \SystemRoot\system32\DRIVERS\Rt86win7.sys
0xAA5B4000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xAA5BF000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0xAA5EF000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0xAA577000 \SystemRoot\system32\DRIVERS\monitor.sys
0x772D0000 \Windows\System32\ntdll.dll
|
|
03.10.2010, 15:03
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | nach Security Tool eigenständiges öffnen v. webseiten und java Das Log ist unvollständig
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.10.2010, 15:39
| #6 |
| | nach Security Tool eigenständiges öffnen v. webseiten und java stimmt, sorry! Code:
ATTFilter MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Professional
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: Quanta
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Pavilion dv5 Notebook PC
Logical Drives Mask: 0x0000001c
Kernel Drivers (total 212):
0x82E17000 \SystemRoot\system32\ntkrnlpa.exe
0x83227000 \SystemRoot\system32\halmacpi.dll
0x80BAB000 \SystemRoot\system32\kdcom.dll
0x8B00B000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
0x8B016000 \SystemRoot\system32\PSHED.dll
0x8B027000 \SystemRoot\system32\BOOTVID.dll
0x8B02F000 \SystemRoot\system32\CLFS.SYS
0x8B071000 \SystemRoot\system32\CI.dll
0x8B11C000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8B18D000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8B19B000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x8B1E3000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x8B1EC000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x8B1F4000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x8B23F000 \SystemRoot\system32\DRIVERS\pci.sys
0x8B269000 \SystemRoot\System32\drivers\partmgr.sys
0x8B27A000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8B282000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8B28D000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x8B29D000 \SystemRoot\System32\drivers\volmgrx.sys
0x8B2E8000 \SystemRoot\system32\DRIVERS\pciide.sys
0x8B2EF000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x8B2FD000 \SystemRoot\System32\drivers\mountmgr.sys
0x8B313000 \SystemRoot\system32\DRIVERS\atapi.sys
0x8B31C000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x8B33F000 \SystemRoot\system32\DRIVERS\msahci.sys
0x8B349000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x8B352000 \SystemRoot\system32\drivers\fltmgr.sys
0x8B386000 \SystemRoot\system32\drivers\fileinfo.sys
0x8B41C000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8B54B000 \SystemRoot\System32\Drivers\msrpc.sys
0x8B576000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8B589000 \SystemRoot\System32\Drivers\cng.sys
0x8B5E6000 \SystemRoot\System32\drivers\pcw.sys
0x8B5F4000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x8B62F000 \SystemRoot\system32\drivers\ndis.sys
0x8B6E6000 \SystemRoot\system32\drivers\NETIO.SYS
0x8B724000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x8B839000 \SystemRoot\System32\drivers\tcpip.sys
0x8B982000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8B9B3000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
0x8B9BC000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x8B800000 \SystemRoot\System32\Drivers\spldr.sys
0x8B808000 \SystemRoot\System32\drivers\rdyboost.sys
0x8B749000 \SystemRoot\System32\Drivers\mup.sys
0x8B759000 \SystemRoot\System32\drivers\hwpolicy.sys
0x8B761000 \SystemRoot\system32\DRIVERS\hpdskflt.sys
0x8B76A000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x8B79C000 \SystemRoot\system32\DRIVERS\disk.sys
0x8B7AD000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x8B7D2000 \SystemRoot\system32\DRIVERS\AtiPcie.sys
0x8B7DA000 \SystemRoot\system32\DRIVERS\Amddfltr.sys
0x8B397000 \SystemRoot\system32\DRIVERS\ahcix86s.sys
0x8BA06000 \SystemRoot\system32\DRIVERS\storport.sys
0x8BAB5000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8BAD4000 \SystemRoot\System32\Drivers\Null.SYS
0x8BADB000 \SystemRoot\System32\Drivers\Beep.SYS
0x8BAE2000 \SystemRoot\System32\drivers\vga.sys
0x8BAEE000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8BB0F000 \SystemRoot\System32\drivers\watchdog.sys
0x8BB1C000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8BB24000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8BB2C000 \SystemRoot\system32\drivers\rdprefmp.sys
0x8BB34000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8BB3F000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8BB4D000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8BB64000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8BB6F000 \SystemRoot\system32\drivers\afd.sys
0x8BBC9000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8B7E2000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x8B600000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8B7E9000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x8B61F000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8B400000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8B3D7000 \SystemRoot\system32\DRIVERS\termdd.sys
0x9080B000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x9084C000 \SystemRoot\system32\DRIVERS\psinknc.sys
0x9086E000 \SystemRoot\system32\drivers\nsiproxy.sys
0x90878000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x90882000 \SystemRoot\System32\drivers\discache.sys
0x9088E000 \SystemRoot\system32\drivers\csc.sys
0x908F2000 \SystemRoot\System32\Drivers\dfsc.sys
0x9090A000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x90918000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x90939000 \SystemRoot\system32\DRIVERS\amdppm.sys
0x91A2C000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x91F41000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x9094A000 \SystemRoot\System32\drivers\dxgmms1.sys
0x91A00000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x9156B000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
0x91591000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x91597000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x915A1000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x915EC000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x90983000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x91A1F000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
0x9099B000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x909A8000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x915FB000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x909D8000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x909E5000 \SystemRoot\system32\DRIVERS\enecir.sys
0x90800000 \SystemRoot\system32\DRIVERS\Accelerometer.sys
0x91400000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8B413000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8B3E7000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x91FF8000 \SystemRoot\system32\DRIVERS\clwvd.sys
0x8B200000 \SystemRoot\system32\DRIVERS\ks.sys
0x92A21000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x92A33000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x92A4B000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x92A56000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x92A78000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x92A90000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x92AA7000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x92ABE000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x92AC8000 \SystemRoot\system32\DRIVERS\swenum.sys
0x92ACA000 \SystemRoot\system32\DRIVERS\circlass.sys
0x92AD8000 \SystemRoot\system32\DRIVERS\umbus.sys
0x92AE6000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x92B2A000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x92B3B000 \SystemRoot\system32\drivers\AtiHdmi.sys
0x92B57000 \SystemRoot\system32\drivers\portcls.sys
0x92B86000 \SystemRoot\system32\drivers\drmk.sys
0x97E24000 \SystemRoot\system32\DRIVERS\stwrt.sys
0x97E8C000 \SystemRoot\system32\DRIVERS\hidir.sys
0x97E9B000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x97EAE000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x97EB5000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x97EC1000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x985B0000 \SystemRoot\System32\win32k.sys
0x97ECC000 \SystemRoot\System32\drivers\Dxapi.sys
0x97EEC000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x97F03000 \SystemRoot\System32\Drivers\usbvideo.sys
0x98410000 \SystemRoot\System32\TSDDD.dll
0x98440000 \SystemRoot\System32\cdd.dll
0x97F32000 \SystemRoot\system32\drivers\luafv.sys
0x97F4D000 \SystemRoot\system32\DRIVERS\PSINAflt.sys
0x97F74000 \SystemRoot\system32\DRIVERS\PSINProt.sys
0x97F92000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x97FA8000 \SystemRoot\System32\Drivers\crashdmp.sys
0x97FB5000 \SystemRoot\System32\Drivers\dump_diskdump.sys
0x97FBF000 \SystemRoot\System32\Drivers\dump_ahcix86s.sys
0x97E00000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x92B9F000 \SystemRoot\system32\DRIVERS\PSINFile.sys
0x92BBB000 \SystemRoot\system32\DRIVERS\PSINProc.sys
0x92BD9000 \SystemRoot\system32\drivers\WudfPf.sys
0x97E11000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x8BA4D000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x92A00000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x8BA93000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xA9A3A000 \SystemRoot\system32\drivers\HTTP.sys
0xA9AC8000 \SystemRoot\system32\DRIVERS\bowser.sys
0xA9AE1000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA9AF3000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA9B16000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA9B51000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xAA408000 \SystemRoot\system32\drivers\peauth.sys
0xAA49F000 \SystemRoot\System32\Drivers\secdrv.SYS
0xAA4A9000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xAA4CA000 \SystemRoot\System32\drivers\tcpipreg.sys
0xAA4D7000 \SystemRoot\System32\DRIVERS\srv2.sys
0xAA526000 \SystemRoot\System32\DRIVERS\srv.sys
0xAA598000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x91404000 \SystemRoot\system32\DRIVERS\athr.sys
0xAA5A1000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0xAA5AB000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0xAA5CA000 \SystemRoot\system32\DRIVERS\Rt86win7.sys
0xAA5B4000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xAA5BF000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0xAA5EF000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0xA9B6C000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0xA9B98000 \SystemRoot\system32\DRIVERS\jmcr.sys
0xAA58D000 \SystemRoot\system32\DRIVERS\monitor.sys
0x772D0000 \Windows\System32\ntdll.dll
0x47AA0000 \Windows\System32\smss.exe
0x77510000 \Windows\System32\apisetschema.dll
0x00E90000 \Windows\System32\autochk.exe
0x774B0000 \Windows\System32\Wldap32.dll
0x77190000 \Windows\System32\urlmon.dll
0x77490000 \Windows\System32\imm32.dll
0x77100000 \Windows\System32\clbcatq.dll
0x76FA0000 \Windows\System32\ole32.dll
0x77450000 \Windows\System32\ws2_32.dll
0x76EF0000 \Windows\System32\msvcrt.dll
0x77440000 \Windows\System32\psapi.dll
0x76E10000 \Windows\System32\kernel32.dll
0x77430000 \Windows\System32\normaliz.dll
0x76D80000 \Windows\System32\oleaut32.dll
0x76BE0000 \Windows\System32\setupapi.dll
0x76B90000 \Windows\System32\gdi32.dll
0x76AC0000 \Windows\System32\msctf.dll
0x77420000 \Windows\System32\nsi.dll
0x77410000 \Windows\System32\lpk.dll
0x75E70000 \Windows\System32\shell32.dll
0x75DC0000 \Windows\System32\rpcrt4.dll
0x75D20000 \Windows\System32\usp10.dll
0x75CC0000 \Windows\System32\difxapi.dll
0x75BC0000 \Windows\System32\wininet.dll
0x75B90000 \Windows\System32\imagehlp.dll
0x75B70000 \Windows\System32\sechost.dll
0x75AF0000 \Windows\System32\comdlg32.dll
0x75A20000 \Windows\System32\user32.dll
0x759C0000 \Windows\System32\shlwapi.dll
0x757C0000 \Windows\System32\iertutil.dll
0x75720000 \Windows\System32\advapi32.dll
0x75600000 \Windows\System32\crypt32.dll
0x755E0000 \Windows\System32\devobj.dll
0x755B0000 \Windows\System32\cfgmgr32.dll
0x75560000 \Windows\System32\KernelBase.dll
0x754D0000 \Windows\System32\comctl32.dll
0x754A0000 \Windows\System32\wintrust.dll
0x75490000 \Windows\System32\msasn1.dll
Processes (total 79):
0 System Idle Process
4 System
396 C:\Windows\System32\smss.exe
516 csrss.exe
592 C:\Windows\System32\wininit.exe
608 csrss.exe
652 C:\Windows\System32\services.exe
668 C:\Windows\System32\lsass.exe
676 C:\Windows\System32\lsm.exe
776 C:\Windows\System32\svchost.exe
852 C:\Windows\System32\winlogon.exe
896 C:\Windows\System32\svchost.exe
944 C:\Windows\System32\atiesrxx.exe
1020 C:\Windows\System32\svchost.exe
1084 C:\Windows\System32\svchost.exe
1124 C:\Windows\System32\svchost.exe
1168 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\stacsv.exe
1360 C:\Windows\System32\svchost.exe
1436 C:\Windows\System32\hpservice.exe
1504 C:\Windows\System32\atieclxx.exe
1548 C:\Windows\System32\svchost.exe
1752 C:\Windows\System32\spoolsv.exe
1808 C:\Windows\System32\svchost.exe
1908 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\AEstSrv.exe
1936 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1964 C:\Program Files\Bonjour\mDNSResponder.exe
2008 C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
2044 C:\Windows\System32\svchost.exe
528 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
672 C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
1260 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
456 C:\Windows\System32\IoctlSvc.exe
2068 C:\Windows\System32\svchost.exe
2156 C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
2296 C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
3556 C:\Windows\System32\svchost.exe
3448 C:\Windows\System32\dwm.exe
3472 C:\Windows\System32\taskhost.exe
3648 C:\Windows\explorer.exe
2912 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2908 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
2928 C:\Program Files\IDT\WDM\sttray.exe
2644 C:\Program Files\FreePDF_XP\fpassist.exe
1396 C:\Windows\WindowsMobile\wmdc.exe
1196 C:\Program Files\Common Files\Java\Java Update\jusched.exe
200 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
1392 C:\Windows\System32\svchost.exe
1252 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
3716 C:\Program Files\iTunes\iTunesHelper.exe
3720 C:\Program Files\CyberLink\YouCam\YCMMirage.exe
3736 C:\Program Files\CyberLink\YouCam\YouCam.exe
3908 C:\Program Files\DivX\DivX Update\DivXUpdate.exe
4008 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
4020 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
196 C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
408 C:\Program Files\Logitech\SetPoint\SetPoint.exe
1972 C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
2396 C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
1120 C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
2952 WmiPrvSE.exe
2356 C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
2612 C:\Windows\System32\SearchIndexer.exe
3268 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
4120 C:\Program Files\Windows Media Player\wmpnetwk.exe
4412 C:\Program Files\iPod\bin\iPodService.exe
4832 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
5260 C:\Windows\System32\mobsync.exe
5344 C:\Windows\System32\svchost.exe
5472 C:\Windows\System32\svchost.exe
4156 C:\Windows\System32\wuauclt.exe
4984 C:\Program Files\Mozilla Firefox\firefox.exe
3180 C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
5624 C:\Program Files\MirandaX Ardena\MirandaX-Ardena.exe
3552 C:\Windows\System32\audiodg.exe
5336 C:\Windows\System32\SearchProtocolHost.exe
5300 C:\Windows\System32\SearchFilterHost.exe
3896 C:\Users\Tim\Desktop\MBRCheck.exe
1420 C:\Windows\System32\conhost.exe
2320 C:\Windows\System32\dllhost.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000048`4a900000 (NTFS)
PhysicalDrive0 Model Number: WDC WD3200BEVS-60VAT0, Rev: 1.12
Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 RE: Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
Done!
|
|
04.10.2010, 07:20
| #7 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | nach Security Tool eigenständiges öffnen v. webseiten und javaZitat:
Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu nach Security Tool eigenständiges öffnen v. webseiten und java |
| alles weg, anleitung, aufruf, dateien, einfach, experten, firefox, folge, forum, gleichzeitig, hängt, java, link, log, neuer, neuer tab, plötzlich, security, tab, tool, trend, trojaner-board, webseite, webseiten, zeichen, öffnen, öffnet |
Hybrid-Darstellung
