hallo
GMER hat ich 2mal aufgehängt system eingefrohren
konnte die logs nicht speichern
es wurde etwas mit rootkit im system32 gefunden
Code:
Alles auswählen Aufklappen ATTFilter
Report of OSAM : Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 19:58:44 on 01.11.2010
OS: Windows 2000 Professional Service Pack 4 (Build 2195)
Default Browser: Mozilla Corporation Firefox 3.6.12
Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures
Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries
[Common]
-----( %SystemRoot%\Tasks )-----
"60MinShutdown.job" - "hxxp://www.beyondlogic.org" - C:\shutdown.exe
[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"GtmNicApp.cpl" - ? - C:\WINNT\system32\GtmNicApp.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINNT\system32\javacpl.cpl
"MCPCPL.CPL" - ? - C:\WINNT\system32\MCPCPL.CPL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl
[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Acronis Snapshots Manager" (snapman) - "Acronis" - C:\WINNT\System32\DRIVERS\snapman.sys
"Acronis TrueImage Backup Archive Explorer" (timounter) - "Acronis" - C:\WINNT\System32\DRIVERS\timntr.sys
"Acronis TrueImage FS Filter" (tifsfilter) - "Acronis" - C:\WINNT\System32\DRIVERS\tifsfilt.sys
"avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINNT\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINNT\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\catchme.sys (File not found)
"Changer" (Changer) - ? - C:\WINNT\system32\drivers\Changer.sys (File not found)
"cvintdrv" (cvintdrv) - ? - C:\WINNT\system32\drivers\cvintdrv.sys (File found, but it contains no detailed information)
"D-Link DFE-530TX PCI Fast Ethernet Adapter" (DLKFET) - "D-Link" - C:\WINNT\System32\DRIVERS\DLKFET.sys
"drivers" (drivers) - ? - C:\WINNT\system32\drivers (File not found)
"Dual-Mode DSC(2770)" (DCamUSBSQTECH) - "Service & Quality Technology." - C:\WINNT\System32\Drivers\SQcaptur.sys
"giveio" (giveio) - ? - C:\WINNT\system32\drivers\giveio.sys (File found, but it contains no detailed information)
"lbrtfdc" (lbrtfdc) - ? - C:\WINNT\system32\drivers\lbrtfdc.sys (File not found)
"Panasonic Software Modem" (PMDCVGSM) - ? - C:\WINNT\system32\drivers\PMDCVGSM.SYS (File not found)
"PCIDump" (PCIDump) - ? - C:\WINNT\system32\drivers\PCIDump.sys (File not found)
"PORTMON" (PORTMON) - ? - C:\Programme\portmon\PORTMSYS.SYS (File not found)
"sglfb" (sglfb) - ? - C:\WINNT\system32\drivers\sglfb.sys (File not found)
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINNT\System32\DRIVERS\ssmdrv.sys
"tga" (tga) - ? - C:\WINNT\system32\drivers\tga.sys (File not found)
"VIA AGP Filter" (viaagp1) - "VIA Technologies, Inc." - C:\WINNT\System32\DRIVERS\viaagp1.sys
"VIA USB Filter" (viafilter) - "VIA Technologies, Inc." - C:\WINNT\System32\Drivers\viausb.sys
"VIAPFD" (VIAPFD) - "VIA Technologies. Inc." - C:\WINNT\System32\Drivers\VIAPFD.SYS
"vnccom" (vnccom) - "RDV Soft" - C:\WINNT\System32\Drivers\vnccom.SYS
"vncdrv" (vncdrv) - "RDV Soft" - C:\WINNT\System32\DRIVERS\vncdrv.sys
[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11} "CRLUpdate" - "Microsoft Corporation" - %SystemRoot%\system32\updcrl.exe -e -u %SystemRoot%\system32\verisignpub1.crl
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found)
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice Property Sheet Handler" - ? - C:\Programme\OpenOffice.org1.1.0\program\shlxthdl.dll
{8903F6C9-25E3-40AC-A98F-E6D35CD0469C} "PSPad" - ? - (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shell-Erweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found)
{42071714-76d4-11d1-8b24-00a0c9068ff3} "Systemsteuerungserweiterung für die Anzeigeverschiebung" - ? - deskpan.dll (File not found)
{51EEE242-AD87-11d3-9C1E-0090278BBD99} "Vim Shell Extension" - "Tianmiao Hu's Developer Studio" - C:\Programme\Vim\vim63\gvimext.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll (File found, but it contains no detailed information)
{E0D79300-84BE-11CE-9641-444553540000} "WinZip" - ? - C:\PROGRA~1\WinZip\wzshlext.dll
{E0D79301-84BE-11CE-9641-444553540000} "WinZip" - ? - C:\PROGRA~1\WinZip\wzshlext.dll
{E0D79302-84BE-11CE-9641-444553540000} "WinZip" - ? - C:\PROGRA~1\WinZip\wzshlext.dll
[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
DirectAnimation Java Classes "DirectAnimation Java Classes" - ? - (File not found | COM-object registry key not found) / file://C:\WINNT\Java\classes\dajava.cab
{4871A87A-BFDD-4106-8153-FFDE2BAC2967} "DLM Control" - "Akamai Technologies, Inc." - C:\WINNT\DOWNLO~1\DOWNLO~1.OCX / hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.2.cab
{4C39376E-FA9D-4349-BACC-D305C1750EF3} "EPUImageControl Class" - "eBay, Inc." - C:\WINNT\Downloaded Program Files\EPUWALcontrol.dll / hxxp://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_11" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_11.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} "Java Plug-in 1.6.0_11" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_11.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_11" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_11.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
Microsoft XML Parser for Java "Microsoft XML Parser for Java" - ? - (File not found | COM-object registry key not found) / file://C:\WINNT\Java\classes\xmldso.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINNT\system32\Macromed\Flash\Flash10c.ocx / hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
{644E432F-49D3-41A1-8DD5-E099162EEEC5} "Symantec RuFSI Utility Class" - "Symantec Corporation" - C:\WINNT\Downloaded Program Files\rufsi.dll / hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
{17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\WINNT\system32\LegitCheckControl.DLL / hxxp://go.microsoft.com/fwlink/?linkid=39204
{33564D57-0000-0010-8000-00AA00389B71} "{33564D57-0000-0010-8000-00AA00389B71}" - ? - (File not found | COM-object registry key not found) / hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "AcroIEHlprObj Class" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
[Logon]
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Acronis Scheduler2 Service" - "Acronis" - "C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe"
"Acronis*True*Image Monitor" - "Acronis" - "C:\Programme\Acronis\TrueImage\TrueImageMonitor.exe"
"avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"DU Meter" - "Hagel Technologies" - C:\Programme\DU Meter\DUMeter.exe
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Java\jre6\bin\jusched.exe"
"WinVNC" - "UltraVNC" - "C:\Programme\UltraVNC\winvnc.exe" -servicehelper
[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"PDF995 Monitor" - ? - C:\WINNT\system32\pdf995mon.dll (File found, but it contains no detailed information)
[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"CYGWIN sshd" (sshd) - ? - C:\cygwin\bin\cygrunsrv.exe (File found, but it contains no detailed information)
"GtDetectSc Service" (gtdetectsc) - "OptionNV" - C:\WINNT\system32\gtdetectsc.exe
"GtFlashSwitch Service" (GtFlashSwitch) - "OptionNV" - C:\WINNT\system32\GtFlashSwitch.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"konfig" (konfig) - ? - c:\opt\MBCASE\pm\bin\mcp.exe (File found, but it contains no detailed information)
"license" (license) - ? - c:\opt\MBCASE\pm\bin\mcp.exe (File found, but it contains no detailed information)
"Macromedia Licensing Service" (Macromedia Licensing Service) - ? - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
"mcp" (mcp) - ? - c:\opt\MBCASE\pm\bin\mcp.exe (File found, but it contains no detailed information)
"NoIPDUCService" (NoIPDUCService) - "Vitalwerks LLC" - C:\Programme\No-IP\DUC20.exe
"Omni-NFS Server" (Omni-NFS Server) - ? - C:\Programme\Nfserver\nfsd.exe (File found, but it contains no detailed information)
"Remote Packet Capture Protocol v.0 (experimental)" (rpcapd) - ? - "C:\Programme\WinPcap\rpcapd.exe" -d -f "C:\Programme\WinPcap\rpcapd.ini" (File not found)
"TransBaseService" (TransBaseService) - "TransAction Software, D 81737 Munich" - c:\opt\MBCASE\WIS\TBCD\tbmux32.exe
"User Profile Hive Cleanup" (UPHClean) - "Microsoft Corporation" - C:\Programme\UPHClean\uphclean.exe
"XLink LPD" (XLink LPD) - ? - C:\Programme\Nfserver\lpd.exe (File found, but it contains no detailed information)
[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll (File not found)
===[ Logfile end ]=========================================[ Logfile end ]===
If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
Code:
Alles auswählen Aufklappen ATTFilter
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 2000 Professional
Windows Information: Service Pack 4 (build 2195)
Logical Drives Mask: 0x0000000d
Kernel Drivers (total 99):
0x80400000 \WINNT\System32\ntoskrnl.exe
0x80062000 \WINNT\System32\hal.dll
0xEB810000 \WINNT\System32\BOOTVID.dll
0xF88CE000 ACPI.sys
0xEB9C8000 \WINNT\System32\DRIVERS\WMILIB.SYS
0xEB400000 pci.sys
0xEB410000 isapnp.sys
0xEB9C9000 pciide.sys
0xEB680000 \WINNT\System32\DRIVERS\PCIIDEX.SYS
0xEB688000 MountMgr.sys
0xF88B1000 ftdisk.sys
0xEB900000 Diskperf.sys
0xEB902000 dmload.sys
0xF888F000 dmio.sys
0xEB814000 PartMgr.sys
0xEB904000 viaide.sys
0xF8879000 atapi.sys
0xEB690000 disk.sys
0xEB420000 \WINNT\System32\DRIVERS\CLASSPNP.SYS
0xF8857000 fltmgr.sys
0xF8845000 KSecDD.sys
0xF87C7000 Ntfs.sys
0xF879D000 NDIS.sys
0xF876A000 timntr.sys
0xEB698000 viaagp.sys
0xEB6A0000 viaagp1.sys
0xF8756000 snapman.sys
0xF8740000 Mup.sys
0xEB450000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF86B0000 \SystemRoot\system32\DRIVERS\ati2mtaa.sys
0xEB6D0000 \SystemRoot\System32\DRIVERS\USBD.SYS
0xEB6B8000 \SystemRoot\System32\DRIVERS\uhcd.sys
0xF868E000 \SystemRoot\System32\DRIVERS\USBPORT.SYS
0xEB6E0000 \SystemRoot\System32\DRIVERS\usbehci.sys
0xEB460000 \SystemRoot\System32\DRIVERS\i8042prt.sys
0xEB6F0000 \SystemRoot\System32\DRIVERS\mouclass.sys
0xEB700000 \SystemRoot\System32\DRIVERS\kbdclass.sys
0xEB710000 \SystemRoot\System32\DRIVERS\fdc.sys
0xEB470000 \SystemRoot\System32\DRIVERS\serial.sys
0xEB8A8000 \SystemRoot\System32\DRIVERS\serenum.sys
0xEB728000 \SystemRoot\System32\DRIVERS\parport.sys
0xF863A000 \SystemRoot\system32\drivers\KS.SYS
0xF8656000 \SystemRoot\system32\drivers\portcls.sys
0xF867B000 \SystemRoot\system32\drivers\viaudio.sys
0xEB480000 \SystemRoot\System32\DRIVERS\fetnd5b.sys
0xEB90C000 \SystemRoot\system32\DRIVERS\vncdrv.sys
0xEB9E7000 \SystemRoot\System32\DRIVERS\audstub.sys
0xEB490000 \SystemRoot\System32\DRIVERS\rasl2tp.sys
0xEB8B8000 \SystemRoot\System32\DRIVERS\ndistapi.sys
0xF8623000 \SystemRoot\System32\DRIVERS\ndiswan.sys
0xEB8C8000 \SystemRoot\System32\DRIVERS\TDI.SYS
0xEB4A0000 \SystemRoot\System32\DRIVERS\raspptp.sys
0xEB750000 \SystemRoot\System32\DRIVERS\ptilink.sys
0xEB760000 \SystemRoot\System32\DRIVERS\raspti.sys
0xEB4B0000 \SystemRoot\System32\DRIVERS\parallel.sys
0xEB9F1000 \SystemRoot\System32\DRIVERS\swenum.sys
0xF85F8000 \SystemRoot\System32\DRIVERS\update.sys
0xEB4C0000 \SystemRoot\System32\DRIVERS\usbhub.sys
0xEB4D0000 \SystemRoot\System32\DRIVERS\usbhub20.sys
0xEB788000 \SystemRoot\System32\DRIVERS\flpydisk.sys
0xEB4F0000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xEB798000 \SystemRoot\System32\Drivers\EFS.SYS
0xEB914000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xEBA00000 \SystemRoot\System32\Drivers\Null.SYS
0xEBA02000 \SystemRoot\System32\Drivers\Beep.SYS
0xEBA04000 \SystemRoot\System32\Drivers\VIAPFD.SYS
0xEB8F4000 \SystemRoot\System32\drivers\vga.sys
0xEBA07000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xEB7C8000 \SystemRoot\System32\Drivers\Msfs.SYS
0xEB500000 \SystemRoot\System32\Drivers\Npfs.SYS
0xEB91C000 \SystemRoot\System32\DRIVERS\rasacd.sys
0xF550F000 \SystemRoot\System32\DRIVERS\tcpip.sys
0xEB510000 \SystemRoot\System32\DRIVERS\msgpc.sys
0xEB7E8000 \SystemRoot\System32\DRIVERS\wanarp.sys
0xEB520000 \SystemRoot\System32\DRIVERS\netbios.sys
0xEB7F8000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xF54E5000 \SystemRoot\System32\DRIVERS\rdbss.sys
0xF546D000 \SystemRoot\System32\DRIVERS\mrxsmb.sys
0xF8710000 \SystemRoot\System32\DRIVERS\usbscan.sys
0xF5456000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xEB920000 \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys
0xF540B000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xEBA37000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xF53F5000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xA0000000 \??\C:\WINNT\system32\win32k.sys
0xF33AC000 \SystemRoot\System32\ati2dvaa.dll
0xEB620000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xEB7D0000 \SystemRoot\system32\DRIVERS\tifsfilt.sys
0xF3241000 \SystemRoot\System32\DRIVERS\netbt.sys
0xF3223000 \SystemRoot\System32\drivers\afd.sys
0xEBA81000 \SystemRoot\System32\Drivers\cvintdrv.SYS
0xEB94E000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xF334C000 \SystemRoot\System32\Drivers\Fips.SYS
0xF3121000 \SystemRoot\system32\drivers\wdmaud.sys
0xEB5C0000 \SystemRoot\system32\drivers\sysaudio.sys
0xF2FF9000 \SystemRoot\System32\DRIVERS\srv.sys
0xEB9C0000 \SystemRoot\System32\Drivers\vnccom.SYS
0xF329C000 \??\C:\WINNT\system32\Drivers\uphcleanhlp.sys
0x77880000 \WINNT\system32\NTDLL.DLL
Processes (total 35):
0 System Idle Process
8 System
184 \SystemRoot\System32\smss.exe
208 CSRSS.EXE
204 \??\C:\WINNT\system32\winlogon.exe
256 C:\WINNT\system32\services.exe
268 C:\WINNT\system32\lsass.exe
428 C:\WINNT\system32\svchost.exe
452 C:\WINNT\system32\spoolsv.exe
480 C:\Programme\Avira\AntiVir Desktop\sched.exe
492 C:\Programme\Avira\AntiVir Desktop\avguard.exe
508 C:\WINNT\System32\svchost.exe
524 C:\WINNT\system32\gtdetectsc.exe
536 C:\WINNT\system32\GtFlashSwitch.exe
564 C:\Programme\Java\jre6\bin\jqs.exe
604 c:\opt\MBCASE\pm\bin\mcp.exe
804 C:\WINNT\Explorer.EXE
808 C:\WINNT\system32\MSTask.exe
868 c:\opt\MBCASE\WIS\TBCD\tbmux32.exe
888 C:\Programme\UPHClean\uphclean.exe
820 C:\WINNT\System32\WBEM\WinMgmt.exe
912 C:\WINNT\System32\dmadmin.exe
992 C:\Programme\DU Meter\DUMeter.exe
1024 C:\Programme\Acronis\TrueImage\TrueImageMonitor.exe
976 C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe
1012 C:\Programme\Java\jre6\bin\jusched.exe
1040 C:\Programme\Avira\AntiVir Desktop\avgnt.exe
1160 C:\WINNT\system32\cmd.exe
1180 C:\opt\MBCASE\pm\bin\cmserver.exe
1168 C:\WINNT\system32\cmd.exe
1292 C:\opt\MBCASE\pm\bin\lic_srv.exe
1272 C:\WINNT\system32\NOTEPAD.EXE
920 C:\Programme\Outlook Express\msimn.exe
1216 C:\Programme\Mozilla Firefox\firefox.exe
1364 C:\Eigene2000\test\Neuer Ordner (5)\MBRCheck.exe
WARNING: Unsupported Windows version! Results may not be accurate!
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000003`36aa9a00 (FAT32)
PhysicalDrive0 Model Number: ST340014A, Rev: 3.06
Size Device Name MBR Status
--------------------------------------------
37 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 4597B86E5C26EF38751DCC0504D119D7F3351C8A
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Done!
01.11.2010, 20:15
Hybrid-Darstellung
