| |
| |||||||
Log-Analyse und Auswertung: Windows Update deaktiviert sich - hosts nicht mehr zu öffnen - Browser frieren einWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
03.11.2010, 07:49
| #1 |
 |  Windows Update deaktiviert sich - hosts nicht mehr zu öffnen - Browser frieren ein Hi, hier alle Logs - GMER hat erst gezickt, aber nach langem warten hat es irgendwann irgendwie funktioniert. GMER: Code:
ATTFilter GMER 1.0.15.15477 - h**p://www.gmer.net
Rootkit scan 2010-11-02 19:33:30
Windows 6.1.7600
Running: 5pr8zszx.exe; Driver: C:\Users\*****\AppData\Local\Temp\kgldiuod.sys
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82C51599 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82C75F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
PAGE ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 2 82E83135 5 Bytes JMP 8941DC50
PAGE ntkrnlpa.exe!NtRequestWaitReplyPort + 2 82E84B5D 5 Bytes JMP 8941DBB0
PAGE ntkrnlpa.exe!NtRequestPort + 2 82E98DC3 5 Bytes JMP 8941DB10
? System32\Drivers\spzp.sys Das System kann den angegebenen Pfad nicht finden. !
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x91807000, 0x2FBFB8, 0xE8000020]
.text USBPORT.SYS!DllUnload 915D5CA0 5 Bytes JMP 8706C1D8
.text a20x9xs7.SYS 98E34000 12 Bytes [44, 38, 02, 83, EE, 36, 02, ...] {INC ESP; CMP [EDX], AL; SUB ESI, 0x36; ADD AL, [EBX-0x7cfde860]}
.text a20x9xs7.SYS 98E3400D 9 Bytes [17, 02, 83, 48, 3B, 02, 83, ...] {POP SS; ADD AL, [EBX-0x7cfdc4b8]; ADD [EAX], AL}
.text a20x9xs7.SYS 98E34017 170 Bytes [00, DE, 87, 5A, 83, E6, 85, ...]
.text a20x9xs7.SYS 98E340C3 8 Bytes [00, 00, 00, 00, 00, 00, 00, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL}
.text a20x9xs7.SYS 98E340CE 4 Bytes [00, 00, 00, 00] {ADD [EAX], AL; ADD [EAX], AL}
.text ...
.text autochk.exe 002211D1 2 Bytes [F1, 19]
.text autochk.exe 002211D4 3 Bytes [94, F1, 19]
.text autochk.exe 002211D8 3 Bytes [AC, 5E, 18]
.text autochk.exe 002211DC 1 Byte [03]
.text autochk.exe 002211E0 3 Bytes [7C, EE, 19]
.text ...
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [834AC042] \SystemRoot\System32\Drivers\spzp.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [834AC6D6] \SystemRoot\System32\Drivers\spzp.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [834AC800] \SystemRoot\System32\Drivers\spzp.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [834AC13E] \SystemRoot\System32\Drivers\spzp.sys
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortNotification] 00147880
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortQuerySystemTime] 78800C75
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortReadPortUchar] 06750015
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortStallExecution] C25DC033
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortWritePortUchar] 458B0008
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortWritePortUlong] 6A006A08
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortGetPhysicalAddress] 50056A24
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] 005AB7E8
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortGetScatterGatherList] 0001B800
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortGetParentBusType] C25D0000
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortRequestCallback] CCCC0008
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortWritePortBufferUshort] CCCCCCCC
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortGetUnCachedExtension] CCCCCCCC
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortCompleteRequest] CCCCCCCC
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortCopyMemory] 53EC8B55
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortEtwTraceLog] 800C5D8B
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 7500117B
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 127B806A
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 80647500
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortReadPortBufferUshort] 7500137B
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortInitialize] 157B805E
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortGetDeviceBase] 56587500
IAT \SystemRoot\System32\Drivers\a20x9xs7.SYS[ataport.SYS!AtaPortDeviceStateChange] 8008758B
---- Devices - GMER 1.0.15 ----
Device \Device\Ide\IdeDeviceP6T0L0-8 -> \??\IDE#DiskSAMSUNG_HD103SJ_________________________1AJ100E4#5&17b185bc&0&4.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xE7 0xA9 0xA8 0xA2 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x6B 0x92 0x83 0x6A ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x2D 0xDE 0x8D 0x46 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x8E 0xFC 0x29 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xE7 0xA9 0xA8 0xA2 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x6B 0x92 0x83 0x6A ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x2D 0xDE 0x8D 0x46 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x8E 0xFC 0x29 0x02 ...
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Pinnacle\Studio 14\Content\MotionTitles\-Looks\Standard\01 \x2013 Soft Shadow Looks.ixLook 1
Reg HKLM\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug@StoreLocation C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.3.7600.16385_83d89db3bee8694b325a46ad46dd6fefb24c93ab_1328d8d3
Reg HKLM\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles@CheckingForSolutionDialog 0x7C 0x04 0x06 0x00 ...
Reg HKLM\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Devices@AliveDeviceCount 1
Reg HKLM\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Devices@FunctionalDMRCount 1
Reg HKLM\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\Devices\E4-7C-F9-7A-7F-B6@Alive 0
Reg HKLM\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\UDNRenderers@AliveDeviceCount 1
Reg HKLM\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\UDNRenderers@FunctionalDMRCount 1
Reg HKLM\SOFTWARE\Microsoft\Windows Media Player NSS\3.0\UDNRenderers\592DE09F-959F-69CD-2F8E-FBB9AF9EB41F@Alive 0
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xC8 0x28 0x51 0xAF ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x6A 0x9C 0xD6 0x61 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0xFF 0x7C 0x85 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x3E 0x1E 0x9E 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xB0 0x18 0xED 0xA7 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x83 0x6C 0x56 0x8B ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0xF6 0x0F 0x4E 0x58 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0x3D 0xCE 0xEA 0x26 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0x2A 0xB7 0xCC 0xB5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ...
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sector 01: copy of MBR
Disk \Device\Harddisk0\DR0 sector 02: copy of MBR
Disk \Device\Harddisk0\DR0 sector 03: copy of MBR
Disk \Device\Harddisk0\DR0 sector 04: copy of MBR
Disk \Device\Harddisk0\DR0 sector 05: copy of MBR
Disk \Device\Harddisk0\DR0 sector 06: copy of MBR
Disk \Device\Harddisk0\DR0 sector 07: copy of MBR
Disk \Device\Harddisk0\DR0 sector 08: copy of MBR
Disk \Device\Harddisk0\DR0 sector 09: copy of MBR
Disk \Device\Harddisk0\DR0 sector 10: copy of MBR
Disk \Device\Harddisk0\DR0 sector 11: copy of MBR
Disk \Device\Harddisk0\DR0 sector 12: copy of MBR
Disk \Device\Harddisk0\DR0 sector 13: copy of MBR
Disk \Device\Harddisk0\DR0 sector 14: copy of MBR
Disk \Device\Harddisk0\DR0 sector 15: copy of MBR
Disk \Device\Harddisk0\DR0 sector 16: copy of MBR
Disk \Device\Harddisk0\DR0 sector 17: copy of MBR
Disk \Device\Harddisk0\DR0 sector 18: copy of MBR
Disk \Device\Harddisk0\DR0 sector 19: copy of MBR
Disk \Device\Harddisk0\DR0 sector 20: copy of MBR
Disk \Device\Harddisk0\DR0 sector 21: copy of MBR
Disk \Device\Harddisk0\DR0 sector 22: copy of MBR
Disk \Device\Harddisk0\DR0 sector 23: copy of MBR
Disk \Device\Harddisk0\DR0 sector 24: copy of MBR
Disk \Device\Harddisk0\DR0 sector 25: copy of MBR
Disk \Device\Harddisk0\DR0 sector 26: copy of MBR
Disk \Device\Harddisk0\DR0 sector 27: copy of MBR
Disk \Device\Harddisk0\DR0 sector 28: copy of MBR
Disk \Device\Harddisk0\DR0 sector 29: copy of MBR
Disk \Device\Harddisk0\DR0 sector 30: copy of MBR
Disk \Device\Harddisk0\DR0 sector 31: copy of MBR
Disk \Device\Harddisk0\DR0 sector 32: copy of MBR
Disk \Device\Harddisk0\DR0 sector 33: copy of MBR
Disk \Device\Harddisk0\DR0 sector 34: copy of MBR
Disk \Device\Harddisk0\DR0 sector 35: copy of MBR
Disk \Device\Harddisk0\DR0 sector 36: copy of MBR
Disk \Device\Harddisk0\DR0 sector 37: copy of MBR
Disk \Device\Harddisk0\DR0 sector 38: copy of MBR
Disk \Device\Harddisk0\DR0 sector 39: copy of MBR
Disk \Device\Harddisk0\DR0 sector 40: copy of MBR
Disk \Device\Harddisk0\DR0 sector 41: copy of MBR
Disk \Device\Harddisk0\DR0 sector 42: copy of MBR
Disk \Device\Harddisk0\DR0 sector 43: copy of MBR
Disk \Device\Harddisk0\DR0 sector 44: copy of MBR
Disk \Device\Harddisk0\DR0 sector 45: copy of MBR
Disk \Device\Harddisk0\DR0 sector 46: copy of MBR
Disk \Device\Harddisk0\DR0 sector 47: copy of MBR
Disk \Device\Harddisk0\DR0 sector 48: copy of MBR
Disk \Device\Harddisk0\DR0 sector 49: copy of MBR
Disk \Device\Harddisk0\DR0 sector 50: copy of MBR
Disk \Device\Harddisk0\DR0 sector 51: copy of MBR
Disk \Device\Harddisk0\DR0 sector 52: copy of MBR
Disk \Device\Harddisk0\DR0 sector 53: copy of MBR
Disk \Device\Harddisk0\DR0 sector 54: copy of MBR
Disk \Device\Harddisk0\DR0 sector 55: copy of MBR
Disk \Device\Harddisk0\DR0 sector 56: copy of MBR
Disk \Device\Harddisk0\DR0 sector 57: copy of MBR
Disk \Device\Harddisk0\DR0 sector 58: copy of MBR
Disk \Device\Harddisk0\DR0 sector 59: copy of MBR
Disk \Device\Harddisk0\DR0 sector 60: copy of MBR
Disk \Device\Harddisk0\DR0 sector 61: copy of MBR
Disk \Device\Harddisk0\DR0 sector 62: copy of MBR
Disk \Device\Harddisk0\DR0 sector 63: copy of MBR
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Ultimate Edition
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: Gigabyte Technology Co., Ltd.
BIOS Manufacturer: Award Software International, Inc.
System Manufacturer: Gigabyte Technology Co., Ltd.
System Product Name: EP45-DS3
Logical Drives Mask: 0x0001debd
Kernel Drivers (total 220):
0x82C38000 \SystemRoot\system32\ntkrnlpa.exe
0x82C01000 \SystemRoot\system32\halmacpi.dll
0x86DC5000 \SystemRoot\system32\kdcom.dll
0x83224000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8329C000 \SystemRoot\system32\PSHED.dll
0x832AD000 \SystemRoot\system32\BOOTVID.dll
0x832B5000 \SystemRoot\system32\CLFS.SYS
0x832F7000 \SystemRoot\system32\CI.dll
0x83412000 \SystemRoot\system32\drivers\Wdf01000.sys
0x83483000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x83491000 \SystemRoot\System32\Drivers\spag.sys
0x83584000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x8358D000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x835B3000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x83400000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x833A2000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x833AD000 \SystemRoot\system32\DRIVERS\pci.sys
0x833D7000 \SystemRoot\System32\drivers\partmgr.sys
0x833E8000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x83638000 \SystemRoot\System32\drivers\volmgrx.sys
0x83683000 \SystemRoot\system32\DRIVERS\pciide.sys
0x8368A000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x83698000 \SystemRoot\System32\drivers\mountmgr.sys
0x836AE000 \SystemRoot\system32\DRIVERS\atapi.sys
0x836B7000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x836DA000 \SystemRoot\system32\DRIVERS\msahci.sys
0x836E4000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x836ED000 \SystemRoot\system32\drivers\fltmgr.sys
0x83721000 \SystemRoot\system32\drivers\fileinfo.sys
0x8BE3B000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8BF6A000 \SystemRoot\System32\Drivers\msrpc.sys
0x8BF95000 \SystemRoot\System32\Drivers\ksecdd.sys
0x83732000 \SystemRoot\System32\Drivers\cng.sys
0x8BFA8000 \SystemRoot\System32\drivers\pcw.sys
0x8BFB6000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x8C018000 \SystemRoot\system32\drivers\ndis.sys
0x8C0CF000 \SystemRoot\system32\drivers\NETIO.SYS
0x8C10D000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x8C20B000 \SystemRoot\System32\drivers\tcpip.sys
0x8C354000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8C385000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
0x8C38E000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x8C3CD000 \SystemRoot\System32\Drivers\spldr.sys
0x8C132000 \SystemRoot\System32\drivers\rdyboost.sys
0x8C3D5000 \SystemRoot\System32\Drivers\mup.sys
0x8C3E5000 \SystemRoot\System32\drivers\hwpolicy.sys
0x8C15F000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x8C3ED000 \SystemRoot\system32\DRIVERS\disk.sys
0x8C191000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x8C1DE000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8BFBF000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0x8C000000 \SystemRoot\System32\Drivers\Null.SYS
0x8C007000 \SystemRoot\System32\Drivers\Beep.SYS
0x8BFE2000 \SystemRoot\System32\drivers\vga.sys
0x8BE00000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8BE21000 \SystemRoot\System32\drivers\watchdog.sys
0x8C00E000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8BE2E000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8BFEE000 \SystemRoot\system32\drivers\rdprefmp.sys
0x8378F000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8379A000 \SystemRoot\System32\Drivers\Npfs.SYS
0x837A8000 \SystemRoot\system32\DRIVERS\tdx.sys
0x837BF000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x90E1A000 \SystemRoot\system32\drivers\afd.sys
0x90E74000 \SystemRoot\System32\DRIVERS\netbt.sys
0x90EA6000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x90EAF000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x90EB6000 \SystemRoot\system32\DRIVERS\pacer.sys
0x90ED5000 \SystemRoot\system32\DRIVERS\vpcnfltr.sys
0x90EE5000 \SystemRoot\system32\DRIVERS\netbios.sys
0x90EF3000 \SystemRoot\system32\DRIVERS\serial.sys
0x90F0D000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x90F20000 \SystemRoot\system32\drivers\vpcvmm.sys
0x90F67000 \SystemRoot\System32\drivers\truecrypt.sys
0x90F9C000 \SystemRoot\system32\DRIVERS\termdd.sys
0x90FAC000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x90FED000 \SystemRoot\system32\drivers\nsiproxy.sys
0x90E00000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x90E0A000 \SystemRoot\System32\drivers\discache.sys
0x91608000 \SystemRoot\system32\drivers\csc.sys
0x9166C000 \SystemRoot\System32\Drivers\dfsc.sys
0x91684000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x91692000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x916B3000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x916C5000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x9A020000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x916F5000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x9A5BA000 \SystemRoot\System32\drivers\dxgmms1.sys
0x9A000000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x9A5F3000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x917AC000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x837CA000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x91C19000 \SystemRoot\system32\drivers\HCW85BDA.sys
0x91D6E000 \SystemRoot\system32\drivers\BdaSup.SYS
0x91D71000 \SystemRoot\system32\drivers\ks.sys
0x91DA5000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x91DAB000 \SystemRoot\system32\DRIVERS\Rt86win7.sys
0x91DD0000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0x91C00000 \SystemRoot\system32\DRIVERS\fdc.sys
0x91C0B000 \SystemRoot\system32\DRIVERS\serenum.sys
0x837D9000 \SystemRoot\system32\DRIVERS\parport.sys
0x83600000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x91C15000 \SystemRoot\system32\DRIVERS\L8042Kbd.sys
0x83618000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x95409000 \SystemRoot\System32\Drivers\aoczllez.SYS
0x95442000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x9544F000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x95461000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x95479000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x95484000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x954A6000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x954BE000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x954D5000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x954EC000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x954F6000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x95503000 \SystemRoot\system32\DRIVERS\swenum.sys
0x95505000 \SystemRoot\system32\DRIVERS\MarvinBus.sys
0x95533000 \SystemRoot\system32\DRIVERS\umbus.sys
0x95541000 \SystemRoot\system32\DRIVERS\vpcusb.sys
0x95559000 \SystemRoot\system32\DRIVERS\usbrpm.sys
0x95566000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x95568000 \SystemRoot\system32\DRIVERS\vpchbus.sys
0x9559E000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x955E2000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0x955EC000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x83200000 \SystemRoot\system32\drivers\AtiHdmi.sys
0x81E1D000 \SystemRoot\system32\drivers\portcls.sys
0x81E4C000 \SystemRoot\system32\drivers\drmk.sys
0x81E65000 \SystemRoot\system32\drivers\HdAudio.sys
0x824A0000 \SystemRoot\System32\win32k.sys
0x81EB5000 \SystemRoot\System32\drivers\Dxapi.sys
0x81EBF000 \SystemRoot\System32\Drivers\crashdmp.sys
0x81ECC000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x81ED7000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x81EE1000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x81EF2000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x81F09000 \SystemRoot\System32\Drivers\LUsbFilt.Sys
0x81F0F000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x81F1A000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x81F2D000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x81F34000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0x81F3C000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x81F47000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0x81F4F000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x9A604000 \SystemRoot\system32\DRIVERS\snpstd3.sys
0x9AFE8000 \SystemRoot\system32\DRIVERS\STREAM.SYS
0x81F66000 \SystemRoot\system32\DRIVERS\hxctlflt.sys
0x81F7F000 \SystemRoot\system32\drivers\usbaudio.sys
0x81F93000 \SystemRoot\system32\DRIVERS\monitor.sys
0x82700000 \SystemRoot\System32\TSDDD.dll
0x82730000 \SystemRoot\System32\ATMFD.DLL
0x82780000 \SystemRoot\System32\cdd.dll
0x81F9E000 \SystemRoot\system32\drivers\luafv.sys
0x81FB9000 \SystemRoot\system32\drivers\WudfPf.sys
0x9AFF6000 \SystemRoot\system32\DRIVERS\vmnetbridge.sys
0x9AFFC000 \SystemRoot\system32\DRIVERS\VMNET.SYS
0x81FD3000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x81FE3000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x9F427000 \SystemRoot\system32\drivers\HTTP.sys
0x9F4AC000 \SystemRoot\system32\DRIVERS\bowser.sys
0x9F4C5000 \SystemRoot\System32\drivers\mpsdrv.sys
0x9F4D7000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x9F4FA000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x9F535000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x9F550000 \??\C:\Windows\system32\drivers\hcmon.sys
0x9F55A000 \SystemRoot\system32\DRIVERS\parvdm.sys
0x9F561000 \??\C:\Windows\system32\Drivers\vmci.sys
0x9F56D000 \??\C:\Windows\system32\Drivers\VMparport.sys
0xA2A0C000 \??\C:\Windows\system32\Drivers\vmx86.sys
0xA2ADC000 \SystemRoot\system32\drivers\peauth.sys
0xA2B73000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA2B7D000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA2B9E000 \??\C:\Program Files\Sandboxie\SbieDrv.sys
0xA2BBE000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA2BCB000 \??\C:\Windows\system32\drivers\vmnetuserif.sys
0xA2BD0000 \SystemRoot\system32\DRIVERS\MpNWMon.sys
0x9F56F000 \SystemRoot\System32\DRIVERS\srv2.sys
0x9FC30000 \SystemRoot\System32\DRIVERS\srv.sys
0x9FCE4000 \SystemRoot\System32\Drivers\fastfat.SYS
0x9FD99000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x77450000 \Windows\System32\ntdll.dll
0x48020000 \Windows\System32\smss.exe
0x77690000 \Windows\System32\apisetschema.dll
0x00E00000 \Windows\System32\autochk.exe
0x10000000 \Program Files\DAEMON Tools Lite\Engine.dll
0x77630000 \Windows\System32\Wldap32.dll
0x77620000 \Windows\System32\lpk.dll
0x77380000 \Windows\System32\user32.dll
0x77610000 \Windows\System32\normaliz.dll
0x77180000 \Windows\System32\iertutil.dll
0x77080000 \Windows\System32\wininet.dll
0x76FE0000 \Windows\System32\advapi32.dll
0x77600000 \Windows\System32\psapi.dll
0x775C0000 \Windows\System32\ws2_32.dll
0x76F80000 \Windows\System32\shlwapi.dll
0x76EF0000 \Windows\System32\oleaut32.dll
0x76E90000 \Windows\System32\difxapi.dll
0x76240000 \Windows\System32\shell32.dll
0x761C0000 \Windows\System32\comdlg32.dll
0x760E0000 \Windows\System32\kernel32.dll
0x77590000 \Windows\System32\imagehlp.dll
0x76040000 \Windows\System32\usp10.dll
0x76020000 \Windows\System32\imm32.dll
0x75E80000 \Windows\System32\setupapi.dll
0x75DF0000 \Windows\System32\clbcatq.dll
0x75D20000 \Windows\System32\msctf.dll
0x75D00000 \Windows\System32\sechost.dll
0x75C50000 \Windows\System32\rpcrt4.dll
0x75BA0000 \Windows\System32\msvcrt.dll
0x75A60000 \Windows\System32\urlmon.dll
0x75900000 \Windows\System32\ole32.dll
0x758F0000 \Windows\System32\nsi.dll
0x758A0000 \Windows\System32\gdi32.dll
0x75810000 \Windows\System32\comctl32.dll
0x757F0000 \Windows\System32\devobj.dll
0x757C0000 \Windows\System32\cfgmgr32.dll
0x75770000 \Windows\System32\KernelBase.dll
0x75650000 \Windows\System32\crypt32.dll
0x75620000 \Windows\System32\wintrust.dll
0x75610000 \Windows\System32\msasn1.dll
Processes (total 76):
0 System Idle Process
4 System
320 C:\Windows\System32\smss.exe
480 csrss.exe
568 C:\Windows\System32\wininit.exe
576 csrss.exe
616 C:\Windows\System32\services.exe
632 C:\Windows\System32\lsass.exe
640 C:\Windows\System32\lsm.exe
740 C:\Windows\System32\svchost.exe
824 C:\Windows\System32\svchost.exe
888 C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
916 C:\Windows\System32\winlogon.exe
980 C:\Windows\System32\atiesrxx.exe
1048 C:\Windows\System32\svchost.exe
1116 C:\Windows\System32\svchost.exe
1168 C:\Windows\System32\svchost.exe
1264 C:\Windows\System32\audiodg.exe
1356 C:\Windows\System32\svchost.exe
1540 C:\Windows\System32\svchost.exe
1548 C:\Windows\System32\atieclxx.exe
1696 C:\Windows\System32\spoolsv.exe
1736 C:\Windows\System32\svchost.exe
1900 C:\Windows\System32\svchost.exe
1920 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1956 C:\Program Files\BitKinex\bitkinexsvc.exe
2016 C:\Program Files\Bonjour\mDNSResponder.exe
128 C:\Windows\System32\svchost.exe
360 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
496 C:\Program Files\CDBurnerXP\NMSAccessU.exe
756 C:\Program Files\Sandboxie\SbieSvc.exe
1460 C:\Windows\System32\svchost.exe
1852 C:\Windows\System32\vmnat.exe
1952 C:\Program Files\VMware\VMware Server\tomcat\bin\tomcat6.exe
388 C:\Windows\System32\svchost.exe
1104 C:\Windows\System32\conhost.exe
2172 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
2300 C:\Program Files\VMware\VMware Server\vmware-authd.exe
2428 C:\Windows\System32\vmnetdhcp.exe
2524 C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
2716 C:\Program Files\VMware\VMware Server\vmware-hostd.exe
2940 WmiPrvSE.exe
3100 C:\Windows\System32\svchost.exe
3220 WmiPrvSE.exe
3624 C:\Windows\System32\taskhost.exe
3968 C:\Windows\System32\dwm.exe
3992 C:\Windows\explorer.exe
2124 C:\Program Files\Microsoft Security Essentials\msseces.exe
2148 C:\Windows\WindowsMobile\wmdc.exe
2116 C:\Program Files\Hercules\Deluxe Optical Glass\XtrCtrl.exe
2424 C:\Windows\System32\svchost.exe
2764 C:\Program Files\pdf24\pdf24.exe
2992 C:\Program Files\Common Files\Java\Java Update\jusched.exe
1492 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
3212 C:\Program Files\iTunes\iTunesHelper.exe
3888 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
3680 C:\Program Files\GMX\GMX SMS-Manager\SMSMngr.exe
3984 C:\Program Files\Sandboxie\SbieCtrl.exe
3988 C:\Program Files\DAEMON Tools Lite\DTLite.exe
3404 C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
3396 C:\Program Files\Logitech\SetPoint\SetPoint.exe
3288 C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
4080 C:\Program Files\iPod\bin\iPodService.exe
4396 C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
4492 C:\Windows\System32\SearchIndexer.exe
4632 C:\Program Files\Windows Media Player\wmpnetwk.exe
4928 C:\Windows\System32\svchost.exe
5660 C:\Program Files\Mozilla Firefox\firefox.exe
5804 C:\Program Files\Mozilla Firefox\firefox.exe
1576 C:\Windows\System32\wbem\WmiApSrv.exe
3548 C:\Windows\System32\taskmgr.exe
5556 C:\Windows\System32\SearchProtocolHost.exe
5092 C:\Windows\System32\SearchFilterHost.exe
3436 C:\Users\*****\Desktop\MBRCheck.exe
5420 C:\Windows\System32\conhost.exe
3884 C:\Windows\System32\dllhost.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000030`da500000 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x0000007a`18600000 (NTFS)
\\.\O: --> \\.\PhysicalDrive1 at offset 0x00000018`74aece00 (NTFS)
\\.\P: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS)
\\.\Q: --> \\.\PhysicalDrive1 at offset 0x00000009`54921c00 (NTFS)
PhysicalDrive0 Model Number: SAMSUNGHD103SJ, Rev: 1AJ100E4
PhysicalDrive1 Model Number: SAMSUNGSP2504C, Rev: VT100-33
Size Device Name MBR Status
--------------------------------------------
931 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
232 GB \\.\PhysicalDrive1 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979
Done!
Und OSAM hängt als zip-File dran, da es in HTML ausgegeben wurde ... Gruß ThePhantom |
|
| Themen zu Windows Update deaktiviert sich - hosts nicht mehr zu öffnen - Browser frieren ein |
| adobe, bho, bonjour, browser, cdburnerxp, desinfec't, erste mal, explorer, firefox, google, hijack, hijackthis, internet, internet explorer, logfile, microsoft security, microsoft security essentials, nicht mehr öffnen, pdf, plug-in, problem, prozess, prozesse, safer networking, schädling, security, server, software, system, taskmanager, temp, tunnel, usb, windows |
Hybrid-Darstellung
