| |
| |||||||
Log-Analyse und Auswertung: BDS/Hupigon.cddf in avscan.exe, avcenter.exe, und weitereWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
03.04.2011, 16:39
| #15 |
 |  BDS/Hupigon.cddf in avscan.exe, avcenter.exe, und weitere Hi, nach dem 4. erfolgslosen Versuch nochmal GMER zu starten hab ichs aufgegeben. Hier die beiden anderen Logs. Wie du siehst habe ich mir ein paar Updates herunter geladen, dauert leider etwas länger ;-) MfG Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 17:31:05 on 03.04.2011 OS: Windows XP Professional Service Pack 3 (Build 2600) Default Browser: Opera Software Opera Internet Browser 11.01 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl "javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Avira AntiVir Personal" - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys "Cardex" (Cardex) - "Windows (R) 2000 DDK provider" - C:\WINDOWS\system32\drivers\TBPANEL.SYS "catchme" (catchme) - ? - C:\cofi.exe13467c\catchme.sys (File not found) "Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found) "i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found) "lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found) "PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found) "PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found) "PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found) "PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found) "PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found) "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys "TBPanel" (TBPanel) - "Windows (R) 2000 DDK provider" - C:\WINDOWS\system32\drivers\TBPanel.sys "WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found) "Windows Driver Foundation - User-mode Driver Framework Platform Driver" (WudfPf) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\WudfPf.sys "Windows Driver Foundation - User-mode Driver Framework Reflector" (WudfRd) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\wudfrd.sys "WpdUsb" (WpdUsb) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\wpdusb.sys [Explorer] -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install -----( HKLM\Software\Classes\Protocols\Filter )----- {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {94586423-855F-4EB2-9F6A-D9DA5658DBE3} "Context menu" - ? - C:\PROGRA~1\FREEM4~1\m4a_menu.dll (File not found) {42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found) {A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found) {FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll {35786D3C-B075-49b9-88DD-029876E11C01} "Portable Devices" - "Microsoft Corporation" - C:\WINDOWS\system32\wpdshext.dll {D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} "Portable Devices Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\wpdshext.dll {640167b4-59b0-47a6-b335-a6b3c0695aea} "Portable Media Devices" - "Microsoft Corporation" - C:\WINDOWS\system32\audiodev.dll {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll {764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found) {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\msonsext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Programme\WinRAR\rarext.dll {F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} "WMP Add To Playlist Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll {8DD448E6-C188-4aed-AF92-44956194EB1F} "WMP Burn Audio CD Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll {CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} "WMP Play As Playlist Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )----- {AAA288BA-9A4C-45B0-95D7-94D524869DB5} "WPDShServiceObj Class" - "Microsoft Corporation" - C:\WINDOWS\system32\wpdshserviceobj.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "PokerStars" - "PokerStars" - C:\Programme\PokerStars\PokerStarsUpdate.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll {E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [Logon] -----( %AllUsersProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini -----( %UserProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\****\Startmenü\Programme\Autostart\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "GAINWARD" - "Gainward Co." - C:\Programme\EXPERTool\TBPanel.exe /A -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min "NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup "NvMediaCenter" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit "NVMixerTray" - "NVIDIA Corporation" - "C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe" "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe "ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe "Automatische Updates" (wuauserv) - "Microsoft Corporation" - C:\WINDOWS\system32\wuauserv.dll "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe "NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\WINDOWS\system32\nvsvc32.exe "PnkBstrA" (PnkBstrA) - ? - C:\WINDOWS\system32\PnkBstrA.exe (File found, but it contains no detailed information) "Portable Media Serial Number Service" (WmdmPmSN) - "Microsoft Corporation" - C:\WINDOWS\system32\mspmsnsv.dll "Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe "Windows Driver Foundation - User-mode Driver Framework" (WudfSvc) - "Microsoft Corporation" - C:\WINDOWS\System32\WUDFSvc.dll "Windows Media Player-Netzwerkfreigabedienst" (WMPNetworkSvc) - "Microsoft Corporation" - C:\Programme\Windows Media Player\WMPNetwk.exe "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [Winlogon] -----( HKCU\Control Panel\IOProcs )----- "MVB" - ? - mvfs32.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000003c
Kernel Drivers (total 113):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806EF000 \WINDOWS\system32\hal.dll
0xF7D2F000 \WINDOWS\system32\KDCOM.DLL
0xF7C3F000 \WINDOWS\system32\BOOTVID.dll
0xF77DF000 ACPI.sys
0xF7D31000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF77CE000 pci.sys
0xF782F000 isapnp.sys
0xF7DF7000 pciide.sys
0xF7AAF000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF783F000 MountMgr.sys
0xF77AF000 ftdisk.sys
0xF7D33000 dmload.sys
0xF7789000 dmio.sys
0xF7AB7000 PartMgr.sys
0xF784F000 VolSnap.sys
0xF7771000 atapi.sys
0xF775D000 nvatabus.sys
0xF785F000 disk.sys
0xF786F000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF773D000 fltmgr.sys
0xF772B000 sr.sys
0xF7714000 KSecDD.sys
0xF7701000 WudfPf.sys
0xF7674000 Ntfs.sys
0xF7647000 NDIS.sys
0xF7ABF000 nv_agp.sys
0xF762D000 Mup.sys
0xF79BF000 \SystemRoot\system32\DRIVERS\amdk7.sys
0xF7AE7000 \SystemRoot\system32\DRIVERS\usbohci.sys
0xF6624000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF7AEF000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF660D000 \SystemRoot\system32\DRIVERS\NVENET.sys
0xF65C7000 \SystemRoot\system32\drivers\emu10k1m.sys
0xF65A3000 \SystemRoot\system32\drivers\portcls.sys
0xF79CF000 \SystemRoot\system32\drivers\drmk.sys
0xF6580000 \SystemRoot\system32\drivers\ks.sys
0xF79DF000 \SystemRoot\system32\drivers\sfmanm.sys
0xF7D59000 \SystemRoot\system32\drivers\ctlfacem.sys
0xF79EF000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF79FF000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF5C52000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xF5C3E000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF7AF7000 \SystemRoot\system32\DRIVERS\fdc.sys
0xF7A0F000 \SystemRoot\system32\DRIVERS\serial.sys
0xF7CFF000 \SystemRoot\system32\DRIVERS\serenum.sys
0xF5C2A000 \SystemRoot\system32\DRIVERS\parport.sys
0xF7A1F000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF7AFF000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF7B07000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF7F66000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF7A2F000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7D03000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF5C13000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF7A3F000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF7A4F000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF7B0F000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF5C02000 \SystemRoot\system32\DRIVERS\psched.sys
0xF7A5F000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF7B17000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF7B1F000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF5BD2000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF7A6F000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7D5B000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF5B74000 \SystemRoot\system32\DRIVERS\update.sys
0xF7D1B000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF4B8A000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF4B7A000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF7D89000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF7DB9000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7E89000 \SystemRoot\System32\Drivers\Null.SYS
0xF7DBB000 \SystemRoot\System32\Drivers\Beep.SYS
0xF1D05000 \SystemRoot\System32\drivers\vga.sys
0xF7DBD000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7DBF000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF1CFD000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF1CF5000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF4C26000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB76CD000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB7674000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB764C000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB762A000 \SystemRoot\System32\drivers\afd.sys
0xF18CB000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF1CED000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xB75FF000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB758F000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF18AB000 \SystemRoot\System32\Drivers\Fips.SYS
0xB7569000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xB7543000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xF7D95000 \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys
0xF29BA000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xB3B86000 \SystemRoot\System32\Drivers\dump_nvatabus.sys
0xF7DA5000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB459A000 \SystemRoot\System32\drivers\Dxapi.sys
0xF1D2D000 \SystemRoot\System32\watchdog.sys
0xBD000000 \SystemRoot\System32\drivers\dxg.sys
0xF7F29000 \SystemRoot\System32\drivers\dxgthk.sys
0xBD012000 \SystemRoot\System32\nv4_disp.dll
0xF0E32000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xBD623000 \SystemRoot\System32\ATMFD.DLL
0xB319E000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xB4038000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB30F9000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xB3BEB000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xB3BE9000 \SystemRoot\System32\Drivers\TBPanel.SYS
0xB3001000 \SystemRoot\system32\DRIVERS\srv.sys
0xEE11D000 \SystemRoot\system32\DRIVERS\secdrv.sys
0xB2E34000 \SystemRoot\system32\drivers\wdmaud.sys
0xEE0FD000 \SystemRoot\system32\drivers\sysaudio.sys
0xB2B6D000 \SystemRoot\System32\Drivers\HTTP.sys
0xB2912000 \SystemRoot\system32\drivers\kmixer.sys
0x7C910000 \WINDOWS\system32\ntdll.dll
Processes (total 32):
0 System Idle Process
4 System
408 C:\WINDOWS\system32\smss.exe
456 csrss.exe
480 C:\WINDOWS\system32\winlogon.exe
700 C:\WINDOWS\system32\services.exe
712 C:\WINDOWS\system32\lsass.exe
876 C:\WINDOWS\system32\nvsvc32.exe
900 C:\WINDOWS\system32\svchost.exe
1012 svchost.exe
1052 C:\WINDOWS\system32\svchost.exe
1124 C:\WINDOWS\system32\svchost.exe
1192 svchost.exe
1240 svchost.exe
1324 C:\WINDOWS\system32\spoolsv.exe
1372 C:\Programme\Avira\AntiVir Desktop\sched.exe
1412 svchost.exe
1476 C:\Programme\Avira\AntiVir Desktop\avguard.exe
1496 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
1556 C:\Programme\Avira\AntiVir Desktop\avshadow.exe
1588 C:\Programme\Java\jre6\bin\jqs.exe
1632 C:\WINDOWS\system32\PnkBstrA.exe
428 C:\WINDOWS\explorer.exe
628 alg.exe
976 C:\Programme\Avira\AntiVir Desktop\avgnt.exe
2120 C:\WINDOWS\system32\rundll32.exe
2136 C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
2168 C:\Programme\EXPERTool\TBPANEL.exe
2192 C:\WINDOWS\system32\devldr32.exe
2204 C:\WINDOWS\system32\ctfmon.exe
3180 C:\Programme\Opera\opera.exe
4048 C:\Dokumente und Einstellungen\****\Desktop\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x00000006`1a79e400 (NTFS)
\\.\F: --> \\.\PhysicalDrive0 at offset 0x0000000c`34f34a00 (NTFS)
PhysicalDrive0 Model Number: WDCWD1600AAJB-00J3A0, Rev: 01.03E01
Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 RE: Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
Done!
|
| Themen zu BDS/Hupigon.cddf in avscan.exe, avcenter.exe, und weitere |
| 0x00000001, adblock, antivir, avgntflt.sys, avira, backdoor, browser, converter, dateien gelöscht, desktop, einstellungen, error, firefox, flash player, format, gainward, google, google earth, hijack, hijackthis, homepage, internet, internet browser, jar_cache, location, logfile, mozilla, mp3, oldtimer, opera.exe, plug-in, programm, registry, rundll, saver, security, shell32.dll, shortcut, software, sptd.sys, usbport.sys, virus |
Baum-Darstellung