Hi Arne,
hab es dann doch noch hinbekommen. Also nun anbei die logs:
Gmer:
Code:
Alles auswählen Aufklappen ATTFilter
GMER 1.0.15.15640 - hxxp://www.gmer.net
Rootkit scan 2011-06-11 13:10:15
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 FUJITSU_MHW2160BH_PL rev.0000001C
Running: 9ktlei8h.exe; Driver: C:\Users\klewer\AppData\Local\Temp\ugldipoc.sys
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[2012] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [744B7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2012] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [7450A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2012] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [744BBB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2012] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [744AF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2012] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [744B75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2012] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [744AE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2012] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [744E8395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2012] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [744BDA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2012] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [744AFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2012] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [744AFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2012] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [744A71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2012] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7453CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2012] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [744DC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2012] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [744AD968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2012] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [744A6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2012] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [744A687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2012] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [744B2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00027873b61e
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0016cfe759b3
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00027873b61e (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0016cfe759b3 (not active ControlSet)
---- EOF - GMER 1.0.15 ----
MBR:
Code:
Alles auswählen Aufklappen ATTFilter
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: SAMSUNG ELECTRONICS CO., LTD.
BIOS Manufacturer: Phoenix Technologies LTD
System Manufacturer: SAMSUNG ELECTRONICS CO., LTD.
System Product Name: R40P/R41P
Logical Drives Mask: 0x0000001c
Kernel Drivers (total 141):
0x8244F000 \SystemRoot\system32\ntoskrnl.exe
0x8241C000 \SystemRoot\system32\hal.dll
0x87401000 \SystemRoot\system32\kdcom.dll
0x87408000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x87478000 \SystemRoot\system32\PSHED.dll
0x87489000 \SystemRoot\system32\BOOTVID.dll
0x87491000 \SystemRoot\system32\CLFS.SYS
0x874D2000 \SystemRoot\system32\CI.dll
0x875B2000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8762E000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8763B000 \SystemRoot\system32\drivers\acpi.sys
0x87681000 \SystemRoot\system32\drivers\WMILIB.SYS
0x8768A000 \SystemRoot\system32\drivers\msisadrv.sys
0x87692000 \SystemRoot\system32\drivers\pci.sys
0x876B9000 \SystemRoot\System32\drivers\partmgr.sys
0x876C8000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x876CB000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x876D5000 \SystemRoot\system32\drivers\volmgr.sys
0x876E4000 \SystemRoot\System32\drivers\volmgrx.sys
0x8772E000 \SystemRoot\system32\drivers\pciide.sys
0x87735000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x87743000 \SystemRoot\system32\DRIVERS\pcmcia.sys
0x87770000 \SystemRoot\System32\drivers\mountmgr.sys
0x87780000 \SystemRoot\system32\drivers\atapi.sys
0x87788000 \SystemRoot\system32\drivers\ataport.SYS
0x877A6000 \SystemRoot\system32\drivers\fltmgr.sys
0x877D8000 \SystemRoot\system32\drivers\fileinfo.sys
0x87804000 \SystemRoot\System32\Drivers\ksecdd.sys
0x87875000 \SystemRoot\system32\drivers\ndis.sys
0x87980000 \SystemRoot\system32\drivers\msrpc.sys
0x879AB000 \SystemRoot\system32\drivers\NETIO.SYS
0x879E6000 \SystemRoot\System32\drivers\tcpip.sys
0x87AD0000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x87AEB000 \SystemRoot\System32\Drivers\Ntfs.sys
0x87C0F000 \SystemRoot\system32\drivers\volsnap.sys
0x87C48000 \SystemRoot\System32\Drivers\spldr.sys
0x87C50000 \SystemRoot\System32\Drivers\mup.sys
0x87C5F000 \SystemRoot\System32\drivers\ecache.sys
0x87C86000 \SystemRoot\system32\drivers\disk.sys
0x87C97000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x87CB8000 \SystemRoot\system32\drivers\crcdisk.sys
0x87CE1000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x87CEC000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x87CF5000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x87D04000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8B404000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x87D08000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8BB8C000 \SystemRoot\System32\drivers\watchdog.sys
0x8BB98000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x8BBA2000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8BBE0000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8BBEF000 \SystemRoot\system32\drivers\Afc.sys
0x87DA8000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8BBF7000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x87DC0000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x87E4D000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x87E60000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x87E6B000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8BBFD000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x87E96000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x87EA1000 \SystemRoot\system32\DRIVERS\Rtnicxp.sys
0x87EB2000 \SystemRoot\system32\DRIVERS\athr.sys
0x87F33000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x87F4D000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0x87F5C000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0x87F70000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0x87FC1000 \SystemRoot\system32\DRIVERS\dne2000.sys
0x8BC0A000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8BC39000 \SystemRoot\system32\DRIVERS\storport.sys
0x8BC7A000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8BC85000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8BC9C000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8BCA7000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8BCCA000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8BCD9000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8BCED000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8BD02000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8BD12000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8BD14000 \SystemRoot\system32\DRIVERS\ks.sys
0x8BD3E000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8BD48000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8BD55000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8BD8A000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8BD9B000 \SystemRoot\system32\DRIVERS\AGRSM.sys
0x8BEB7000 \SystemRoot\system32\drivers\modem.sys
0x8C402000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x8C593000 \SystemRoot\system32\drivers\portcls.sys
0x8C5C0000 \SystemRoot\system32\drivers\drmk.sys
0x8C5E5000 \SystemRoot\system32\DRIVERS\savonaccess.sys
0x8C60B000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x8C614000 \SystemRoot\System32\Drivers\Null.SYS
0x8C61B000 \SystemRoot\System32\Drivers\Beep.SYS
0x8C62B000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x8C632000 \SystemRoot\System32\drivers\vga.sys
0x8C63E000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8C65F000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8C667000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8C66F000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8C67A000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8C688000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x8C691000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8C6A7000 \SystemRoot\system32\DRIVERS\smb.sys
0x8C6BB000 \SystemRoot\system32\drivers\afd.sys
0x8C703000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8C735000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8C74B000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8C759000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8C76C000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8C7A8000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8C7B2000 \SystemRoot\System32\Drivers\dfsc.sys
0x8C7C9000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8C7D6000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x8C7E1000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x95CE0000 \SystemRoot\System32\win32k.sys
0x8C7E9000 \SystemRoot\System32\drivers\Dxapi.sys
0x8BEC4000 \SystemRoot\system32\DRIVERS\monitor.sys
0x95F00000 \SystemRoot\System32\TSDDD.dll
0x95F20000 \SystemRoot\System32\cdd.dll
0x8BED3000 \SystemRoot\system32\drivers\luafv.sys
0x8C7F3000 \SystemRoot\system32\DRIVERS\kmdfmemio.sys
0x8BEEE000 \SystemRoot\system32\drivers\spsys.sys
0x8BF9E000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x8BFAE000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x8BFD8000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x8BFE2000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x9C80E000 \SystemRoot\system32\drivers\HTTP.sys
0x9C87B000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x9C898000 \SystemRoot\system32\DRIVERS\bowser.sys
0x9C8B1000 \SystemRoot\System32\drivers\mpsdrv.sys
0x9C8C6000 \SystemRoot\system32\drivers\mrxdav.sys
0x9C8E7000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x9C906000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x9C93F000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x9C957000 \SystemRoot\System32\DRIVERS\srv2.sys
0x9C97F000 \SystemRoot\System32\DRIVERS\srv.sys
0x9C9CE000 \??\C:\Windows\system32\Drivers\CVPNDRVA.sys
0x9CA5E000 \SystemRoot\system32\drivers\peauth.sys
0x9CB3C000 \SystemRoot\System32\Drivers\secdrv.SYS
0x9CB46000 \SystemRoot\System32\drivers\tcpipreg.sys
0x9CB52000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x77600000 \Windows\System32\ntdll.dll
Processes (total 79):
0 System Idle Process
4 System
480 C:\Windows\System32\smss.exe
548 csrss.exe
600 C:\Windows\System32\wininit.exe
616 csrss.exe
648 C:\Windows\System32\services.exe
660 C:\Windows\System32\lsass.exe
668 C:\Windows\System32\lsm.exe
712 C:\Windows\System32\winlogon.exe
860 C:\Windows\System32\svchost.exe
924 C:\Windows\System32\svchost.exe
964 C:\Windows\System32\svchost.exe
1064 C:\Windows\System32\Ati2evxx.exe
1080 C:\Windows\System32\svchost.exe
1144 C:\Windows\System32\svchost.exe
1168 C:\Windows\System32\svchost.exe
1248 C:\Windows\System32\audiodg.exe
1268 C:\Windows\System32\svchost.exe
1288 C:\Windows\System32\SLsvc.exe
1336 C:\Windows\System32\svchost.exe
1400 C:\Windows\System32\Ati2evxx.exe
1488 C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
1956 C:\Windows\System32\dwm.exe
2012 C:\Windows\explorer.exe
264 C:\Windows\System32\svchost.exe
1156 C:\Windows\System32\spoolsv.exe
1392 C:\Windows\System32\svchost.exe
1448 C:\Windows\System32\taskeng.exe
1364 C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
1388 C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
772 C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
1904 C:\Windows\System32\taskeng.exe
2064 C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
2176 C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
2208 C:\Windows\System32\agrsmsvc.exe
2220 C:\Windows\System32\svchost.exe
2232 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2248 C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
2268 C:\Program Files\Bonjour\mDNSResponder.exe
2280 C:\Windows\System32\svchost.exe
2292 C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
2320 C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
2356 C:\Program Files\FolderSize\FolderSizeSvc.exe
2376 C:\Windows\System32\svchost.exe
2480 C:\Windows\System32\svchost.exe
2580 C:\Windows\System32\svchost.exe
2604 C:\Windows\System32\svchost.exe
2640 C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2656 C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
2700 C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
2732 C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
2808 C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
2848 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
2884 C:\Windows\System32\svchost.exe
2912 C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
3036 C:\Windows\System32\svchost.exe
3120 C:\Windows\System32\SearchIndexer.exe
4024 C:\Windows\System32\taskeng.exe
2756 C:\Windows\System32\SearchProtocolHost.exe
3836 C:\Windows\RtHDVCpl.exe
3708 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2772 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
2792 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
3924 C:\Program Files\Common Files\Java\Java Update\jusched.exe
3816 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
1096 C:\Program Files\iTunes\iTunesHelper.exe
2560 C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
2112 C:\Program Files\Sophos\AutoUpdate\ALMon.exe
1928 C:\Program Files\Windows Sidebar\sidebar.exe
4072 C:\Windows\ehome\ehtray.exe
2568 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2496 C:\Windows\ehome\ehmsas.exe
3828 C:\Program Files\iPod\bin\iPodService.exe
3624 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
1944 WmiPrvSE.exe
4152 C:\Windows\System32\SearchFilterHost.exe
4456 C:\Users\klewer\Desktop\Trojaner\MBRCheck.exe
4468 C:\Windows\System32\conime.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`80100000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000013`c3300000 (NTFS)
PhysicalDrive0 Model Number: FUJITSUMHW2160BHPL, Rev: 0000001C
Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979
Done!
Viele Grüße, Christian
11.06.2011, 12:14
Hybrid-Darstellung
