Trojaner-Board - Internet Verbindung trennt sich andauernd - System mit hoher Speicherauslastung im Task Manager

delete success

Zitat:

(Success) HKLM\SYSTEM\CurrentControlSet\Services\dpcisekt dpcisekt C:\WINDOWS\system32\dpcisekt.sys
(Success) HKLM\SYSTEM\CurrentControlSet\Services\xfow xfow C:\WINDOWS\system32\xfow.sys
(Success) HKLM\SYSTEM\CurrentControlSet\Services\sekw sekw C:\WINDOWS\system32\sekw.sys
(Success) HKLM\SYSTEM\CurrentControlSet\Services\aducirw aducirw C:\WINDOWS\system32\aducirw.sys
(Success) HKLM\SYSTEM\CurrentControlSet\Services\ajub ajub C:\WINDOWS\system32\ajub.sys
(Success) HKLM\SYSTEM\CurrentControlSet\Services\tdmseow tdmseow C:\WINDOWS\system32\tdmseow.sys
(Success) HKLM\SYSTEM\CurrentControlSet\Services\ehwgmxco ehwgmxco C:\WINDOWS\system32\ehwgmxco.sys
(Success) HKLM\SYSTEM\CurrentControlSet\Services\gpxiz gpxiz C:\WINDOWS\system32\gpxiz.sys
(Success) HKLM\SYSTEM\CurrentControlSet\Services\kpclsep kpclsep C:\WINDOWS\system32\kpclsep.sys
(Success) HKLM\SYSTEM\CurrentControlSet\Services\wktxlze wktxlze C:\WINDOWS\system32\wktxlze.sys

Osam

OSAM Logfile:

Code:

Report of OSAM: Autorun Manager v5.0.11926.0

hxxp://www.online-solutions.ru/en/

Saved at 17:44:18 on 25.12.2010
 

OS: Windows XP Home Edition Service Pack 3 (Build 2600)

Default Browser: Mozilla Corporation Firefox 3.6.13
 

Scanner Settings

[x] Rootkits detection (hidden registry)

[x] Rootkits detection (hidden files)

[x] Retrieve files information

[x] Check Microsoft signatures
 

Filters

[ ] Trusted entries

[ ] Empty entries

[x] Hidden registry entries (rootkit activity)

[x] Exclusively opened files

[x] Not found files

[x] Files without detailed information

[x] Existing files

[ ] Non-startable services

[ ] Non-startable drivers

[x] Active entries

[x] Disabled entries
 
 

[Control Panel Objects]

-----( %SystemRoot%\system32 )-----

"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl

"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----

"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl
 

[Drivers]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"a9kkd0jd" (a9kkd0jd) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\a9kkd0jd.sys  (Hidden registry entry, rootkit activity | File signed by Microsoft)

"Advanced SCSI Programming Interface Driver" (ASPI) - "Adaptec" - C:\WINDOWS\System32\DRIVERS\ASPI32.sys

"AsIO" (AsIO) - ? - C:\WINDOWS\System32\drivers\AsIO.sys  (File found, but it contains no detailed information)

"catchme" (catchme) - ? - C:\DOKUME~1\Basti\LOKALE~1\Temp\catchme.sys  (File not found)

"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)

"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)

"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)

"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)

"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)

"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)

"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)

"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)

"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys

"RivaTuner32" (RivaTuner32) - ? - C:\Programme\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys  (File found, but it contains no detailed information)

"Sound2x Audio Cable (WDM)" (EuMusDesignVirtualAudioCableWdm_s2x) - "Eugene V. Muzychenko" - C:\WINDOWS\System32\DRIVERS\vacs2xkd.sys

"sptd" (sptd) - "Duplex Secure Ltd." - C:\WINDOWS\System32\Drivers\sptd.sys  (File is exclusively opened, access blocked)

"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)
 

[Explorer]

-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----

{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install

-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----

{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll

-----( HKLM\Software\Classes\Protocols\Filter )-----

{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll

{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll

{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----

{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll  (File not found)

{1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll

{1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll

{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll

{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - c:\WINDOWS\system32\mscoree.dll

{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll

{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)

{FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll

{1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll

{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? -   (File not found | COM-object registry key not found)

{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll

{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)

{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll

{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Programme\WinRAR\rarext.dll
 

[Internet Explorer]

-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----

<binary data> "ITBarLayout" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----

{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash10k.ocx / hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----

"ICQ7.2" - "ICQ, LLC." - C:\Programme\ICQ7.2\ICQ.exe

"PokerStars" - "PokerStars" - C:\Programme\PokerStars\PokerStarsUpdate.exe

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----

{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll

{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
 

[Logon]

-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----

"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini

-----( %UserProfile%\Startmenü\Programme\Autostart )-----

"desktop.ini" - ? - C:\Dokumente und Einstellungen\Basti\Startmenü\Programme\Autostart\desktop.ini

-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----

"QIP2005" - "The Author of QIP" - C:\Programme\jeak.de\QIP 2005\qip.exe

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----

"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"iTunesHelper" - "Apple Inc." - "C:\Programme\iTunes\iTunesHelper.exe"

"NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

"NvMediaCenter" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

"nwiz" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nwiz.exe /installquiet
 

[Services]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

"Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll  (File not found)

"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe

"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Programme\iPod\bin\iPodService.exe

"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe

"NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\WINDOWS\system32\nvsvc32.exe

"Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
 

[Winlogon]

-----( HKCU\Control Panel\IOProcs )-----

"MVB" - ? - mvfs32.dll  (File not found)

-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )-----

{c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll  (File not found)
 

[Winsock Providers]

-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----

"mdnsNSP" - "Apple Inc." - C:\Programme\Bonjour\mdnsNSP.dll
 

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru[/QUOTE]

MBR

Zitat:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x000003fc

Kernel Drivers (total 114):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x80700000 \WINDOWS\system32\hal.dll
0xF7987000 \WINDOWS\system32\KDCOM.DLL
0xF7897000 \WINDOWS\system32\BOOTVID.dll
0xF74E3000 spfy.sys
0xF7989000 \WINDOWS\System32\Drivers\WMILIB.SYS
0xF74CB000 \WINDOWS\System32\Drivers\SCSIPORT.SYS
0xF749C000 ACPI.sys
0xF748B000 pci.sys
0xF75F7000 isapnp.sys
0xF7A4F000 pciide.sys
0xF7707000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF7607000 MountMgr.sys
0xF7868000 ftdisk.sys
0xF770F000 PartMgr.sys
0xF7617000 VolSnap.sys
0xF7850000 atapi.sys
0xF7627000 disk.sys
0xF7637000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF7830000 fltMgr.sys
0xF7975000 sr.sys
0xF7647000 PxHelp20.sys
0xF795E000 KSecDD.sys
0xF7B52000 Ntfs.sys
0xF7A22000 NDIS.sys
0xF7B38000 Mup.sys
0xB8776000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB6E8C000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xB6E78000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF77F7000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB6E54000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF77FF000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB6E2C000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB8766000 \SystemRoot\system32\DRIVERS\imapi.sys
0xB8756000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xB8746000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB6E09000 \SystemRoot\system32\DRIVERS\ks.sys
0xF7807000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xB8736000 \SystemRoot\system32\DRIVERS\l1e51x86.sys
0xF79AB000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0xB8726000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF780F000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xB8716000 \SystemRoot\system32\DRIVERS\serial.sys
0xB87D2000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB6DD0000 \SystemRoot\System32\Drivers\a9kkd0jd.SYS
0xB8706000 \SystemRoot\system32\DRIVERS\vacs2xkd.sys
0xB6D95000 \SystemRoot\system32\DRIVERS\portcls.sys
0xF7697000 \SystemRoot\system32\DRIVERS\drmk.sys
0xB8701000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF76A7000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xB87C2000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB6D7E000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF76B7000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF76C7000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xB8193000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB6D6D000 \SystemRoot\system32\DRIVERS\psched.sys
0xF76D7000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xB818B000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF776F000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF76F7000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7777000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF79B1000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB5B7B000 \SystemRoot\system32\DRIVERS\update.sys
0xB87B6000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF747B000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF745B000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF79B5000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xB357A000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xF79B9000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7A7E000 \SystemRoot\System32\Drivers\Null.SYS
0xF79BB000 \SystemRoot\System32\Drivers\Beep.SYS
0xF779F000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF77A7000 \SystemRoot\System32\drivers\vga.sys
0xF79BD000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF79BF000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF77AF000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF77B7000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB5B73000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB34DF000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB3486000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB3436000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB3410000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF744B000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB334E000 \SystemRoot\System32\drivers\afd.sys
0xB784A000 \SystemRoot\system32\DRIVERS\netbios.sys
0xB3323000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB32B3000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB783A000 \SystemRoot\System32\Drivers\Fips.SYS
0xF79C1000 \SystemRoot\system32\drivers\AsIO.sys
0xB3A4B000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xB780A000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xB77FA000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xF77BF000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xF77CF000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xB3A3F000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xB3A3B000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xB3223000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF79C7000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB3576000 \SystemRoot\System32\drivers\Dxapi.sys
0xF77DF000 \SystemRoot\System32\watchdog.sys
0xBD000000 \SystemRoot\System32\drivers\dxg.sys
0xB807A000 \SystemRoot\System32\drivers\dxgthk.sys
0xBD012000 \SystemRoot\System32\nv4_disp.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xB25C5000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB2294000 \SystemRoot\system32\drivers\wdmaud.sys
0xB3380000 \SystemRoot\system32\drivers\sysaudio.sys
0xB2246000 \SystemRoot\system32\drivers\kmixer.sys
0xB1FBF000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xB1EEF000 \SystemRoot\system32\DRIVERS\srv.sys
0xB1B3E000 \SystemRoot\System32\Drivers\HTTP.sys
0x7C910000 \WINDOWS\system32\ntdll.dll
0x10000000 \Programme\DAEMON Tools Lite\Engine.dll

Processes (total 32):
0 System Idle Process
4 System
644 C:\WINDOWS\system32\smss.exe
692 csrss.exe
716 C:\WINDOWS\system32\winlogon.exe
760 C:\WINDOWS\system32\services.exe
772 C:\WINDOWS\system32\lsass.exe
944 C:\WINDOWS\system32\nvsvc32.exe
976 C:\WINDOWS\system32\svchost.exe
1044 svchost.exe
1140 C:\WINDOWS\system32\svchost.exe
1264 svchost.exe
1336 svchost.exe
1484 C:\WINDOWS\system32\spoolsv.exe
1760 C:\WINDOWS\explorer.exe
1884 C:\WINDOWS\RTHDCPL.exe
1900 C:\WINDOWS\system32\rundll32.exe
1924 C:\Programme\iTunes\iTunesHelper.exe
1936 C:\Programme\Adobe\Reader 9.0\Reader\reader_sl.exe
1944 C:\Programme\jeak.de\QIP 2005\qip.exe
2020 svchost.exe
148 C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
192 C:\Programme\Java\jre6\bin\jqs.exe
532 wdfmgr.exe
1320 C:\WINDOWS\system32\wuauclt.exe
2084 C:\Programme\iPod\bin\iPodService.exe
2096 C:\WINDOWS\system32\wscntfy.exe
2116 alg.exe
3152 C:\Programme\Mozilla Firefox\firefox.exe
3372 C:\Programme\Mozilla Firefox\plugin-container.exe
3496 C:\WINDOWS\system32\notepad.exe
3528 C:\Dokumente und Einstellungen\Basti\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000055`f8f93600 (NTFS)

PhysicalDrive0 Model Number: WDCWD5000AACS-00G8B1, Rev: 05.04C05

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: ADFE55CD0C6ED2E00B22375835E4C2736CE9AD11

Done!