Trojaner-Board
Seite 3 von 3 12 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Kampf Musik im Desktop Hintergrund (https://www.trojaner-board.de/89153-kampf-musik-desktop-hintergrund.html)

Svensen89 07.08.2010 19:01
GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover
Rootkit scan 2010-08-07 20:00:27
Windows 6.1.7600
Running: mzoerpbu.exe; Driver: C:\Users\user\AppData\Local\Temp\kwddypog.sys


---- System - GMER 1.0.15 ----

SSDT 80775F3C ZwCreateThread
SSDT 80775F28 ZwOpenProcess
SSDT 80775F2D ZwOpenThread
SSDT 80775F37 ZwTerminateProcess

INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8302CAF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8302C104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8302C3F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 830152D8
INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83014898
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8302C1DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8302C958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8302C6F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8302CF2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8302D1A8

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!ZwSaveKeyEx + 13B1 8307E8E9 1 Byte [06]
.text ntoskrnl.exe!KiDispatchInterrupt + 5A2 8309E3D2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntoskrnl.exe!KeRemoveQueueEx + 14C3 830A5790 4 Bytes [3C, 5F, 77, 80] {CMP AL, 0x5f; JA 0xffffffffffffff84}
.text ntoskrnl.exe!KeRemoveQueueEx + 165F 830A592C 4 Bytes [28, 5F, 77, 80]
.text ntoskrnl.exe!KeRemoveQueueEx + 167F 830A594C 4 Bytes [2D, 5F, 77, 80]
.text ntoskrnl.exe!KeRemoveQueueEx + 192F 830A5BFC 4 Bytes [37, 5F, 77, 80] {AAA ; POP EDI; JA 0xffffffffffffff84}
.text C:\Windows\system32\drivers\ACEDRV05.sys section is writeable [0x8CEED000, 0x30A4A, 0xE8000020]
.pklstb C:\Windows\system32\drivers\ACEDRV05.sys entry point in ".pklstb" section [0x8CF2F000]
.relo2 C:\Windows\system32\drivers\ACEDRV05.sys unknown last section [0x8CF4A000, 0x8E, 0x42000040]
.text C:\Windows\system32\drivers\SSHDRV76.sys section is writeable [0x8CF4C000, 0x16204, 0xE8000020]
.pklstb C:\Windows\system32\drivers\SSHDRV76.sys entry point in ".pklstb" section [0x8CF6A000]
.relo2 C:\Windows\system32\drivers\SSHDRV76.sys unknown last section [0x8CF7A000, 0x86, 0x42000040]
.text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0xA0567300, 0x3B6D8, 0xE8000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0xA05AA300, 0x1BEE, 0xE8000020]
.text peauth.sys A05B4C9D 28 Bytes [D5, D8, 75, F4, A8, 45, 64, ...]
.text peauth.sys A05B4CC1 28 Bytes [D5, D8, 75, F4, A8, 45, 64, ...]
PAGE peauth.sys A05BAE20 101 Bytes [0B, 68, 06, 2F, FE, CE, B5, ...]
PAGE peauth.sys A05BB02C 102 Bytes [56, BA, 3F, 27, D8, EA, 28, ...]

---- User code sections - GMER 1.0.15 ----

.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtCreateFile + 6 77814A36 4 Bytes [28, 00, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtCreateFile + B 77814A3B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenFile + 6 77815146 4 Bytes [68, 00, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenFile + B 7781514B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenProcess + 6 778151F6 4 Bytes [A8, 01, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenProcess + B 778151FB 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenProcessToken + 6 77815206 4 Bytes CALL 7681580C C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenProcessToken + B 7781520B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenProcessTokenEx + 6 77815216 4 Bytes [A8, 02, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenProcessTokenEx + B 7781521B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenThread + 6 77815276 4 Bytes [68, 01, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenThread + B 7781527B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenThreadToken + 6 77815286 4 Bytes [68, 02, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenThreadToken + B 7781528B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenThreadTokenEx + 6 77815296 4 Bytes CALL 7681589D C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtOpenThreadTokenEx + B 7781529B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtQueryAttributesFile + 6 778153A6 4 Bytes [A8, 00, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtQueryAttributesFile + B 778153AB 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtQueryFullAttributesFile + 6 77815456 4 Bytes CALL 76815A5B C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtQueryFullAttributesFile + B 7781545B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtSetInformationFile + 6 77815AA6 4 Bytes [28, 01, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtSetInformationFile + B 77815AAB 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtSetInformationThread + 6 77815B06 4 Bytes [28, 02, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[744] ntdll.dll!NtSetInformationThread + B 77815B0B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtCreateFile + 6 77814A36 4 Bytes [28, 00, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtCreateFile + B 77814A3B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtOpenFile + 6 77815146 4 Bytes [68, 00, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtOpenFile + B 7781514B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtOpenProcess + 6 778151F6 4 Bytes [A8, 01, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtOpenProcess + B 778151FB 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtOpenProcessToken + 6 77815206 4 Bytes CALL 7681580C C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtOpenProcessToken + B 7781520B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtOpenProcessTokenEx + 6 77815216 4 Bytes [A8, 02, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtOpenProcessTokenEx + B 7781521B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtOpenThread + 6 77815276 4 Bytes [68, 01, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtOpenThread + B 7781527B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtOpenThreadToken + 6 77815286 4 Bytes [68, 02, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtOpenThreadToken + B 7781528B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtOpenThreadTokenEx + 6 77815296 4 Bytes CALL 7681589D C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtOpenThreadTokenEx + B 7781529B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtQueryAttributesFile + 6 778153A6 4 Bytes [A8, 00, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtQueryAttributesFile + B 778153AB 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtQueryFullAttributesFile + 6 77815456 4 Bytes CALL 76815A5B C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtQueryFullAttributesFile + B 7781545B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtSetInformationFile + 6 77815AA6 4 Bytes [28, 01, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtSetInformationFile + B 77815AAB 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtSetInformationThread + 6 77815B06 4 Bytes [28, 02, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[4044] ntdll.dll!NtSetInformationThread + B 77815B0B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtCreateFile + 6 77814A36 4 Bytes [28, 00, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtCreateFile + B 77814A3B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtOpenFile + 6 77815146 4 Bytes [68, 00, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtOpenFile + B 7781514B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtOpenProcess + 6 778151F6 4 Bytes [A8, 01, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtOpenProcess + B 778151FB 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtOpenProcessToken + 6 77815206 4 Bytes CALL 7681580C C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtOpenProcessToken + B 7781520B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtOpenProcessTokenEx + 6 77815216 4 Bytes [A8, 02, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtOpenProcessTokenEx + B 7781521B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtOpenThread + 6 77815276 4 Bytes [68, 01, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtOpenThread + B 7781527B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtOpenThreadToken + 6 77815286 4 Bytes [68, 02, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtOpenThreadToken + B 7781528B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtOpenThreadTokenEx + 6 77815296 4 Bytes CALL 7681589D C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtOpenThreadTokenEx + B 7781529B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtQueryAttributesFile + 6 778153A6 4 Bytes [A8, 00, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtQueryAttributesFile + B 778153AB 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtQueryFullAttributesFile + 6 77815456 4 Bytes CALL 76815A5B C:\Windows\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation)
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtQueryFullAttributesFile + B 7781545B 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtSetInformationFile + 6 77815AA6 4 Bytes [28, 01, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtSetInformationFile + B 77815AAB 1 Byte [E2]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtSetInformationThread + 6 77815B06 4 Bytes [28, 02, 06, 00]
.text C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe[5308] ntdll.dll!NtSetInformationThread + B 77815B0B 1 Byte [E2]

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\ACPI_HAL \Device\00000058 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume7 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\BTHPORT
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\HidBth
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\0001
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\0001@BackupContext 0x02 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\0001@COD Type 1
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\0001@Scans Before Out of Range 8
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\0001@SCO Max Channels 2
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\0001@Store Link Key COD Masks 0x00 0x00 0x1F 0x43 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\0001@SymbolicLinkName \??\USB#VID_0A12&PID_0001#5&34e08004&0&2#{0850302a-b344-4fda-9be9-90576b8d46f0}
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\0001@SymbolicName \??\USB#VID_0A12&PID_0001#5&34e08004&0&2#{a5dcbf10-6530-11d2-901f-00c04fb951ed}
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings\0001@Write Scan Enable 2
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xA0 0x4D 0x75 0x70 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xC5 0x9C 0xEF 0xF3 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x10 0x1B 0xCD 0x77 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x42 0xBF 0x14 0xD6 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\BTHPORT (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\HidBth (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\0001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\0001@BackupContext 0x02 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\0001@COD Type 1
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\0001@Scans Before Out of Range 8
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\0001@SCO Max Channels 2
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\0001@Store Link Key COD Masks 0x00 0x00 0x1F 0x43 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\0001@SymbolicLinkName \??\USB#VID_0A12&PID_0001#5&34e08004&0&2#{0850302a-b344-4fda-9be9-90576b8d46f0}
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\0001@SymbolicName \??\USB#VID_0A12&PID_0001#5&34e08004&0&2#{a5dcbf10-6530-11d2-901f-00c04fb951ed}
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings\0001@Write Scan Enable 2
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xA0 0x4D 0x75 0x70 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xC5 0x9C 0xEF 0xF3 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x10 0x1B 0xCD 0x77 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x42 0xBF 0x14 0xD6 ...
Reg HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\SystemIndex@{D886BAC7-5194-11DD-9464-806E6F6E6963} 7141876640
Reg HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\SystemIndex@{5885E366-A224-11DF-9B8B-806E6F6E6963} 48380280

---- EOF - GMER 1.0.15 ----

cosinus 08.08.2010 11:08
Sieht auch ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:56 Uhr.
Seite 3 von 3 12 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131