|
BOO/TDss.A mit Virenscanner 3 xgefunden Hallo zusammen, in letzter Zeit habe ich etwas Probleme mit meinem Rechner. Er öffnet aufgerufene Dateien mit Verzögerung und sehr oft habe ich einen "blauen Bildschirm und er fährt dann runter und startet neu.Auch kann ich keine automatischen Updates mehr über Microsoft machen und die automatische Datensicherung wird nicht erfolgreich ausgeführt. Dann kommt noch recht oft die Fehlermeldung"Hostprozess für Windows.Dienste wurde beendet und geschlossen". Ich habe dann einen Scan mit meinem vorhandenen Antivir gemacht und auf jedem Laufwerk jeweils den oben genannten Eintrag bekommen und den Hinweis das er nicht entfernt werden kann. Was man so lesen kann bedeutet das ein neuaufsetzten des Systems?Ich bin grad dabei einen Komplettscan mit Malwarebyts auf C durchlaufen. Danach will ich noch,wie in einem anderen Beitrag gelesen,einen Scan mit OTL machen und beide Logs hier einstellen. Das ist erstmal das was mir aufgefallen ist was nicht stimmt am Rechner.Ach ja,unter Mozilla werden einfach so irgendwelche Seiten geöffnet. Hier einmal ein Log,ich habe diesen Abgebrochen weil ich alle festplatten ausgewählt hatte und der Scan dann sicher einen ganzen Tag benötigt. "" Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 5725 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 09.02.2011 23:56:30 mbam-log-2011-02-09 (23-56-28).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|H:\|) Durchsuchte Objekte: 73626 Laufzeit: 16 Minute(n), 57 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 1 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CLASSES_ROOT\CLSID\{ef34404a-747c-81d8-843a-d938e181273d} (Adware.BHO.FL) -> No action taken. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Oliver Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 5725 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 10.02.2011 08:46:52 mbam-log-2011-02-10 (08-46-52).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Durchsuchte Objekte: 553106 Laufzeit: 3 Stunde(n), 39 Minute(n), 4 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 7 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 12 Infizierte Dateien: 50 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\s_-j_2l (Adware.AdRotator) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\RegistryDoktorNE (Rogue.RegistryDoktor) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Registry_Doktor 2009_is1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8c484332-8128-2096-94a6-da812793d493} (Adware.AdRotator) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8c484332-8128-2096-94a6-da812793d493} (Adware.AdRotator) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8C484332-8128-2096-94A6-DA812793D493} (Adware.AdRotator) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: c:\program files\flv direct player (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Button (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\ComboBox (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Menu (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Window (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\registry_doktor 4.1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. c:\program files\registry_doktor 4.1\definitions (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\flv direct player (Adware.FLVPlayer) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\registry_doktor 4.1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. Infizierte Dateien: c:\WINDOWS\System32\s_-j_2l.exe (Adware.AdRotator) -> Quarantined and deleted successfully. c:\program files\flv direct player\downloading.swf (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\dskinliteu.dll (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\flvplayer.exe (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\player.dat (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\preload.swf (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\uninstall.exe (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin.xml (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Button\button_default.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Button\button_disable.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Button\button_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Button\button_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Button\button_normal.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\ComboBox\combobox_buttondown.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\ComboBox\combobox_buttonhot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\ComboBox\combobox_buttonnor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\ComboBox\edit_back.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Menu\menubg.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Menu\menuitem_arrow.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Menu\menuitem_check.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Menu\menuitem_select.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Menu\menuitem_seperator.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_close_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_close_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_close_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_max_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_max_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_max_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_min_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_min_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_min_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_restore_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_restore_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_restore_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Window\bottomborder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Window\downarrow.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Window\leftborder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Window\Logo.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Window\main.ico (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Window\rightborder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Window\titlepattern.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\registry_doktor 4.1\Task.dat (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. c:\program files\registry_doktor 4.1\unins000.dat (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. c:\program files\registry_doktor 4.1\unins000.exe (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. c:\program files\registry_doktor 4.1\definitions\200812.cab (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\flv direct player\flv direct player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\flv direct player\uninstall flv direct player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\registry_doktor 4.1\registry doktor 4.1 entfernen.lnk (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\registry_doktor 4.1\registry doktor 4.1.lnk (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. Und hier der zweiteOTL Logfile: Code: OTL logfile created on: 10.02.2011 08:51:40 - Run 2Ob mir evtl. jemand nur kurz sagen kann ob ich das System neu aufsetzten muss`?Banking mache ich nichtmehr usw Danke euch Oliver |
Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle davon posten. Du findest diese im Reiter Logdateien in Malwarebytes. |
Zur Zeit sagt mir der Pc das der Abhängigkeitsdienst von dem Program nicht gestartet werden kann,ich starte mal grad neu. Ich hatte noch die anderen Platten und den stick gescannt Was das nervt....bis gleich EDIT: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 5725 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 09.02.2011 23:56:37 mbam-log-2011-02-09 (23-56-37).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|H:\|) Durchsuchte Objekte: 73626 Laufzeit: 16 Minute(n), 57 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 1 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CLASSES_ROOT\CLSID\{ef34404a-747c-81d8-843a-d938e181273d} (Adware.BHO.FL) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Und noch eins Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 5725 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 10.02.2011 08:46:52 mbam-log-2011-02-10 (08-46-52).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Durchsuchte Objekte: 553106 Laufzeit: 3 Stunde(n), 39 Minute(n), 4 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 7 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 12 Infizierte Dateien: 50 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\s_-j_2l (Adware.AdRotator) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\RegistryDoktorNE (Rogue.RegistryDoktor) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Registry_Doktor 2009_is1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8c484332-8128-2096-94a6-da812793d493} (Adware.AdRotator) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8c484332-8128-2096-94a6-da812793d493} (Adware.AdRotator) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8C484332-8128-2096-94A6-DA812793D493} (Adware.AdRotator) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: c:\program files\flv direct player (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Button (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\ComboBox (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Menu (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Window (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\registry_doktor 4.1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. c:\program files\registry_doktor 4.1\definitions (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\flv direct player (Adware.FLVPlayer) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\registry_doktor 4.1 (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. Infizierte Dateien: c:\WINDOWS\System32\s_-j_2l.exe (Adware.AdRotator) -> Quarantined and deleted successfully. c:\program files\flv direct player\downloading.swf (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\dskinliteu.dll (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\flvplayer.exe (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\player.dat (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\preload.swf (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\uninstall.exe (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin.xml (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Button\button_default.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Button\button_disable.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Button\button_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Button\button_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Button\button_normal.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\ComboBox\combobox_buttondown.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\ComboBox\combobox_buttonhot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\ComboBox\combobox_buttonnor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\ComboBox\edit_back.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Menu\menubg.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Menu\menuitem_arrow.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Menu\menuitem_check.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Menu\menuitem_select.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Menu\menuitem_seperator.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_close_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_close_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_close_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_max_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_max_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_max_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_min_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_min_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_min_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_restore_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_restore_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\sysbutton\sys_restore_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Window\bottomborder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Window\downarrow.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Window\leftborder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Window\Logo.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Window\main.ico (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Window\rightborder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\flv direct player\skindirectflv\skin\Window\titlepattern.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. c:\program files\registry_doktor 4.1\Task.dat (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. c:\program files\registry_doktor 4.1\unins000.dat (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. c:\program files\registry_doktor 4.1\unins000.exe (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. c:\program files\registry_doktor 4.1\definitions\200812.cab (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\flv direct player\flv direct player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\flv direct player\uninstall flv direct player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\registry_doktor 4.1\registry doktor 4.1 entfernen.lnk (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\registry_doktor 4.1\registry doktor 4.1.lnk (Rogue.RegistryDoctor) -> Quarantined and deleted successfully. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 5731 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 10.02.2011 19:30:56 mbam-log-2011-02-10 (19-30-56).txt Art des Suchlaufs: Vollständiger Suchlauf (D:\|E:\|) Durchsuchte Objekte: 331773 Laufzeit: 1 Stunde(n), 2 Minute(n), 44 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 5731 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 10.02.2011 14:55:46 mbam-log-2011-02-10 (14-55-46).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 185342 Laufzeit: 11 Minute(n), 13 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 1 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\Users\Besitzer\downloads\pantsoff.exe (PUP.PSWFinder) -> Quarantined and deleted successfully. |
Wie gehts nun weiter? Oder soll ich einfach,so wie er ist alles kopieren und neu aufspielen? Für eine Antwort würde ich sehr dankbar sein. Oliver |
Mach bitte erstmal ein Log mit dem Kaspersky-TDSS-Tool, du bist ja ganz offensichtlich Opfer des TDSS, das den MBR infiziert => http://www.trojaner-board.de/82358-t...entfernen.html |
Ok,wird jetzt erledigt.... |
2011/02/12 00:30:09.0700 1268 TDSS rootkit removing tool 2.4.17.0 Feb 10 2011 11:07:20 2011/02/12 00:30:11.0703 1268 ================================================================================ 2011/02/12 00:30:11.0703 1268 SystemInfo: 2011/02/12 00:30:11.0703 1268 2011/02/12 00:30:11.0704 1268 OS Version: 6.0.6002 ServicePack: 2.0 2011/02/12 00:30:11.0704 1268 Product type: Workstation 2011/02/12 00:30:11.0704 1268 ComputerName: BESITZER-PC 2011/02/12 00:30:11.0704 1268 UserName: Besitzer 2011/02/12 00:30:11.0704 1268 Windows directory: C:\Windows 2011/02/12 00:30:11.0704 1268 System windows directory: C:\Windows 2011/02/12 00:30:11.0704 1268 Processor architecture: Intel x86 2011/02/12 00:30:11.0704 1268 Number of processors: 2 2011/02/12 00:30:11.0704 1268 Page size: 0x1000 2011/02/12 00:30:11.0705 1268 Boot type: Normal boot 2011/02/12 00:30:11.0705 1268 ================================================================================ 2011/02/12 00:30:21.0042 1268 Initialize success 2011/02/12 00:30:28.0275 3016 ================================================================================ 2011/02/12 00:30:28.0275 3016 Scan started 2011/02/12 00:30:28.0275 3016 Mode: Manual; 2011/02/12 00:30:28.0275 3016 ================================================================================ 2011/02/12 00:30:29.0853 3016 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2011/02/12 00:30:30.0075 3016 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 2011/02/12 00:30:30.0262 3016 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 2011/02/12 00:30:30.0336 3016 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 2011/02/12 00:30:30.0478 3016 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 2011/02/12 00:30:30.0666 3016 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys 2011/02/12 00:30:30.0826 3016 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys 2011/02/12 00:30:30.0936 3016 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/02/12 00:30:31.0038 3016 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys 2011/02/12 00:30:31.0153 3016 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys 2011/02/12 00:30:31.0256 3016 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys 2011/02/12 00:30:31.0390 3016 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 2011/02/12 00:30:31.0496 3016 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys 2011/02/12 00:30:31.0809 3016 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 2011/02/12 00:30:31.0985 3016 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 2011/02/12 00:30:32.0106 3016 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/02/12 00:30:32.0238 3016 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 2011/02/12 00:30:32.0421 3016 avfwim (1aad99ec3679bd773cb8320a3148987d) C:\Windows\system32\DRIVERS\avfwim.sys 2011/02/12 00:30:32.0585 3016 avfwot (e513bcdd34350c5b436dbe83d72ca651) C:\Windows\system32\DRIVERS\avfwot.sys 2011/02/12 00:30:32.0751 3016 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys 2011/02/12 00:30:32.0954 3016 AvgLdx86 (c9205ae415c96da28f5d22102fcd9313) C:\Windows\System32\Drivers\avgldx86.sys 2011/02/12 00:30:33.0165 3016 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys 2011/02/12 00:30:33.0321 3016 AvgTdiX (330fbb2afee662d0546669932ac22ffb) C:\Windows\System32\Drivers\avgtdix.sys 2011/02/12 00:30:33.0455 3016 avipbb (da39805e2bad99d37fce9477dd94e7f2) C:\Windows\system32\DRIVERS\avipbb.sys 2011/02/12 00:30:33.0682 3016 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys 2011/02/12 00:30:33.0829 3016 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2011/02/12 00:30:34.0110 3016 BMLoad (d002033c1a37f6af51b5f0ba6d0211bc) C:\Windows\system32\drivers\BMLoad.sys 2011/02/12 00:30:34.0257 3016 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys 2011/02/12 00:30:34.0375 3016 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/02/12 00:30:34.0519 3016 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/02/12 00:30:34.0636 3016 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/02/12 00:30:34.0760 3016 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/02/12 00:30:34.0896 3016 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/02/12 00:30:35.0013 3016 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/02/12 00:30:35.0137 3016 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/02/12 00:30:35.0273 3016 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/02/12 00:30:35.0446 3016 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2011/02/12 00:30:35.0552 3016 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 2011/02/12 00:30:35.0688 3016 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2011/02/12 00:30:35.0877 3016 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/02/12 00:30:36.0032 3016 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys 2011/02/12 00:30:36.0121 3016 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 2011/02/12 00:30:36.0255 3016 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 2011/02/12 00:30:36.0395 3016 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 2011/02/12 00:30:36.0549 3016 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys 2011/02/12 00:30:36.0751 3016 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2011/02/12 00:30:36.0936 3016 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys 2011/02/12 00:30:37.0025 3016 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys 2011/02/12 00:30:37.0190 3016 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys 2011/02/12 00:30:37.0318 3016 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2011/02/12 00:30:37.0463 3016 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys 2011/02/12 00:30:37.0626 3016 E100B (c0b00e55cf82d122d25983c7a6a53dea) C:\Windows\system32\DRIVERS\e100b325.sys 2011/02/12 00:30:37.0759 3016 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/02/12 00:30:37.0916 3016 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2011/02/12 00:30:38.0055 3016 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 2011/02/12 00:30:38.0205 3016 eusk2par (f7955f5273f7ca5da13ebeef4f736c44) C:\Windows\system32\Drivers\eusk2par.sys 2011/02/12 00:30:38.0340 3016 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2011/02/12 00:30:38.0470 3016 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2011/02/12 00:30:38.0687 3016 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys 2011/02/12 00:30:38.0796 3016 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2011/02/12 00:30:38.0923 3016 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2011/02/12 00:30:39.0040 3016 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/02/12 00:30:39.0190 3016 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2011/02/12 00:30:39.0373 3016 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys 2011/02/12 00:30:39.0467 3016 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2011/02/12 00:30:39.0573 3016 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 2011/02/12 00:30:39.0697 3016 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2011/02/12 00:30:39.0811 3016 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys 2011/02/12 00:30:39.0873 3016 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys 2011/02/12 00:30:40.0054 3016 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 2011/02/12 00:30:40.0201 3016 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/02/12 00:30:40.0323 3016 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/02/12 00:30:40.0392 3016 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2011/02/12 00:30:40.0501 3016 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2011/02/12 00:30:40.0645 3016 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 2011/02/12 00:30:40.0746 3016 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys 2011/02/12 00:30:40.0861 3016 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys 2011/02/12 00:30:41.0048 3016 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 2011/02/12 00:30:41.0172 3016 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS 2011/02/12 00:30:41.0352 3016 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2011/02/12 00:30:41.0513 3016 hwdatacard (92ca47da32009ccc00a5aded04abbd78) C:\Windows\system32\DRIVERS\ewusbmdm.sys 2011/02/12 00:30:41.0718 3016 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 2011/02/12 00:30:41.0817 3016 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/02/12 00:30:42.0013 3016 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys 2011/02/12 00:30:42.0195 3016 iaStor (2358c53f30cb9dcd1d3843c4e2f299b2) C:\Windows\system32\DRIVERS\iaStor.sys 2011/02/12 00:30:42.0295 3016 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 2011/02/12 00:30:42.0444 3016 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/02/12 00:30:42.0671 3016 IntcAzAudAddService (9f5898ebd3bbe82eadf2efa595f02a72) C:\Windows\system32\drivers\RTKVHDA.sys 2011/02/12 00:30:42.0909 3016 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 2011/02/12 00:30:42.0987 3016 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2011/02/12 00:30:43.0198 3016 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/02/12 00:30:43.0321 3016 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 2011/02/12 00:30:43.0456 3016 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2011/02/12 00:30:43.0548 3016 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2011/02/12 00:30:43.0709 3016 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys 2011/02/12 00:30:43.0785 3016 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/02/12 00:30:43.0892 3016 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/02/12 00:30:43.0969 3016 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/02/12 00:30:44.0030 3016 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/02/12 00:30:44.0198 3016 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/02/12 00:30:44.0289 3016 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2011/02/12 00:30:44.0529 3016 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/02/12 00:30:44.0651 3016 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 2011/02/12 00:30:44.0702 3016 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 2011/02/12 00:30:44.0822 3016 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 2011/02/12 00:30:44.0900 3016 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2011/02/12 00:30:45.0031 3016 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 2011/02/12 00:30:45.0108 3016 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2011/02/12 00:30:45.0165 3016 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2011/02/12 00:30:45.0303 3016 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2011/02/12 00:30:45.0405 3016 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2011/02/12 00:30:45.0464 3016 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2011/02/12 00:30:45.0593 3016 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 2011/02/12 00:30:45.0764 3016 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2011/02/12 00:30:45.0943 3016 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/02/12 00:30:46.0242 3016 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2011/02/12 00:30:46.0524 3016 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/02/12 00:30:46.0673 3016 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/02/12 00:30:46.0868 3016 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/02/12 00:30:47.0072 3016 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys 2011/02/12 00:30:47.0193 3016 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 2011/02/12 00:30:47.0362 3016 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2011/02/12 00:30:47.0533 3016 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2011/02/12 00:30:47.0676 3016 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2011/02/12 00:30:47.0743 3016 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/02/12 00:30:47.0801 3016 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2011/02/12 00:30:47.0945 3016 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2011/02/12 00:30:48.0128 3016 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/02/12 00:30:48.0266 3016 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2011/02/12 00:30:48.0341 3016 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2011/02/12 00:30:48.0504 3016 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2011/02/12 00:30:48.0637 3016 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2011/02/12 00:30:48.0801 3016 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/02/12 00:30:48.0960 3016 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/02/12 00:30:49.0117 3016 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/02/12 00:30:49.0200 3016 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2011/02/12 00:30:49.0371 3016 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2011/02/12 00:30:49.0443 3016 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2011/02/12 00:30:49.0691 3016 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys 2011/02/12 00:30:49.0916 3016 NETw4v32 (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys 2011/02/12 00:30:50.0223 3016 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys 2011/02/12 00:30:50.0384 3016 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/02/12 00:30:50.0487 3016 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2011/02/12 00:30:50.0658 3016 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2011/02/12 00:30:50.0797 3016 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2011/02/12 00:30:50.0978 3016 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/02/12 00:30:51.0129 3016 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2011/02/12 00:30:51.0549 3016 nvlddmkm (24000b817cc84ac1555f41929879af5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/02/12 00:30:52.0077 3016 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 2011/02/12 00:30:52.0252 3016 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 2011/02/12 00:30:52.0339 3016 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys 2011/02/12 00:30:52.0487 3016 NWADI (aa62ba29ef342d805555196f46fcaa4e) C:\Windows\system32\DRIVERS\NWADIenum.sys 2011/02/12 00:30:52.0664 3016 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/02/12 00:30:52.0828 3016 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/02/12 00:30:52.0896 3016 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2011/02/12 00:30:52.0944 3016 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/02/12 00:30:53.0128 3016 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2011/02/12 00:30:53.0183 3016 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys 2011/02/12 00:30:53.0346 3016 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/02/12 00:30:53.0451 3016 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/02/12 00:30:53.0745 3016 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2011/02/12 00:30:53.0865 3016 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 2011/02/12 00:30:54.0061 3016 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2011/02/12 00:30:54.0237 3016 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 2011/02/12 00:30:54.0411 3016 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/02/12 00:30:54.0547 3016 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2011/02/12 00:30:54.0706 3016 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2011/02/12 00:30:54.0837 3016 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/02/12 00:30:55.0023 3016 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/02/12 00:30:55.0110 3016 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2011/02/12 00:30:55.0237 3016 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2011/02/12 00:30:55.0330 3016 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/02/12 00:30:55.0461 3016 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys 2011/02/12 00:30:55.0565 3016 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2011/02/12 00:30:55.0685 3016 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2011/02/12 00:30:55.0882 3016 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys 2011/02/12 00:30:55.0975 3016 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys 2011/02/12 00:30:56.0165 3016 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys 2011/02/12 00:30:56.0281 3016 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2011/02/12 00:30:56.0435 3016 RTL8169 (9a929308a64183d3d9dccbb6df4badae) C:\Windows\system32\DRIVERS\Rtlh86.sys 2011/02/12 00:30:56.0540 3016 s0016bus (59509ad6cbc28f2c73056268985b3e48) C:\Windows\system32\DRIVERS\s0016bus.sys 2011/02/12 00:30:56.0684 3016 s1018bus (1c5c2cb892553d2cf3f45a4bb323fcd6) C:\Windows\system32\DRIVERS\s1018bus.sys 2011/02/12 00:30:56.0807 3016 s1018mdfl (38f5ea219593f19b6b3a1b9c169e3b61) C:\Windows\system32\DRIVERS\s1018mdfl.sys 2011/02/12 00:30:56.0914 3016 s1018mdm (666af6b64fc7df92d3ca4819ea91631d) C:\Windows\system32\DRIVERS\s1018mdm.sys 2011/02/12 00:30:57.0029 3016 s1018mgmt (f4ceda6e2ddff2af8bd745615a7ca9c0) C:\Windows\system32\DRIVERS\s1018mgmt.sys 2011/02/12 00:30:57.0166 3016 s1018nd5 (3622d9ff2253dcbe885b10736609a4ca) C:\Windows\system32\DRIVERS\s1018nd5.sys 2011/02/12 00:30:57.0264 3016 s1018obex (49431efda842b474531c29ffae9f5d09) C:\Windows\system32\DRIVERS\s1018obex.sys 2011/02/12 00:30:57.0333 3016 s1018unic (ac6b514cb4474f4c867d7cdc9cd54f05) C:\Windows\system32\DRIVERS\s1018unic.sys 2011/02/12 00:30:57.0478 3016 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/02/12 00:30:57.0731 3016 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys 2011/02/12 00:30:57.0918 3016 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/02/12 00:30:58.0057 3016 seehcri (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys 2011/02/12 00:30:58.0211 3016 Ser2pl (cb3e852b818946f396e35a976ee6b552) C:\Windows\system32\DRIVERS\ser2pl.sys 2011/02/12 00:30:58.0318 3016 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys 2011/02/12 00:30:58.0473 3016 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2011/02/12 00:30:58.0556 3016 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\DRIVERS\sermouse.sys 2011/02/12 00:30:58.0730 3016 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys 2011/02/12 00:30:58.0792 3016 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys 2011/02/12 00:30:58.0935 3016 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys 2011/02/12 00:30:59.0050 3016 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/02/12 00:30:59.0204 3016 silabenm (c16173316918a1360dc22947c4ff6352) C:\Windows\system32\DRIVERS\silabenm.sys 2011/02/12 00:30:59.0287 3016 silabser (1be2ced35fb9f377bda14fc035691f38) C:\Windows\system32\DRIVERS\silabser.sys 2011/02/12 00:30:59.0447 3016 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys 2011/02/12 00:30:59.0535 3016 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 2011/02/12 00:30:59.0684 3016 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 2011/02/12 00:30:59.0809 3016 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2011/02/12 00:30:59.0947 3016 smserial (63b3b77bdb67ee674771c0e6fb96da9e) C:\Windows\system32\DRIVERS\smserial.sys 2011/02/12 00:31:00.0175 3016 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2011/02/12 00:31:00.0362 3016 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys 2011/02/12 00:31:00.0424 3016 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys 2011/02/12 00:31:00.0555 3016 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys 2011/02/12 00:31:00.0766 3016 ssmdrv (5ec550b8952882ee856b862cf648522d) C:\Windows\system32\DRIVERS\ssmdrv.sys 2011/02/12 00:31:01.0006 3016 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2011/02/12 00:31:01.0072 3016 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/02/12 00:31:01.0289 3016 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/02/12 00:31:01.0343 3016 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/02/12 00:31:01.0475 3016 SynTP (f5d926807bd9bc0af68f9376144de425) C:\Windows\system32\DRIVERS\SynTP.sys 2011/02/12 00:31:01.0743 3016 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys 2011/02/12 00:31:01.0931 3016 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys 2011/02/12 00:31:02.0079 3016 tcpipBM (dcfeb82ca988598ceb8f83148616038e) C:\Windows\system32\drivers\tcpipBM.sys 2011/02/12 00:31:02.0158 3016 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2011/02/12 00:31:02.0281 3016 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2011/02/12 00:31:02.0339 3016 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2011/02/12 00:31:02.0410 3016 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2011/02/12 00:31:02.0534 3016 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2011/02/12 00:31:02.0678 3016 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/02/12 00:31:02.0830 3016 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2011/02/12 00:31:02.0964 3016 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2011/02/12 00:31:03.0064 3016 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 2011/02/12 00:31:03.0267 3016 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2011/02/12 00:31:03.0391 3016 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys 2011/02/12 00:31:03.0565 3016 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 2011/02/12 00:31:03.0651 3016 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/02/12 00:31:03.0817 3016 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/02/12 00:31:03.0925 3016 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2011/02/12 00:31:04.0080 3016 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/02/12 00:31:04.0227 3016 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/02/12 00:31:04.0360 3016 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/02/12 00:31:04.0464 3016 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2011/02/12 00:31:04.0524 3016 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2011/02/12 00:31:04.0622 3016 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 2011/02/12 00:31:04.0720 3016 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/02/12 00:31:04.0853 3016 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/02/12 00:31:04.0948 3016 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 2011/02/12 00:31:05.0106 3016 usb_rndisx (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys 2011/02/12 00:31:05.0250 3016 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/02/12 00:31:05.0385 3016 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2011/02/12 00:31:05.0519 3016 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys 2011/02/12 00:31:05.0599 3016 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 2011/02/12 00:31:05.0685 3016 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys 2011/02/12 00:31:05.0749 3016 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2011/02/12 00:31:05.0864 3016 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2011/02/12 00:31:05.0979 3016 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2011/02/12 00:31:06.0113 3016 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 2011/02/12 00:31:06.0273 3016 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/02/12 00:31:06.0390 3016 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/02/12 00:31:06.0464 3016 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/02/12 00:31:06.0634 3016 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\Windows\system32\DRIVERS\wanatw4.sys 2011/02/12 00:31:06.0734 3016 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 2011/02/12 00:31:06.0881 3016 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2011/02/12 00:31:07.0119 3016 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 2011/02/12 00:31:07.0333 3016 winusb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys 2011/02/12 00:31:07.0440 3016 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/02/12 00:31:07.0627 3016 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 2011/02/12 00:31:07.0713 3016 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/02/12 00:31:07.0921 3016 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/02/12 00:31:08.0148 3016 xtouch (444c391466fcf997586846db2df49cbd) C:\Windows\system32\DRIVERS\xtouch.sys 2011/02/12 00:31:08.0355 3016 {22D78859-9CE9-4B77-BF18-AC83E81A9263} (8903c6979ea677a9af3d36e0d3709203) C:\Program Files\HP\QuickPlay\000.fcl 2011/02/12 00:31:08.0498 3016 \HardDisk1 - detected Rootkit.Win32.TDSS.tdl4 (0) 2011/02/12 00:31:08.0536 3016 ================================================================================ 2011/02/12 00:31:08.0536 3016 Scan finished 2011/02/12 00:31:08.0536 3016 ================================================================================ 2011/02/12 00:31:08.0565 3616 Detected object count: 1 2011/02/12 00:31:20.0861 3616 \HardDisk1 - will be cured after reboot 2011/02/12 00:31:20.0863 3616 Rootkit.Win32.TDSS.tdl4(\HardDisk1) - User select action: Cure 2011/02/12 00:31:43.0320 3108 Deinitialize success |
Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code: :OTLDas Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. |
All processes killed ========== OTL ========== ADS C:\Users\Besitzer\Documents\AW_ gewinde.eml:OECustomProperty deleted successfully. ADS C:\Users\Besitzer\Documents\Re_ gewinde.eml:OECustomProperty deleted successfully. Unable to delete ADS C:\Users\Besitzer\Documents\ogrevani_sedezi_www.planetbossi.ch.mpeg:TOC.WMV . Unable to delete ADS C:\Users\Besitzer\Documents\NEW.avi:TOC.WMV . Unable to delete ADS C:\Users\Besitzer\Documents\neuerSpannungsprüfer.mpg:TOC.WMV . Unable to delete ADS C:\Users\Besitzer\Documents\BegehbarerSchrank.avi:TOC.WMV . File C:\Windows\System32\drivers\rxqkubtm.sys not found. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! File C:\autoexec.bat not found. File E:\AUTOMODE not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ec86dfb-da30-11dd-9bc2-001e68300c1c}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ec86dfb-da30-11dd-9bc2-001e68300c1c}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ec86dfb-da30-11dd-9bc2-001e68300c1c}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ec86dfb-da30-11dd-9bc2-001e68300c1c}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ec86e0e-da30-11dd-9bc2-001e68300c1c}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ec86e0e-da30-11dd-9bc2-001e68300c1c}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ec86e0e-da30-11dd-9bc2-001e68300c1c}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ec86e0e-da30-11dd-9bc2-001e68300c1c}\ not found. File I:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18831021-c66b-11de-8719-9d4e8499ecc1}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18831021-c66b-11de-8719-9d4e8499ecc1}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18831021-c66b-11de-8719-9d4e8499ecc1}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18831021-c66b-11de-8719-9d4e8499ecc1}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{22ed21d1-1bbb-11df-9959-daedffe3e908}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22ed21d1-1bbb-11df-9959-daedffe3e908}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{22ed21d1-1bbb-11df-9959-daedffe3e908}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22ed21d1-1bbb-11df-9959-daedffe3e908}\ not found. File H:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{232f4d41-9852-11de-bbd0-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{232f4d41-9852-11de-bbd0-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{232f4d41-9852-11de-bbd0-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{232f4d41-9852-11de-bbd0-806e6f6e6963}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3867e77b-90ae-11de-a350-e474c5728839}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3867e77b-90ae-11de-a350-e474c5728839}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3867e77b-90ae-11de-a350-e474c5728839}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3867e77b-90ae-11de-a350-e474c5728839}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3867e77c-90ae-11de-a350-e474c5728839}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3867e77c-90ae-11de-a350-e474c5728839}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3867e77c-90ae-11de-a350-e474c5728839}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3867e77c-90ae-11de-a350-e474c5728839}\ not found. File I:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3867e77f-90ae-11de-a350-e474c5728839}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3867e77f-90ae-11de-a350-e474c5728839}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3867e77f-90ae-11de-a350-e474c5728839}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3867e77f-90ae-11de-a350-e474c5728839}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3867e782-90ae-11de-a350-ad3f831c2eab}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3867e782-90ae-11de-a350-ad3f831c2eab}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3867e782-90ae-11de-a350-ad3f831c2eab}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3867e782-90ae-11de-a350-ad3f831c2eab}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3867e787-90ae-11de-a350-ad3f831c2eab}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3867e787-90ae-11de-a350-ad3f831c2eab}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3867e787-90ae-11de-a350-ad3f831c2eab}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3867e787-90ae-11de-a350-ad3f831c2eab}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{446b4c09-9808-11de-b041-ac12ce5ec9ba}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{446b4c09-9808-11de-b041-ac12ce5ec9ba}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{446b4c09-9808-11de-b041-ac12ce5ec9ba}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{446b4c09-9808-11de-b041-ac12ce5ec9ba}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4fcaba16-9b1d-11de-8330-d113eb14b2d1}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4fcaba16-9b1d-11de-8330-d113eb14b2d1}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4fcaba16-9b1d-11de-8330-d113eb14b2d1}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4fcaba16-9b1d-11de-8330-d113eb14b2d1}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d4253c4-9f8e-11df-ab13-9f3c9c330bdd}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5d4253c4-9f8e-11df-ab13-9f3c9c330bdd}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d4253c4-9f8e-11df-ab13-9f3c9c330bdd}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5d4253c4-9f8e-11df-ab13-9f3c9c330bdd}\ not found. File H:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60c2371f-0d1f-11df-ae32-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60c2371f-0d1f-11df-ae32-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60c2371f-0d1f-11df-ae32-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60c2371f-0d1f-11df-ae32-806e6f6e6963}\ not found. File I:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7c84c765-cbc7-11de-8573-e50896887ff4}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7c84c765-cbc7-11de-8573-e50896887ff4}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7c84c765-cbc7-11de-8573-e50896887ff4}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7c84c765-cbc7-11de-8573-e50896887ff4}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{894f81c9-d171-11de-a0f1-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{894f81c9-d171-11de-a0f1-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{894f81c9-d171-11de-a0f1-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{894f81c9-d171-11de-a0f1-806e6f6e6963}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{935bcea8-8e67-11de-ae73-00038a000015}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{935bcea8-8e67-11de-ae73-00038a000015}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{935bcea8-8e67-11de-ae73-00038a000015}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{935bcea8-8e67-11de-ae73-00038a000015}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{935bceaa-8e67-11de-ae73-00038a000015}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{935bceaa-8e67-11de-ae73-00038a000015}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{935bceaa-8e67-11de-ae73-00038a000015}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{935bceaa-8e67-11de-ae73-00038a000015}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94b0b353-2228-11df-9dac-df4f4eb54d13}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94b0b353-2228-11df-9dac-df4f4eb54d13}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94b0b353-2228-11df-9dac-df4f4eb54d13}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94b0b353-2228-11df-9dac-df4f4eb54d13}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99dbb6fc-0ce1-11df-838c-aa8086c020a9}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99dbb6fc-0ce1-11df-838c-aa8086c020a9}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99dbb6fc-0ce1-11df-838c-aa8086c020a9}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99dbb6fc-0ce1-11df-838c-aa8086c020a9}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a212d73d-9b2b-11de-b014-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a212d73d-9b2b-11de-b014-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a212d73d-9b2b-11de-b014-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a212d73d-9b2b-11de-b014-806e6f6e6963}\ not found. File H:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a212d79e-9b2b-11de-b014-ed454fea280e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a212d79e-9b2b-11de-b014-ed454fea280e}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a212d79e-9b2b-11de-b014-ed454fea280e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a212d79e-9b2b-11de-b014-ed454fea280e}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ab491527-9b22-11de-9cbd-8ab1279669e5}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ab491527-9b22-11de-9cbd-8ab1279669e5}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ab491527-9b22-11de-9cbd-8ab1279669e5}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ab491527-9b22-11de-9cbd-8ab1279669e5}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac74a77e-9b12-11de-8957-a74aed332be2}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ac74a77e-9b12-11de-8957-a74aed332be2}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac74a77e-9b12-11de-8957-a74aed332be2}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ac74a77e-9b12-11de-8957-a74aed332be2}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac74a797-9b12-11de-8957-a74aed332be2}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ac74a797-9b12-11de-8957-a74aed332be2}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac74a797-9b12-11de-8957-a74aed332be2}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ac74a797-9b12-11de-8957-a74aed332be2}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d002cff5-0e7a-11df-b623-9768c52e6d42}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d002cff5-0e7a-11df-b623-9768c52e6d42}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d002cff5-0e7a-11df-b623-9768c52e6d42}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d002cff5-0e7a-11df-b623-9768c52e6d42}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d1e844ee-c673-11de-93be-9cfa62bfa2dc}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d1e844ee-c673-11de-93be-9cfa62bfa2dc}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d1e844ee-c673-11de-93be-9cfa62bfa2dc}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d1e844ee-c673-11de-93be-9cfa62bfa2dc}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d1e844f0-c673-11de-93be-9cfa62bfa2dc}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d1e844f0-c673-11de-93be-9cfa62bfa2dc}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d1e844f0-c673-11de-93be-9cfa62bfa2dc}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d1e844f0-c673-11de-93be-9cfa62bfa2dc}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{de3fc79f-d172-11de-827b-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{de3fc79f-d172-11de-827b-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{de3fc79f-d172-11de-827b-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{de3fc79f-d172-11de-827b-806e6f6e6963}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{de3fc7ff-d172-11de-827b-9fdd660c7dc5}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{de3fc7ff-d172-11de-827b-9fdd660c7dc5}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{de3fc7ff-d172-11de-827b-9fdd660c7dc5}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{de3fc7ff-d172-11de-827b-9fdd660c7dc5}\ not found. File F:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed3e6600-16e4-11df-81ad-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ed3e6600-16e4-11df-81ad-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed3e6600-16e4-11df-81ad-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ed3e6600-16e4-11df-81ad-806e6f6e6963}\ not found. File K:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f73f18d6-76a2-11de-9dfe-e908ffce8612}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f73f18d6-76a2-11de-9dfe-e908ffce8612}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f73f18d6-76a2-11de-9dfe-e908ffce8612}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f73f18d6-76a2-11de-9dfe-e908ffce8612}\ not found. File G:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found. File G:\AutoRun.exe not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DW6 not found. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: Besitzer ->Temp folder emptied: 192933 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 8842205 bytes ->Flash cache emptied: 37 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: xxxx ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: xxxx ->Flash cache emptied: 0 bytes User: xxxx ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes RecycleBin emptied: 1163105681 bytes Total Files Cleaned = 1.118,00 mb OTL by OldTimer - Version 3.2.20.6 log created on 02122011_105717 Files\Folders moved on Reboot... Registry entries deleted on Reboot... |
Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
http://saved.im/mtm0nzyzmzd5/cofi.jpg
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! |
Combofix Logfile: Code: ComboFix 11-02-11.02 - Besitzer 12.02.2011 12:17:50.1.2 - x86CCleaner auch gemacht. |
Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
|
OSAM Logfile: Code: Report of OSAM: Autorun Manager v5.0.11926.0If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru |
MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows Vista Home Premium Edition Windows Information: Service Pack 2 (build 6002), 32-bit Base Board Manufacturer: Quanta BIOS Manufacturer: Hewlett-Packard System Manufacturer: Hewlett-Packard System Product Name: HP Pavilion dv9700 Notebook PC Logical Drives Mask: 0x000000fc Kernel Drivers (total 160): 0x8264C000 \SystemRoot\system32\ntkrnlpa.exe 0x82619000 \SystemRoot\system32\hal.dll 0x8060D000 \SystemRoot\system32\kdcom.dll 0x80614000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x80684000 \SystemRoot\system32\PSHED.dll 0x80695000 \SystemRoot\system32\BOOTVID.dll 0x8069D000 \SystemRoot\system32\CLFS.SYS 0x806DE000 \SystemRoot\system32\CI.dll 0x8A802000 \SystemRoot\system32\drivers\Wdf01000.sys 0x8A87E000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x8A88B000 \SystemRoot\system32\drivers\acpi.sys 0x8A8D1000 \SystemRoot\system32\drivers\WMILIB.SYS 0x8A8DA000 \SystemRoot\system32\drivers\msisadrv.sys 0x8A8E2000 \SystemRoot\system32\drivers\pci.sys 0x8A909000 \SystemRoot\System32\drivers\partmgr.sys 0x8A918000 \SystemRoot\system32\DRIVERS\compbatt.sys 0x8A91B000 \SystemRoot\system32\DRIVERS\BATTC.SYS 0x8A925000 \SystemRoot\system32\drivers\volmgr.sys 0x8A934000 \SystemRoot\System32\drivers\volmgrx.sys 0x8A97E000 \SystemRoot\system32\drivers\intelide.sys 0x8A985000 \SystemRoot\system32\drivers\PCIIDEX.SYS 0x8A993000 \SystemRoot\System32\drivers\mountmgr.sys 0x8AA0D000 \SystemRoot\system32\DRIVERS\iaStor.sys 0x8AAD4000 \SystemRoot\system32\drivers\atapi.sys 0x8AADC000 \SystemRoot\system32\drivers\ataport.SYS 0x8AAFA000 \SystemRoot\system32\drivers\msahci.sys 0x8AB03000 \SystemRoot\system32\drivers\fltmgr.sys 0x8AB35000 \SystemRoot\system32\drivers\fileinfo.sys 0x8AB45000 \SystemRoot\System32\Drivers\ksecdd.sys 0x8AC09000 \SystemRoot\system32\drivers\ndis.sys 0x8AD14000 \SystemRoot\system32\drivers\msrpc.sys 0x8AD3F000 \SystemRoot\system32\drivers\NETIO.SYS 0x8AE00000 \SystemRoot\System32\drivers\tcpip.sys 0x8AEEA000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x8B009000 \SystemRoot\System32\Drivers\Ntfs.sys 0x8B119000 \SystemRoot\system32\drivers\volsnap.sys 0x8B152000 \SystemRoot\System32\Drivers\spldr.sys 0x8B15A000 \SystemRoot\System32\Drivers\mup.sys 0x8B169000 \SystemRoot\System32\drivers\ecache.sys 0x8B190000 \SystemRoot\system32\drivers\disk.sys 0x8B1A1000 \SystemRoot\system32\drivers\CLASSPNP.SYS 0x8B1C2000 \SystemRoot\system32\drivers\crcdisk.sys 0x8B1CB000 \SystemRoot\system32\drivers\BMLoad.sys 0x8B1DE000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x8B1E9000 \SystemRoot\system32\DRIVERS\tunmp.sys 0x8B1F2000 \SystemRoot\system32\DRIVERS\CmBatt.sys 0x8B1F6000 \SystemRoot\system32\DRIVERS\wmiacpi.sys 0x8AFCC000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x91006000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys 0x91977000 \SystemRoot\system32\DRIVERS\nvBridge.kmd 0x91E0A000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x91EAB000 \SystemRoot\System32\drivers\watchdog.sys 0x91EB7000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0x91EC2000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x91F00000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x91F0F000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x9200F000 \SystemRoot\system32\DRIVERS\NETw5v32.sys 0x92398000 \SystemRoot\system32\DRIVERS\Rtlh86.sys 0x923B4000 \SystemRoot\system32\DRIVERS\ohci1394.sys 0x923C4000 \SystemRoot\system32\DRIVERS\1394BUS.SYS 0x923D2000 \SystemRoot\system32\DRIVERS\sdbus.sys 0x923EC000 \SystemRoot\system32\DRIVERS\rimmptsk.sys 0x91F9C000 \SystemRoot\system32\DRIVERS\rimsptsk.sys 0x91979000 \SystemRoot\system32\DRIVERS\rixdptsk.sys 0x923FB000 \SystemRoot\system32\DRIVERS\HpqRemHid.sys 0x91FB0000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0x92000000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0x91FC0000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0x92007000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys 0x91FD3000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x919CA000 \SystemRoot\system32\DRIVERS\SynTP.sys 0x9200C000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x91FDE000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x8AFDB000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x91FE9000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys 0x8AD7A000 \SystemRoot\system32\DRIVERS\msiscsi.sys 0x8ADA9000 \SystemRoot\system32\DRIVERS\storport.sys 0x91FEF000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x8ABB6000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x8AFF3000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x8ABCD000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x8ADEA000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x8A9A3000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x8A9B7000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x91FFA000 \SystemRoot\system32\DRIVERS\wanatw4.sys 0x8ABF0000 \SystemRoot\system32\DRIVERS\termdd.sys 0x91E00000 \SystemRoot\system32\DRIVERS\seehcri.sys 0x923FD000 \SystemRoot\system32\DRIVERS\swenum.sys 0x8A9CC000 \SystemRoot\system32\DRIVERS\ks.sys 0x807BE000 \SystemRoot\system32\DRIVERS\NWADIenum.sys 0x8AA00000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0x807E9000 \SystemRoot\system32\DRIVERS\umbus.sys 0x92804000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x92839000 \SystemRoot\system32\DRIVERS\sffp_sd.sys 0x92841000 \SystemRoot\system32\DRIVERS\sffdisk.sys 0x9284A000 \SystemRoot\system32\DRIVERS\kbdhid.sys 0x92853000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x92A0E000 \SystemRoot\system32\drivers\RTKVHDA.sys 0x92864000 \SystemRoot\system32\drivers\portcls.sys 0x92891000 \SystemRoot\system32\drivers\drmk.sys 0x928B6000 \SystemRoot\system32\DRIVERS\smserial.sys 0x92BE9000 \SystemRoot\system32\drivers\modem.sys 0x929A7000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS 0x929BC000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x929D3000 \SystemRoot\System32\Drivers\usbvideo.sys 0x92BF6000 \SystemRoot\System32\Drivers\Fs_Rec.SYS 0x92A00000 \SystemRoot\System32\Drivers\Null.SYS 0x92A07000 \SystemRoot\System32\Drivers\Beep.SYS 0x929F4000 \SystemRoot\System32\drivers\vga.sys 0x92E0A000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x92E2B000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x92E33000 \SystemRoot\system32\drivers\rdpencdd.sys 0x92E3B000 \SystemRoot\System32\Drivers\Msfs.SYS 0x92E46000 \SystemRoot\System32\Drivers\Npfs.SYS 0x92E54000 \SystemRoot\System32\DRIVERS\rasacd.sys 0x92E5D000 \SystemRoot\system32\DRIVERS\tdx.sys 0x92E73000 \SystemRoot\System32\Drivers\tcpipBM.SYS 0x92E78000 \SystemRoot\system32\DRIVERS\smb.sys 0x92E8C000 \SystemRoot\System32\DRIVERS\netbt.sys 0x92EBE000 \SystemRoot\system32\drivers\afd.sys 0x92F06000 \SystemRoot\system32\DRIVERS\pacer.sys 0x92F1C000 \SystemRoot\system32\DRIVERS\netbios.sys 0x92F2A000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x92F3D000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x92F79000 \SystemRoot\system32\drivers\nsiproxy.sys 0x92F89000 \SystemRoot\System32\Drivers\dfsc.sys 0x92FA0000 \SystemRoot\System32\Drivers\fastfat.SYS 0x92FC8000 \SystemRoot\System32\Drivers\crashdmp.sys 0x8AF05000 \SystemRoot\System32\Drivers\dump_iaStor.sys 0x946A0000 \SystemRoot\System32\win32k.sys 0x92FD5000 \SystemRoot\System32\drivers\Dxapi.sys 0x92FDF000 \SystemRoot\system32\DRIVERS\monitor.sys 0x948C0000 \SystemRoot\System32\TSDDD.dll 0x948E0000 \SystemRoot\System32\cdd.dll 0x82208000 \SystemRoot\system32\drivers\luafv.sys 0x8222B000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x8223B000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x82265000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x8226F000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x82282000 \SystemRoot\system32\drivers\spsys.sys 0x82332000 \SystemRoot\system32\drivers\HTTP.sys 0x8239F000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x823BC000 \SystemRoot\system32\DRIVERS\bowser.sys 0x823D5000 \SystemRoot\System32\drivers\mpsdrv.sys 0xA0204000 \SystemRoot\system32\drivers\mrxdav.sys 0xA0225000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0xA0244000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0xA027D000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0xA0295000 \SystemRoot\System32\DRIVERS\srv2.sys 0xA02BD000 \SystemRoot\System32\DRIVERS\srv.sys 0xA030B000 \SystemRoot\system32\drivers\peauth.sys 0xA03E9000 \SystemRoot\System32\Drivers\secdrv.SYS 0xA03F3000 \SystemRoot\System32\drivers\tcpipreg.sys 0x823EA000 \SystemRoot\system32\DRIVERS\WUDFRd.sys 0x92FEE000 \SystemRoot\system32\DRIVERS\WUDFPf.sys 0xA2E05000 \??\C:\Program Files\HP\QuickPlay\000.fcl 0xA2E22000 \SystemRoot\system32\DRIVERS\ipnat.sys 0xA2E4A000 \SystemRoot\system32\DRIVERS\cdfs.sys 0xA2E62000 \??\C:\Users\Besitzer\AppData\Local\Temp\fwriikod.sys 0x77A70000 \WINDOWS\System32\ntdll.dll Processes (total 94): 0 System Idle Process 4 System 480 C:\WINDOWS\System32\smss.exe 612 csrss.exe 664 C:\WINDOWS\System32\wininit.exe 676 csrss.exe 708 C:\WINDOWS\System32\services.exe 720 C:\WINDOWS\System32\lsass.exe 732 C:\WINDOWS\System32\lsm.exe 820 C:\WINDOWS\System32\winlogon.exe 916 C:\WINDOWS\System32\svchost.exe 960 C:\WINDOWS\System32\nvvsvc.exe 996 C:\WINDOWS\System32\svchost.exe 1036 C:\WINDOWS\System32\svchost.exe 1088 C:\WINDOWS\System32\svchost.exe 1120 C:\WINDOWS\System32\svchost.exe 1148 C:\WINDOWS\System32\svchost.exe 1212 C:\WINDOWS\System32\audiodg.exe 1232 C:\WINDOWS\System32\svchost.exe 1248 C:\WINDOWS\System32\SLsvc.exe 1360 C:\WINDOWS\System32\svchost.exe 1380 C:\WINDOWS\System32\svchost.exe 1580 C:\WINDOWS\System32\spoolsv.exe 1608 C:\WINDOWS\System32\svchost.exe 1804 C:\Program Files\Common Files\aol\acs\AOLacsd.exe 1816 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1832 C:\Program Files\Bonjour\mDNSResponder.exe 1856 C:\WINDOWS\System32\svchost.exe 1900 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe 124 C:\ElsaWin\bin\LcSvrHis.exe 228 C:\ElsaWin\bin\LcSvrPas.exe 356 C:\ElsaWin\bin\LcSvrSaz.exe 500 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe 660 C:\WINDOWS\System32\IoctlSvc.exe 472 C:\WINDOWS\System32\svchost.exe 1060 C:\Program Files\Hp\QuickPlay\Kernel\TV\QPCapSvc.exe 1616 C:\Program Files\CyberLink\Shared Files\RichVideo.exe 680 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2080 C:\WINDOWS\System32\svchost.exe 2112 C:\ElsaWin\bin\VSGate.exe 2164 C:\WINDOWS\System32\svchost.exe 2192 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE 2236 C:\WINDOWS\System32\SearchIndexer.exe 2284 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe 2344 C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe 2404 C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 2760 C:\WINDOWS\System32\taskeng.exe 2788 WUDFHost.exe 2868 C:\Program Files\Hp\QuickPlay\Kernel\TV\QPSched.exe 2920 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE 3040 C:\WINDOWS\System32\nvvsvc.exe 3208 C:\WINDOWS\System32\alg.exe 3668 C:\WINDOWS\System32\dwm.exe 3696 C:\WINDOWS\System32\taskeng.exe 3724 C:\WINDOWS\explorer.exe 2648 C:\Program Files\Synaptics\SynTP\SynTPStart.exe 2704 C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe 2708 C:\WINDOWS\RtHDVCpl.exe 880 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe 2856 C:\Program Files\Hp\QuickPlay\QPService.exe 836 C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe 1316 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe 1356 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe 2552 C:\Program Files\Common Files\aol\1231093279\ee\aolsoftware.exe 2528 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 2748 C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe 2852 C:\Program Files\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe 3280 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe 1104 C:\WINDOWS\WindowsMobile\wmdc.exe 3108 C:\Program Files\Common Files\Java\Java Update\jusched.exe 3976 C:\WINDOWS\System32\wbem\unsecapp.exe 3908 WmiPrvSE.exe 2232 C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe 2440 C:\WINDOWS\System32\svchost.exe 3052 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe 3304 C:\Program Files\Windows Media Player\wmpnscfg.exe 3128 C:\WINDOWS\System32\mobsync.exe 4224 C:\Program Files\Windows Media Player\wmpnetwk.exe 4336 C:\Program Files\Mozilla Firefox\firefox.exe 4392 C:\Users\Besitzer\AppData\Roaming\T-Mobile Internet Manager\ouc.exe 4952 C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe 4996 C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe 5584 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 6060 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe 3800 C:\WINDOWS\System32\taskeng.exe 4216 C:\WINDOWS\System32\sdclt.exe 3836 C:\WINDOWS\System32\svchost.exe 4156 C:\Users\Besitzer\Downloads\osam_autorun_manager_5_0_portable\osam.exe 2436 C:\WINDOWS\System32\conime.exe 4712 C:\WINDOWS\System32\SearchProtocolHost.exe 5836 C:\WINDOWS\System32\SearchFilterHost.exe 5484 dllhost.exe 2936 dllhost.exe 2676 C:\Users\Besitzer\Downloads\MBRCheck.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS) \\.\D: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS) \\.\E: --> \\.\PhysicalDrive0 at offset 0x00000037`4d611a00 (NTFS) PhysicalDrive0 Model Number: HitachiHTS542525K9SA00, Rev: BBFOC32P PhysicalDrive1 Model Number: HitachiHTS542525K9SA00, Rev: BBFOC32P Size Device Name MBR Status -------------------------------------------- 232 GB \\.\PhysicalDrive0 Unknown MBR code SHA1: D94F393960D1CD66C2071F2D7260A5196DF105AC 232 GB \\.\PhysicalDrive1 Windows XP MBR code detected SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A Found non-standard or infected MBR. Enter 'Y' and hit ENTER for more options, or 'N' to exit: Options: [1] Dump the MBR of a physical disk to file. [2] Restore the MBR of a physical disk with a standard boot code. [3] Exit. Enter your choice: Done! |
GMER wollte nicht? Zitat:
Bevor wir den manuell fixen bitte zuerst mal des TDSS-Tool von Kaspersky drüberlaufen lassen => http://www.trojaner-board.de/82358-t...entfernen.html |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 12:54 Uhr. |
Copyright ©2000-2025, Trojaner-Board