Hive Cluster\49600\Megalomon_swarm

cosinus · 11.06.2011, 01:17

Dann beende das mal. Starte Windows danach neu, lösch die alte cofi.exe, lade CF neu als cofi.exe runter und probier es bitte nochmal.

megalomon · 11.06.2011, 02:15

Und hier Combofix log:

Combofix Logfile:

Code:

ATTFilter

ComboFix 11-06-10.09 - Megalomon 11.06.2011   2:40.2.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4063.2487 [GMT 2:00]
ausgeführt von:: c:\users\Megalomon\Desktop\Cofi.exe
AV: Norton 360 Online *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 Online *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 Online *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Images
c:\users\Megalomon\Documents\mspaint.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-05-11 bis 2011-06-11  ))))))))))))))))))))))))))))))
.
.
2011-06-11 00:48 . 2011-06-11 00:48	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2011-06-11 00:48 . 2011-06-11 00:48	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-06-10 22:29 . 2011-06-10 22:29	--------	d-----w-	C:\Cofi
2011-06-10 16:19 . 2011-06-10 16:19	--------	d-----w-	c:\program files\Microsoft Visual Studio 8
2011-06-09 20:35 . 2011-06-09 20:35	--------	d-----w-	C:\_OTL
2011-06-09 10:46 . 2011-06-09 10:46	--------	d-----w-	c:\users\Megalomon\AppData\Roaming\Malwarebytes
2011-06-09 10:46 . 2011-05-29 07:11	39984	----a-w-	c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-09 10:46 . 2011-06-09 10:46	--------	d-----w-	c:\programdata\Malwarebytes
2011-06-09 10:46 . 2011-06-09 20:40	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2011-06-09 10:46 . 2011-05-29 07:11	25912	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-06-07 17:37 . 2011-06-07 17:37	--------	d-----w-	c:\program files (x86)\Microsoft XNA
2011-06-07 17:14 . 2011-06-07 22:35	--------	d-----w-	c:\program files (x86)\Terraria
2011-06-06 14:44 . 2011-06-06 14:44	--------	d-----w-	c:\program files (x86)\Common Files\EZB Systems
2011-06-06 12:00 . 2011-06-06 14:44	--------	d-----w-	c:\program files (x86)\UltraISO
2011-06-06 11:36 . 2011-06-06 11:36	--------	d-----w-	c:\program files (x86)\Smart Projects
2011-06-06 11:24 . 2011-06-11 00:26	--------	d-----w-	c:\users\Megalomon\AppData\Roaming\Bitcoin
2011-06-06 11:24 . 2011-06-06 11:24	--------	d-----w-	c:\program files (x86)\Bitcoin
2011-06-06 08:45 . 2011-05-20 11:49	34624	----a-w-	c:\windows\system32\TURegOpt.exe
2011-06-06 08:45 . 2011-05-20 11:43	36160	----a-w-	c:\windows\system32\uxtuneup.dll
2011-06-06 08:45 . 2011-05-20 11:43	25920	----a-w-	c:\windows\system32\authuitu.dll
2011-06-06 08:45 . 2011-05-20 11:43	29504	----a-w-	c:\windows\SysWow64\uxtuneup.dll
2011-06-06 08:45 . 2011-05-20 11:43	21312	----a-w-	c:\windows\SysWow64\authuitu.dll
2011-06-06 08:44 . 2011-06-06 08:44	--------	d-----w-	c:\users\Megalomon\AppData\Roaming\TuneUp Software
2011-06-06 08:44 . 2011-06-06 08:45	--------	d-----w-	c:\program files (x86)\TuneUp Utilities 2011
2011-06-06 08:43 . 2011-06-06 08:45	--------	d-----w-	c:\programdata\TuneUp Software
2011-06-06 08:43 . 2011-06-06 08:43	--------	d-sh--w-	c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-06-05 22:30 . 2011-06-10 22:33	--------	d-----w-	c:\programdata\SecTaskMan
2011-06-05 22:30 . 2011-06-05 22:30	--------	d-----w-	c:\program files (x86)\Security Task Manager
2011-06-05 12:24 . 2011-06-05 12:25	--------	d-----w-	c:\program files (x86)\TweakMe!
2011-06-04 13:14 . 2011-06-04 13:14	--------	d-sh--w-	c:\programdata\DSS
2011-06-04 13:12 . 2011-05-19 20:30	446976	----a-w-	c:\program files (x86)\Microsoft Games\Fable III\paul.dll
2011-06-04 13:11 . 2011-06-04 13:11	--------	d-----w-	c:\users\Megalomon\AppData\Roaming\Lionhead Studios
2011-06-04 13:08 . 2011-05-17 19:42	79648	----a-r-	c:\program files (x86)\Microsoft Games\Fable III\UPDATE\setup.exe
2011-06-03 15:24 . 2011-06-03 15:24	--------	d-----w-	c:\program files (x86)\Lionhead Studios Ltd
2011-06-03 15:11 . 2011-06-03 15:18	--------	d-----w-	c:\program files\CCleaner
2011-06-03 12:33 . 2011-06-03 12:33	--------	d-----w-	c:\program files (x86)\Visual Basic 6.0 Runtime&Steuerelemente
2011-06-03 12:32 . 2011-06-03 12:32	290816	------w-	c:\windows\Setup1.exe
2011-06-03 12:32 . 2011-06-03 12:32	74752	----a-w-	c:\windows\ST6UNST.EXE
2011-06-02 17:32 . 2011-06-02 17:32	53248	----a-r-	c:\users\Megalomon\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-06-02 17:32 . 2011-06-02 17:32	--------	d-----w-	c:\users\Megalomon\AppData\Roaming\Leadertech
2011-06-02 17:32 . 2011-06-02 17:32	--------	d-----w-	c:\program files (x86)\Common Files\LogiShrd
2011-06-02 17:32 . 2011-06-02 17:32	18960	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2011-06-02 17:31 . 2011-06-02 17:44	--------	d-----w-	c:\programdata\Logishrd
2011-06-02 17:31 . 2011-06-02 17:31	--------	d-----w-	c:\program files\Logitech
2011-06-02 17:31 . 2011-06-02 17:32	--------	d-----w-	c:\program files\Common Files\Logishrd
2011-06-02 17:21 . 2011-06-02 17:44	--------	d-----w-	c:\users\Megalomon\AppData\Roaming\Logitech
2011-06-02 17:21 . 2011-06-02 17:21	--------	d-----w-	c:\users\Megalomon\AppData\Roaming\Logishrd
2011-06-02 16:44 . 2011-06-02 16:49	--------	d-----w-	c:\users\Megalomon\ThingZ
2011-06-02 14:15 . 2011-06-02 14:15	--------	d-----w-	c:\program files (x86)\XMedia Recode
2011-06-01 23:52 . 2002-07-19 18:27	122350	----a-w-	c:\windows\system32\xbadpcm.acm
2011-06-01 23:37 . 2011-06-01 23:37	--------	d-----w-	c:\program files (x86)\Software4u
2011-05-31 03:36 . 2011-05-31 03:36	--------	d-----w-	c:\program files (x86)\MAGIX
2011-05-31 03:36 . 2011-05-31 03:36	--------	d-----w-	c:\programdata\MAGIX
2011-05-31 03:36 . 2011-05-31 03:36	--------	d-----w-	c:\program files (x86)\Common Files\MAGIX Services
2011-05-30 13:15 . 2009-03-18 15:35	33856	---ha-w-	c:\windows\system32\hamachi.sys
2011-05-30 13:15 . 2011-05-30 13:15	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2011-05-29 19:16 . 2011-05-31 03:37	--------	d-----w-	c:\users\Megalomon\AppData\Roaming\MAGIX
2011-05-29 18:17 . 2001-04-12 16:00	182272	----a-w-	c:\windows\patchw32.dll
2011-05-26 10:49 . 2009-07-14 01:41	99840	----a-w-	c:\windows\system32\Spool\prtprocs\x64\LXKPTPRC.DLL
2011-05-26 09:43 . 2011-04-22 22:15	27520	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2011-05-26 05:18 . 2011-05-26 05:18	466456	----a-w-	c:\windows\system32\wrap_oal.dll
2011-05-26 05:18 . 2011-05-26 05:18	444952	----a-w-	c:\windows\SysWow64\wrap_oal.dll
2011-05-26 05:18 . 2011-05-26 05:18	122904	----a-w-	c:\windows\system32\OpenAL32.dll
2011-05-26 05:18 . 2011-05-26 05:18	109080	----a-w-	c:\windows\SysWow64\OpenAL32.dll
2011-05-26 05:18 . 2011-05-26 05:18	--------	d-----w-	c:\program files (x86)\OpenAL
2011-05-26 05:16 . 2011-05-26 05:18	--------	d-----w-	c:\program files (x86)\Penumbra Overture
2011-05-25 15:22 . 2011-05-25 20:19	--------	d-----w-	c:\users\Megalomon\.revenge_of_the_titans_1.80
2011-05-25 15:22 . 2011-05-25 15:22	--------	d-----w-	c:\program files (x86)\Revenge Of The Titans HIB
2011-05-25 14:34 . 2009-10-27 17:31	3982240	----a-w-	c:\windows\SysWow64\Flash10d.ocx
2011-05-25 14:34 . 2011-05-25 14:34	--------	d-----w-	c:\program files (x86)\StreamTransport
2011-05-25 10:22 . 2011-05-25 10:22	--------	d-----w-	c:\program files (x86)\Data Realms
2011-05-25 07:47 . 2011-05-25 07:47	--------	d-----w-	c:\users\Public\CyberLink
2011-05-25 07:47 . 2011-05-25 07:47	--------	d-----w-	c:\users\Megalomon\AppData\Roaming\CyberLink
2011-05-25 06:34 . 2011-05-25 06:35	--------	d-----w-	c:\users\Megalomon\AppData\Roaming\Teeworlds
2011-05-24 10:23 . 2011-05-24 10:23	--------	d-----w-	c:\program files (x86)\TeamViewer
2011-05-24 10:18 . 2011-05-24 10:18	--------	d-----w-	c:\users\Megalomon\AppData\Roaming\TeamViewer
2011-05-24 09:36 . 2011-05-24 10:52	--------	d-----w-	c:\users\Megalomon\AppData\Local\Temporary Projects
2011-05-23 13:56 . 2011-05-23 13:56	--------	d-----w-	c:\program files (x86)\EA
2011-05-23 13:54 . 2011-05-23 13:54	--------	d-----w-	c:\windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2011-05-22 16:40 . 2011-05-22 16:40	--------	d-----w-	C:\Sierra
2011-05-19 17:39 . 2011-05-19 17:39	--------	d-----w-	c:\programdata\NexonEU
2011-05-19 06:28 . 2011-06-10 13:31	--------	d-----w-	C:\Downloads
2011-05-18 14:05 . 2011-05-18 14:06	--------	d-----w-	c:\windows\msdownld.tmp
2011-05-18 14:05 . 2011-05-18 14:34	--------	d-----w-	c:\program files (x86)\N8
2011-05-16 12:59 . 2011-04-09 06:58	142336	----a-w-	c:\windows\system32\poqexec.exe
2011-05-16 12:59 . 2011-04-09 05:56	123904	----a-w-	c:\windows\SysWow64\poqexec.exe
2011-05-15 20:41 . 2011-05-15 20:41	--------	d-----w-	c:\programdata\CanonBJ
2011-05-15 20:41 . 2009-07-14 01:40	84992	----a-w-	c:\windows\system32\Spool\prtprocs\x64\CNBPP4.DLL
2011-05-15 02:18 . 2011-05-15 02:18	--------	d-----w-	c:\program files (x86)\Croteam
2011-05-13 06:09 . 2011-05-15 21:02	--------	d-----w-	c:\users\Megalomon\AppData\Local\ElevatedDiagnostics
2011-05-12 10:24 . 2011-04-09 07:02	5562240	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-05-12 10:24 . 2011-04-09 06:02	3967872	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2011-05-12 10:24 . 2011-04-09 06:02	3912576	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2011-05-12 10:24 . 2011-03-25 03:29	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2011-05-12 10:24 . 2011-03-25 03:29	98816	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2011-05-12 10:24 . 2011-03-25 03:29	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2011-05-12 10:24 . 2011-03-25 03:29	52736	----a-w-	c:\windows\system32\drivers\usbehci.sys
2011-05-12 10:24 . 2011-03-25 03:29	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2011-05-12 10:24 . 2011-03-25 03:28	7936	----a-w-	c:\windows\system32\drivers\usbd.sys
2011-05-12 08:49 . 2011-06-07 17:30	--------	d-----w-	c:\users\Megalomon\AppData\Local\CrashDumps
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-19 13:17 . 2011-05-01 07:24	235	----a-w-	c:\windows\SysWow64\nxEuUninstall.bat
2011-05-19 13:17 . 2011-05-01 07:24	446464	----a-w-	c:\windows\NEXON_EU_DownloaderUpdater.exe
2011-05-12 07:15 . 2011-04-30 09:45	174200	----a-w-	c:\windows\system32\drivers\SYMEVENT64x86.SYS
2011-05-06 19:50 . 2009-08-18 10:49	564632	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-05-06 19:50 . 2009-08-18 09:24	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-30 10:00 . 2011-04-30 10:01	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-04-30 03:39 . 2011-04-30 03:39	91648	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2011-04-30 03:39 . 2011-04-30 03:39	89088	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2011-04-30 03:39 . 2011-04-30 03:39	86528	----a-w-	c:\windows\SysWow64\iesysprep.dll
2011-04-30 03:39 . 2011-04-30 03:39	85504	----a-w-	c:\windows\system32\iesetup.dll
2011-04-30 03:39 . 2011-04-30 03:39	76800	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2011-04-30 03:39 . 2011-04-30 03:39	76800	----a-w-	c:\windows\system32\tdc.ocx
2011-04-30 03:39 . 2011-04-30 03:39	74752	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-04-30 03:39 . 2011-04-30 03:39	74752	----a-w-	c:\windows\SysWow64\iesetup.dll
2011-04-30 03:39 . 2011-04-30 03:39	63488	----a-w-	c:\windows\SysWow64\tdc.ocx
2011-04-30 03:39 . 2011-04-30 03:39	603648	----a-w-	c:\windows\system32\vbscript.dll
2011-04-30 03:39 . 2011-04-30 03:39	49664	----a-w-	c:\windows\system32\imgutil.dll
2011-04-30 03:39 . 2011-04-30 03:39	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2011-04-30 03:39 . 2011-04-30 03:39	48640	----a-w-	c:\windows\system32\mshtmler.dll
2011-04-30 03:39 . 2011-04-30 03:39	448512	----a-w-	c:\windows\system32\html.iec
2011-04-30 03:39 . 2011-04-30 03:39	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2011-04-30 03:39 . 2011-04-30 03:39	367104	----a-w-	c:\windows\SysWow64\html.iec
2011-04-30 03:39 . 2011-04-30 03:39	35840	----a-w-	c:\windows\SysWow64\imgutil.dll
2011-04-30 03:39 . 2011-04-30 03:39	30720	----a-w-	c:\windows\system32\licmgr10.dll
2011-04-30 03:39 . 2011-04-30 03:39	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2011-04-30 03:39 . 2011-04-30 03:39	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2011-04-30 03:39 . 2011-04-30 03:39	23552	----a-w-	c:\windows\SysWow64\licmgr10.dll
2011-04-30 03:39 . 2011-04-30 03:39	2303488	----a-w-	c:\windows\system32\jscript9.dll
2011-04-30 03:39 . 2011-04-30 03:39	222208	----a-w-	c:\windows\system32\msls31.dll
2011-04-30 03:39 . 2011-04-30 03:39	1797632	----a-w-	c:\windows\SysWow64\jscript9.dll
2011-04-30 03:39 . 2011-04-30 03:39	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2011-04-30 03:39 . 2011-04-30 03:39	165888	----a-w-	c:\windows\system32\iexpress.exe
2011-04-30 03:39 . 2011-04-30 03:39	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2011-04-30 03:39 . 2011-04-30 03:39	160256	----a-w-	c:\windows\system32\wextract.exe
2011-04-30 03:39 . 2011-04-30 03:39	152064	----a-w-	c:\windows\SysWow64\wextract.exe
2011-04-30 03:39 . 2011-04-30 03:39	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2011-04-30 03:39 . 2011-04-30 03:39	1492992	----a-w-	c:\windows\system32\inetcpl.cpl
2011-04-30 03:39 . 2011-04-30 03:39	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2011-04-30 03:39 . 2011-04-30 03:39	1427456	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2011-04-30 03:39 . 2011-04-30 03:39	1389056	----a-w-	c:\windows\system32\wininet.dll
2011-04-30 03:39 . 2011-04-30 03:39	135168	----a-w-	c:\windows\system32\IEAdvpack.dll
2011-04-30 03:39 . 2011-04-30 03:39	12288	----a-w-	c:\windows\system32\mshta.exe
2011-04-30 03:39 . 2011-04-30 03:39	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2011-04-30 03:39 . 2011-04-30 03:39	114176	----a-w-	c:\windows\system32\admparse.dll
2011-04-30 03:39 . 2011-04-30 03:39	1126912	----a-w-	c:\windows\SysWow64\wininet.dll
2011-04-30 03:39 . 2011-04-30 03:39	111616	----a-w-	c:\windows\system32\iesysprep.dll
2011-04-30 03:39 . 2011-04-30 03:39	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2011-04-30 03:39 . 2011-04-30 03:39	101888	----a-w-	c:\windows\SysWow64\admparse.dll
2011-04-30 03:07 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2011-04-30 03:07 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2011-04-30 01:37 . 2009-11-07 20:54	588472	----a-w-	c:\windows\SysWow64\ezsvc7x.dll
2011-04-18 07:15 . 2011-04-30 02:00	8802128	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0804166-B8DE-46CB-A80C-C36F9FC4C858}\mpengine.dll
2011-04-09 16:55 . 2011-04-09 16:55	15453336	----a-w-	c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55	13642904	----a-w-	c:\windows\SysWow64\xlivefnt.dll
2011-04-08 05:14 . 2011-04-30 09:31	8411752	----a-w-	c:\windows\system32\nvwgf2umx.dll
2011-04-08 05:14 . 2011-04-30 09:31	6974056	----a-w-	c:\windows\system32\nvcuda.dll
2011-04-08 05:14 . 2011-04-30 09:31	67176	----a-w-	c:\windows\system32\OpenCL.dll
2011-04-08 05:14 . 2011-04-30 09:31	6299752	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2011-04-08 05:14 . 2011-04-30 09:31	57960	----a-w-	c:\windows\SysWow64\OpenCL.dll
2011-04-08 05:14 . 2011-04-30 09:31	5183080	----a-w-	c:\windows\SysWow64\nvcuda.dll
2011-04-08 05:14 . 2011-04-30 09:31	2893416	----a-w-	c:\windows\system32\nvcuvid.dll
2011-04-08 05:14 . 2011-04-30 09:31	2765928	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2011-04-08 05:14 . 2011-04-30 09:31	2273896	----a-w-	c:\windows\system32\nvapi64.dll
2011-04-08 05:14 . 2011-04-30 09:31	2204264	----a-w-	c:\windows\system32\nvcuvenc.dll
2011-04-08 05:14 . 2011-04-30 09:31	2074216	----a-w-	c:\windows\SysWow64\nvcuvenc.dll
2011-04-08 05:14 . 2011-04-30 09:31	20700264	----a-w-	c:\windows\system32\nvoglv64.dll
2011-04-08 05:14 . 2011-04-30 09:31	2034280	----a-w-	c:\windows\SysWow64\nvapi.dll
2011-04-08 05:14 . 2011-04-30 09:31	18578536	----a-w-	c:\windows\system32\nvcompiler.dll
2011-04-08 05:14 . 2011-04-30 09:31	1619048	----a-w-	c:\windows\system32\nvdispco6420140.dll
2011-04-08 05:14 . 2011-04-30 09:31	15227496	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2011-04-08 05:14 . 2011-04-30 09:31	1404008	----a-w-	c:\windows\system32\nvgenco642060.dll
2011-04-08 05:14 . 2011-04-30 09:31	13262184	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2011-04-08 05:14 . 2011-04-30 09:31	13007464	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2011-04-08 05:14 . 2011-04-30 09:31	12934248	----a-w-	c:\windows\system32\nvd3dumx.dll
2011-04-08 05:14 . 2011-04-30 09:31	10071656	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2011-04-07 21:19 . 2011-04-07 21:19	61032	----a-w-	c:\windows\system32\nvshext.dll
2011-04-07 21:19 . 2011-04-07 21:19	318056	----a-w-	c:\windows\system32\nvhotkey.dll
2011-04-07 21:19 . 2011-04-07 21:19	2582120	----a-w-	c:\windows\system32\nvsvcr.dll
2011-04-07 21:19 . 2011-04-07 21:19	117864	----a-w-	c:\windows\system32\nvmctray.dll
2011-04-07 21:19 . 2011-04-07 21:19	1012328	----a-w-	c:\windows\system32\nvvsvc.exe
2011-04-07 21:19 . 2011-04-07 21:19	797288	----a-w-	c:\windows\system32\easyUpdatusAPIU64.dll
2011-04-07 21:19 . 2011-04-07 21:19	6338152	----a-w-	c:\windows\system32\nvcpl.dll
2011-04-07 21:18 . 2011-04-07 21:18	3041384	----a-w-	c:\windows\system32\nvsvc64.dll
2011-04-06 14:26 . 2011-04-06 14:26	96544	----a-w-	c:\windows\system32\dnssd.dll
2011-04-06 14:26 . 2011-04-06 14:26	69408	----a-w-	c:\windows\system32\jdns_sd.dll
2011-04-06 14:26 . 2011-04-06 14:26	237856	----a-w-	c:\windows\system32\dnssdX.dll
2011-04-06 14:26 . 2011-04-06 14:26	119584	----a-w-	c:\windows\system32\dns-sd.exe
2011-04-06 14:20 . 2011-04-06 14:20	91424	----a-w-	c:\windows\SysWow64\dnssd.dll
2011-04-06 14:20 . 2011-04-06 14:20	75040	----a-w-	c:\windows\SysWow64\jdns_sd.dll
2011-04-06 14:20 . 2011-04-06 14:20	197920	----a-w-	c:\windows\SysWow64\dnssdX.dll
2011-04-06 14:20 . 2011-04-06 14:20	107808	----a-w-	c:\windows\SysWow64\dns-sd.exe
2011-03-31 03:00 . 2011-05-10 06:36	744568	----a-w-	c:\windows\system32\drivers\N360x64\0501000.01D\srtsp64.sys
2011-03-31 03:00 . 2011-05-10 06:36	40568	----a-w-	c:\windows\system32\drivers\N360x64\0501000.01D\srtspx64.sys
2011-03-22 00:39 . 2011-05-10 06:36	382584	----a-w-	c:\windows\system32\drivers\N360x64\0501000.01D\symnets.sys
2011-03-15 02:31 . 2011-05-10 06:36	912504	----a-w-	c:\windows\system32\drivers\N360x64\0501000.01D\symefa64.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2011-03-28 843072]
"iTeleportConnect"="c:\program files (x86)\iTeleport\iTeleport Connect\iTeleportConnect.exe" [2011-04-11 1989120]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 89600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-14 421160]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"iTeleportService"="c:\program files (x86)\iTeleport\iTeleport Connect\iTeleportService.exe" [2011-04-11 20480]
.
c:\users\Megalomon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
BatteryBar.lnk - c:\program files\BatteryBar\BatteryBar.exe [N/A]
Bitcoin.lnk - c:\program files (x86)\Bitcoin\bitcoin.exe [2011-4-27 7490048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"LogMeIn Hamachi Ui"=-"c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 DAUpdaterSvc;Dragon Age: Origins - Inhaltsupdater;c:\program files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
R3 NETw1v64;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw1v64.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20110519.002\BHDrvx64.sys [2011-05-19 1143416]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20110604.001\IDSvia64.sys [2011-06-03 488056]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0501000.01D\SYMNETS.SYS [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2010-10-18 20549]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 2275720]
S2 iTeleportService;iTeleportService;c:\program files (x86)\iTeleport\iTeleport Connect\iTeleportService.exe [2011-04-11 20480]
S2 N360;Norton 360;c:\program files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe [2011-04-17 130008]
S2 NetBalancer Windows Service;NetBalancer Windows Service;c:\program files\NetBalancer\SeriousBit.NetBalancer.Service.exe [2010-11-22 10240]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-04-15 2280312]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-05-20 2026304]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-05-10 136824]
S3 Nbdrv;NetBalancer Service;c:\windows\system32\DRIVERS\nbdrv.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-04-26 11856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 11:24	451872	----a-w-	c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2011-06-09 c:\windows\Tasks\HPCeeScheduleForMegalomon.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 03:22]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-05-13 487424]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Megalomon\AppData\Roaming\Mozilla\Firefox\Profiles\vem6yn1k.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-QlbCtrl.exe - -c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\5.1.0.29\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\xampp\mysql\bin\mysqld.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\TeamViewer\Version6\TeamViewer.exe
c:\program files\NORTON 360\ENGINE\5.1.0.29\cltLMH.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-06-11  03:06:25 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-06-11 01:06
.
Vor Suchlauf: 27 Verzeichnis(se), 108.097.830.912 Bytes frei
Nach Suchlauf: 33 Verzeichnis(se), 107.947.724.800 Bytes frei
.
- - End Of File - - 009DB80BEF683B6FF28E1A447236829A

--- --- ---
Ich bin grad etwas verwirrt, wieso wurde mspaint und der images ordner gelöscht?

cosinus · 11.06.2011, 16:45

Downloade Dir bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.

Doppelklick auf die MBRCheck.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Das Tool braucht nur wenige Sekunden.
Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.

Poste mir bitte den Inhalt des .txt Dokumentes

megalomon · 11.06.2011, 18:47

Scan lief ohne Probleme.

Zitat:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: Compaq Presario CQ71 Notebook PC
Logical Drives Mask: 0x000000fc

Kernel Drivers (total 212):
0x02C15000 \SystemRoot\system32\ntoskrnl.exe
0x031FE000 \SystemRoot\system32\hal.dll
0x00BB2000 \SystemRoot\system32\kdcom.dll
0x00C34000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00C83000 \SystemRoot\system32\PSHED.dll
0x00C97000 \SystemRoot\system32\CLFS.SYS
0x00CF5000 \SystemRoot\system32\CI.dll
0x00E01000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00EA5000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x01018000 \SystemRoot\System32\Drivers\sptd.sys
0x0117A000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x01183000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x00EB4000 \SystemRoot\system32\drivers\ACPI.sys
0x011B2000 \SystemRoot\system32\drivers\msisadrv.sys
0x011BC000 \SystemRoot\system32\drivers\vdrvroot.sys
0x011C9000 \SystemRoot\system32\drivers\pci.sys
0x01000000 \SystemRoot\system32\drivers\isapnp.sys
0x00F0B000 \SystemRoot\system32\drivers\mpio.sys
0x00F35000 \SystemRoot\System32\drivers\partmgr.sys
0x01009000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00F4A000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00F56000 \SystemRoot\system32\drivers\volmgr.sys
0x00F6B000 \SystemRoot\System32\drivers\volmgrx.sys
0x00FC7000 \SystemRoot\system32\drivers\intelide.sys
0x00FCF000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00FDF000 \SystemRoot\system32\drivers\aliide.sys
0x00FE6000 \SystemRoot\system32\drivers\amdide.sys
0x00FED000 \SystemRoot\system32\drivers\cmdide.sys
0x00DB5000 \SystemRoot\System32\drivers\mountmgr.sys
0x00DCF000 \SystemRoot\system32\drivers\msdsm.sys
0x00C00000 \SystemRoot\system32\drivers\nvraid.sys
0x012BF000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x012EF000 \SystemRoot\system32\drivers\pciide.sys
0x012F6000 \SystemRoot\system32\drivers\viaide.sys
0x01434000 \SystemRoot\system32\drivers\iaStorV.sys
0x01552000 \SystemRoot\system32\drivers\atapi.sys
0x0155B000 \SystemRoot\system32\drivers\ataport.SYS
0x01585000 \SystemRoot\system32\DRIVERS\lsi_sas.sys
0x012FE000 \SystemRoot\system32\DRIVERS\storport.sys
0x015A2000 \SystemRoot\system32\drivers\msahci.sys
0x015AD000 \SystemRoot\system32\drivers\HpSAMD.sys
0x01361000 \SystemRoot\system32\DRIVERS\adp94xx.sys
0x01200000 \SystemRoot\system32\DRIVERS\adpahci.sys
0x015C4000 \SystemRoot\system32\DRIVERS\adpu320.sys
0x01400000 \SystemRoot\system32\drivers\amdsata.sys
0x01256000 \SystemRoot\system32\DRIVERS\amdsbs.sys
0x0141E000 \SystemRoot\system32\drivers\amdxata.sys
0x0129D000 \SystemRoot\system32\DRIVERS\arc.sys
0x013DC000 \SystemRoot\system32\DRIVERS\arcsas.sys
0x01634000 \SystemRoot\system32\DRIVERS\elxstor.sys
0x016BB000 \SystemRoot\system32\DRIVERS\iirsp.sys
0x016CC000 \SystemRoot\system32\DRIVERS\lsi_fc.sys
0x016EB000 \SystemRoot\system32\DRIVERS\lsi_sas2.sys
0x016FE000 \SystemRoot\system32\DRIVERS\lsi_scsi.sys
0x0171D000 \SystemRoot\system32\DRIVERS\megasas.sys
0x01729000 \SystemRoot\system32\DRIVERS\MegaSR.sys
0x017CD000 \SystemRoot\system32\DRIVERS\nfrd960.sys
0x01600000 \SystemRoot\system32\drivers\nvstor.sys
0x0180C000 \SystemRoot\system32\DRIVERS\ql2300.sys
0x01ABA000 \SystemRoot\system32\DRIVERS\ql40xx.sys
0x01B19000 \SystemRoot\system32\DRIVERS\SiSRaid2.sys
0x01B27000 \SystemRoot\system32\DRIVERS\sisraid4.sys
0x01B3F000 \SystemRoot\system32\DRIVERS\stexstor.sys
0x01B49000 \SystemRoot\system32\DRIVERS\vsmraid.sys
0x01B73000 \SystemRoot\system32\drivers\fltmgr.sys
0x01A00000 \SystemRoot\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS
0x01A71000 \SystemRoot\system32\drivers\fileinfo.sys
0x01C6D000 \SystemRoot\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS
0x01E1A000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01D51000 \SystemRoot\System32\Drivers\msrpc.sys
0x01FBD000 \SystemRoot\System32\Drivers\ksecdd.sys
0x02085000 \SystemRoot\System32\Drivers\cng.sys
0x020F7000 \SystemRoot\System32\drivers\pcw.sys
0x02108000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x022A5000 \SystemRoot\system32\drivers\ndis.sys
0x02398000 \SystemRoot\system32\drivers\NETIO.SYS
0x02200000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x02470000 \SystemRoot\System32\drivers\tcpip.sys
0x02674000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x026BE000 \SystemRoot\system32\DRIVERS\wd.sys
0x026C6000 \SystemRoot\system32\drivers\volsnap.sys
0x02712000 \SystemRoot\System32\Drivers\spldr.sys
0x0271A000 \SystemRoot\system32\drivers\sbp2port.sys
0x02737000 \SystemRoot\System32\drivers\rdyboost.sys
0x02771000 \SystemRoot\System32\Drivers\mup.sys
0x02783000 \SystemRoot\System32\drivers\hwpolicy.sys
0x0278C000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x027C6000 \SystemRoot\system32\DRIVERS\disk.sys
0x0241E000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x02448000 \SystemRoot\System32\Drivers\Null.SYS
0x02451000 \SystemRoot\System32\Drivers\Beep.SYS
0x02458000 \SystemRoot\System32\drivers\vga.sys
0x0222B000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x02250000 \SystemRoot\System32\drivers\watchdog.sys
0x02466000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x027F6000 \SystemRoot\system32\drivers\rdpencdd.sys
0x02260000 \SystemRoot\system32\drivers\rdprefmp.sys
0x02269000 \SystemRoot\System32\Drivers\Msfs.SYS
0x02274000 \SystemRoot\System32\Drivers\Npfs.SYS
0x02112000 \SystemRoot\system32\DRIVERS\tdx.sys
0x02285000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x02134000 \SystemRoot\system32\drivers\afd.sys
0x02000000 \SystemRoot\System32\DRIVERS\netbt.sys
0x02292000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x02045000 \SystemRoot\system32\DRIVERS\pacer.sys
0x0206B000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x021BD000 \SystemRoot\system32\DRIVERS\netbios.sys
0x021CC000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x021E7000 \SystemRoot\system32\drivers\termdd.sys
0x01C00000 \SystemRoot\System32\Drivers\N360x64\0501000.01D\SYMNETS.SYS
0x01DAF000 \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
0x01A85000 \SystemRoot\system32\drivers\N360x64\0501000.01D\Ironx64.SYS
0x01FD8000 \SystemRoot\system32\drivers\N360x64\0501000.01D\SRTSPX64.SYS
0x03A3A000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x03A8B000 \SystemRoot\system32\drivers\nsiproxy.sys
0x03A97000 \SystemRoot\system32\drivers\mssmbios.sys
0x03AA2000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20110604.001\IDSvia64.sys
0x03B1F000 \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
0x03B98000 \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
0x03BBE000 \SystemRoot\System32\drivers\discache.sys
0x03BCD000 \SystemRoot\System32\Drivers\dfsc.sys
0x03BEB000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x04C35000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20110519.002\BHDrvx64.sys
0x04D51000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x04D77000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x04D8D000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x0FE24000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x10AC9000 \SystemRoot\System32\Drivers\nvBridge.kmd
0x10ACB000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x04D92000 \SystemRoot\System32\drivers\dxgmms1.sys
0x10BBF000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x04A20000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x04A76000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x04A87000 \SystemRoot\system32\drivers\HDAudBus.sys
0x05635000 \SystemRoot\system32\DRIVERS\NETw5s64.sys
0x05D94000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x05DA1000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x05DD3000 \SystemRoot\system32\drivers\i8042prt.sys
0x05DF1000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
0x05600000 \SystemRoot\system32\drivers\kbdclass.sys
0x04AAB000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x0560F000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x05611000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x05620000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x04AFE000 \SystemRoot\System32\Drivers\agv7qvgm.SYS
0x04B46000 \SystemRoot\system32\drivers\wmiacpi.sys
0x04B4F000 \SystemRoot\system32\drivers\CompositeBus.sys
0x04B5F000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x04B75000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x04B99000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x04BA5000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x04BD4000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x10BCC000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04A00000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x04BEF000 \SystemRoot\system32\DRIVERS\hamachi.sys
0x10BED000 \SystemRoot\system32\DRIVERS\nbdrv.sys
0x0562D000 \SystemRoot\system32\drivers\swenum.sys
0x019B0000 \SystemRoot\system32\drivers\ks.sys
0x0FE00000 \SystemRoot\system32\drivers\umbus.sys
0x0505C000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x050B6000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x050CB000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x0514A000 \SystemRoot\system32\DRIVERS\portcls.sys
0x05187000 \SystemRoot\system32\DRIVERS\drmk.sys
0x051A9000 \SystemRoot\system32\drivers\ksthunk.sys
0x051AF000 \SystemRoot\system32\drivers\nvhda64v.sys
0x051DC000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x05000000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x0500E000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x05027000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x05030000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0x05045000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x04DD8000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0x04C00000 \SystemRoot\System32\Drivers\usbvideo.sys
0x0FE12000 \SystemRoot\System32\Drivers\crashdmp.sys
0x04DEC000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x03A00000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x03A0B000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x00080000 \SystemRoot\System32\win32k.sys
0x03A1E000 \SystemRoot\System32\drivers\Dxapi.sys
0x03A2A000 \SystemRoot\system32\DRIVERS\monitor.sys
0x005C0000 \SystemRoot\System32\TSDDD.dll
0x006D0000 \SystemRoot\System32\cdd.dll
0x00840000 \SystemRoot\System32\ATMFD.DLL
0x01BBF000 \SystemRoot\system32\drivers\luafv.sys
0x017DD000 \SystemRoot\system32\drivers\WudfPf.sys
0x02400000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x07C8A000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x07CDD000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x07CF0000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x07D08000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x07D12000 \SystemRoot\system32\drivers\HTTP.sys
0x07DDB000 \SystemRoot\system32\DRIVERS\bowser.sys
0x07C00000 \SystemRoot\System32\drivers\mpsdrv.sys
0x07C18000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0807A000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x080C7000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x080EB000 \SystemRoot\system32\drivers\peauth.sys
0x08191000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0819C000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x081CD000 \SystemRoot\System32\drivers\tcpipreg.sys
0x08000000 \SystemRoot\System32\DRIVERS\srv2.sys
0x09846000 \SystemRoot\System32\DRIVERS\srv.sys
0x098DE000 \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
0x09957000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x0D0E3000 \SystemRoot\System32\Drivers\N360x64\0501000.01D\SRTSP64.SYS
0x0D40E000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110610.033\EX64.SYS
0x0D020000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110610.033\ENG64.SYS
0x77100000 \Windows\System32\ntdll.dll
0x47610000 \Windows\System32\smss.exe
0xFF420000 \Windows\System32\apisetschema.dll
0xFFE60000 \Windows\System32\autochk.exe

Processes (total 96):
0 System Idle Process
4 System
296 C:\Windows\System32\smss.exe
396 csrss.exe
456 C:\Windows\System32\wininit.exe
472 csrss.exe
516 C:\Windows\System32\services.exe
524 C:\Windows\System32\lsass.exe
536 C:\Windows\System32\lsm.exe
568 C:\Windows\System32\winlogon.exe
680 C:\Windows\System32\svchost.exe
744 C:\Windows\System32\nvvsvc.exe
784 C:\Windows\System32\svchost.exe
876 C:\Windows\System32\svchost.exe
920 C:\Windows\System32\svchost.exe
948 C:\Windows\System32\svchost.exe
1008 C:\Program Files\IDT\WDM\stacsv64.exe
768 C:\Windows\System32\svchost.exe
1132 C:\Windows\System32\svchost.exe
1360 C:\Windows\System32\spoolsv.exe
1408 C:\Windows\System32\svchost.exe
1468 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
1480 C:\Windows\System32\nvvsvc.exe
1592 C:\Program Files\IDT\WDM\AESTSr64.exe
1616 C:\xampp\apache\bin\httpd.exe
1700 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1768 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
1832 C:\Windows\SysWOW64\svchost.exe
1856 C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
1888 C:\Windows\System32\svchost.exe
1916 C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
1972 C:\Program Files (x86)\iTeleport\iTeleport Connect\iTeleportService.exe
1092 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
1216 C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
1492 C:\xampp\mysql\bin\mysqld.exe
1708 C:\Program Files\Norton 360\Engine\5.1.0.29\ccsvchst.exe
1544 C:\xampp\apache\bin\httpd.exe
1744 C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
2760 C:\Windows\System32\taskhost.exe
3204 C:\Program Files\Norton 360\Engine\5.1.0.29\ccsvchst.exe
3552 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
3584 C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
3612 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
3716 C:\Windows\System32\dwm.exe
3732 C:\Windows\System32\svchost.exe
3780 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
3820 C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
3912 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
4028 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
4368 C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
4504 C:\Windows\System32\SearchIndexer.exe
4588 C:\Windows\System32\rundll32.exe
4756 C:\Windows\System32\svchost.exe
4944 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
5004 C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
5024 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
5096 C:\Program Files\IDT\WDM\sttray64.exe
5104 C:\Program Files\Logitech\SetPointP\SetPoint.exe
4788 C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
4300 C:\Program Files (x86)\iTeleport\iTeleport Connect\iTeleportConnect.exe
5124 C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
5140 C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
5352 C:\Program Files\iTunes\iTunesHelper.exe
5388 C:\PROGRA~2\Bitcoin\bitcoin.exe
5492 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
5536 WmiPrvSE.exe
5756 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
5816 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
6008 C:\Program Files\Windows Media Player\wmpnetwk.exe
4452 C:\Windows\System32\svchost.exe
5416 C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
5752 C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
6000 C:\Program Files\iPod\bin\iPodService.exe
6556 dllhost.exe
6636 C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
1328 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
3888 C:\Windows\explorer.exe
304 C:\Program Files (x86)\Skype\Phone\Skype.exe
5484 C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
7008 C:\Program Files (x86)\Java\jre6\bin\javaw.exe
3724 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
4856 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
7152 C:\Windows\System32\audiodg.exe
4156 C:\Windows\explorer.exe
1676 C:\Windows\System32\wuauclt.exe
3984 C:\Program Files\iTunes\iTunes.exe
332 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
5172 C:\Windows\System32\conhost.exe
1668 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
872 C:\Windows\System32\conhost.exe
6072 WmiPrvSE.exe
4876 C:\Windows\System32\SearchProtocolHost.exe
5324 C:\Windows\System32\SearchFilterHost.exe
3040 C:\Users\Megalomon\Desktop\MBRCheck.exe
3692 C:\Windows\System32\conhost.exe
4260 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000047`55000000 (NTFS)

PhysicalDrive0 Model Number: WDCWD3200BEVT-60ZCT1, Rev: 13.01A13

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 33E8A4DBD7DAAA8B1CAFF75E7D4B8B3F02B4A20E

Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

cosinus · 11.06.2011, 19:25

Wir sollten den MBR manuell fixen. Sichere für den Fall der Fälle alle wichtigen Daten.

Hast Du noch andere Betriebssysteme außer Win7 (64-Bit) installiert?
Wenn nicht: Schau mal hier => RescueDisc-Win7-64-Bit

Lad das iso runter, brenn es zB mit ImgBurn per Imagebrennfunktion auf eine CD und starte damit den Rechner (von dieser CD booten)

Falls Du eine normale Win7-Installations-DVD (64-Bit) hast, brauchst Du das o.g. Image nicht sondern kannst einfach von der dieser DVD booten.

Klick auf Computerreparaturoptionen, weiter, Eingabeaufforderung - die Konsole öffnet sich. Da bitte bootrec.exe /fixboot eintippen (mit enter bestätigen), dann bootrec.exe /fixmbr eintippen (mit enter bestätigen) - Rechner neustarten, CD vorher rausnehmen. Erstell danach wieder neue Logs mit MBRCheck und wenn es geht GMER.

megalomon · 11.06.2011, 20:24

Ich hätte sone DVD-Sammlung von HP zu der ich aufgefordert wurde diese zu brennen nachdem ich das Laptop das erste mal in betrieb genommen habe. Es sind 4 DVD's. Sind wohl dafür da, falls die recovery-partition nen schaden hat.
Könnte einen von denen auch gehen?

cosinus · 11.06.2011, 20:52

Nein, nimm lieber die ISO und brenn es.

megalomon · 11.06.2011, 23:30

Beides Problemlos verlaufen:

MBRCheck:

Zitat:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: Compaq Presario CQ71 Notebook PC
Logical Drives Mask: 0x000000fc

Kernel Drivers (total 249):
0x02C13000 \SystemRoot\system32\ntoskrnl.exe
0x031FC000 \SystemRoot\system32\hal.dll
0x00B9F000 \SystemRoot\system32\kdcom.dll
0x00C78000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CC7000 \SystemRoot\system32\PSHED.dll
0x00CDB000 \SystemRoot\system32\CLFS.SYS
0x00D39000 \SystemRoot\system32\CI.dll
0x00E66000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F0A000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x0108D000 \SystemRoot\System32\Drivers\sptd.sys
0x011EF000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x01000000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x0102F000 \SystemRoot\system32\drivers\ACPI.sys
0x00F19000 \SystemRoot\system32\drivers\msisadrv.sys
0x00F23000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00F30000 \SystemRoot\system32\drivers\pci.sys
0x00F63000 \SystemRoot\system32\drivers\isapnp.sys
0x00F6C000 \SystemRoot\system32\drivers\mpio.sys
0x00F96000 \SystemRoot\System32\drivers\partmgr.sys
0x00FAB000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00FB4000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00FC0000 \SystemRoot\system32\drivers\volmgr.sys
0x00E00000 \SystemRoot\System32\drivers\volmgrx.sys
0x011F8000 \SystemRoot\system32\drivers\intelide.sys
0x00FD5000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x01086000 \SystemRoot\system32\drivers\aliide.sys
0x00FE5000 \SystemRoot\system32\drivers\amdide.sys
0x00FEC000 \SystemRoot\system32\drivers\cmdide.sys
0x00C00000 \SystemRoot\System32\drivers\mountmgr.sys
0x00C1A000 \SystemRoot\system32\drivers\msdsm.sys
0x00C40000 \SystemRoot\system32\drivers\nvraid.sys
0x012B0000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x012E0000 \SystemRoot\system32\drivers\pciide.sys
0x012E7000 \SystemRoot\system32\drivers\viaide.sys
0x014C7000 \SystemRoot\system32\drivers\iaStorV.sys
0x015E5000 \SystemRoot\system32\drivers\atapi.sys
0x01400000 \SystemRoot\system32\drivers\ataport.SYS
0x0142A000 \SystemRoot\system32\DRIVERS\lsi_sas.sys
0x01447000 \SystemRoot\system32\DRIVERS\storport.sys
0x014AA000 \SystemRoot\system32\drivers\msahci.sys
0x012EF000 \SystemRoot\system32\drivers\HpSAMD.sys
0x01306000 \SystemRoot\system32\DRIVERS\adp94xx.sys
0x01381000 \SystemRoot\system32\DRIVERS\adpahci.sys
0x01200000 \SystemRoot\system32\DRIVERS\adpu320.sys
0x0122F000 \SystemRoot\system32\drivers\amdsata.sys
0x0124D000 \SystemRoot\system32\DRIVERS\amdsbs.sys
0x014B5000 \SystemRoot\system32\drivers\amdxata.sys
0x01294000 \SystemRoot\system32\DRIVERS\arc.sys
0x013D7000 \SystemRoot\system32\DRIVERS\arcsas.sys
0x0165D000 \SystemRoot\system32\DRIVERS\elxstor.sys
0x016E4000 \SystemRoot\system32\DRIVERS\iirsp.sys
0x016F5000 \SystemRoot\system32\DRIVERS\lsi_fc.sys
0x01714000 \SystemRoot\system32\DRIVERS\lsi_sas2.sys
0x01727000 \SystemRoot\system32\DRIVERS\lsi_scsi.sys
0x01746000 \SystemRoot\system32\DRIVERS\megasas.sys
0x01752000 \SystemRoot\system32\DRIVERS\MegaSR.sys
0x01600000 \SystemRoot\system32\DRIVERS\nfrd960.sys
0x01610000 \SystemRoot\system32\drivers\nvstor.sys
0x0184D000 \SystemRoot\system32\DRIVERS\ql2300.sys
0x01A73000 \SystemRoot\system32\DRIVERS\ql40xx.sys
0x01AD2000 \SystemRoot\system32\DRIVERS\SiSRaid2.sys
0x01AE0000 \SystemRoot\system32\DRIVERS\sisraid4.sys
0x01AF8000 \SystemRoot\system32\DRIVERS\stexstor.sys
0x01B02000 \SystemRoot\system32\DRIVERS\vsmraid.sys
0x01B2C000 \SystemRoot\system32\drivers\fltmgr.sys
0x01B78000 \SystemRoot\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS
0x01BE9000 \SystemRoot\system32\drivers\fileinfo.sys
0x01C2E000 \SystemRoot\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS
0x01E08000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01D12000 \SystemRoot\System32\Drivers\msrpc.sys
0x01FAB000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01D70000 \SystemRoot\System32\Drivers\cng.sys
0x01FC6000 \SystemRoot\System32\drivers\pcw.sys
0x01FD7000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x020CA000 \SystemRoot\system32\drivers\ndis.sys
0x02000000 \SystemRoot\system32\drivers\NETIO.SYS
0x02060000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x022F2000 \SystemRoot\System32\drivers\tcpip.sys
0x024F6000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x02540000 \SystemRoot\system32\DRIVERS\wd.sys
0x02548000 \SystemRoot\system32\drivers\volsnap.sys
0x02594000 \SystemRoot\System32\Drivers\spldr.sys
0x0259C000 \SystemRoot\system32\drivers\sbp2port.sys
0x025B9000 \SystemRoot\System32\drivers\rdyboost.sys
0x02200000 \SystemRoot\System32\Drivers\mup.sys
0x02212000 \SystemRoot\System32\drivers\hwpolicy.sys
0x0221B000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x02255000 \SystemRoot\system32\DRIVERS\disk.sys
0x022A3000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x022CD000 \SystemRoot\System32\Drivers\Null.SYS
0x022D6000 \SystemRoot\System32\Drivers\Beep.SYS
0x022DD000 \SystemRoot\System32\drivers\vga.sys
0x0208B000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x020B0000 \SystemRoot\System32\drivers\watchdog.sys
0x025F3000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x020C0000 \SystemRoot\system32\drivers\rdpencdd.sys
0x021BD000 \SystemRoot\system32\drivers\rdprefmp.sys
0x021C6000 \SystemRoot\System32\Drivers\Msfs.SYS
0x021D1000 \SystemRoot\System32\Drivers\Npfs.SYS
0x01C00000 \SystemRoot\system32\DRIVERS\tdx.sys
0x021E2000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x038B3000 \SystemRoot\system32\drivers\afd.sys
0x0393C000 \SystemRoot\System32\DRIVERS\netbt.sys
0x03981000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x0398A000 \SystemRoot\system32\DRIVERS\pacer.sys
0x039B0000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x039C6000 \SystemRoot\system32\DRIVERS\netbios.sys
0x03800000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x0381B000 \SystemRoot\system32\drivers\termdd.sys
0x0382F000 \SystemRoot\System32\Drivers\N360x64\0501000.01D\SYMNETS.SYS
0x01A00000 \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
0x01A36000 \SystemRoot\system32\drivers\N360x64\0501000.01D\Ironx64.SYS
0x03895000 \SystemRoot\system32\drivers\N360x64\0501000.01D\SRTSPX64.SYS
0x04A7F000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x04AD0000 \SystemRoot\system32\drivers\nsiproxy.sys
0x04ADC000 \SystemRoot\system32\drivers\mssmbios.sys
0x04AE7000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20110604.001\IDSvia64.sys
0x04B64000 \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
0x04A00000 \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
0x04A26000 \SystemRoot\System32\drivers\discache.sys
0x04A35000 \SystemRoot\System32\Drivers\dfsc.sys
0x04A53000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x04C4F000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20110519.002\BHDrvx64.sys
0x04D6B000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x04D91000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x04DA7000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x0FC40000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x108E5000 \SystemRoot\System32\Drivers\nvBridge.kmd
0x108E7000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x04DAC000 \SystemRoot\System32\drivers\dxgmms1.sys
0x109DB000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x04EB0000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x04F06000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x04F17000 \SystemRoot\system32\drivers\HDAudBus.sys
0x05466000 \SystemRoot\system32\DRIVERS\NETw5s64.sys
0x05BC5000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x05400000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x05432000 \SystemRoot\system32\drivers\i8042prt.sys
0x05450000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
0x05BD2000 \SystemRoot\system32\drivers\kbdclass.sys
0x04F3B000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x05BE1000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x05BE3000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x05BF2000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x04F8E000 \SystemRoot\System32\Drivers\aj4vmejx.SYS
0x0545C000 \SystemRoot\system32\drivers\wmiacpi.sys
0x04FD6000 \SystemRoot\system32\drivers\CompositeBus.sys
0x04FE6000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x04E00000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x04E24000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x04E30000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x04E5F000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x04E7A000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x0FC00000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x04E9B000 \SystemRoot\system32\DRIVERS\hamachi.sys
0x0FC1A000 \SystemRoot\system32\DRIVERS\nbdrv.sys
0x04EA6000 \SystemRoot\system32\drivers\swenum.sys
0x04C00000 \SystemRoot\system32\drivers\ks.sys
0x0FC25000 \SystemRoot\system32\drivers\umbus.sys
0x0507C000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x050D6000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x050EB000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x0516A000 \SystemRoot\system32\DRIVERS\portcls.sys
0x051A7000 \SystemRoot\system32\DRIVERS\drmk.sys
0x051C9000 \SystemRoot\system32\drivers\ksthunk.sys
0x051CF000 \SystemRoot\system32\drivers\nvhda64v.sys
0x000E0000 \SystemRoot\System32\win32k.sys
0x05000000 \SystemRoot\System32\drivers\Dxapi.sys
0x0500C000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00520000 \SystemRoot\System32\TSDDD.dll
0x007D0000 \SystemRoot\System32\cdd.dll
0x00970000 \SystemRoot\System32\ATMFD.DLL
0x0501A000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x05037000 \SystemRoot\System32\Drivers\usbvideo.sys
0x05065000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x04A64000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x05073000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x109E8000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0x04DF2000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x04BDD000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0x07838000 \SystemRoot\system32\DRIVERS\udfs.sys
0x0788D000 \SystemRoot\System32\Drivers\crashdmp.sys
0x0789B000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x078A7000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x078B2000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x078C5000 \SystemRoot\system32\drivers\luafv.sys
0x078E8000 \SystemRoot\system32\drivers\WudfPf.sys
0x07909000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x0791E000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x07971000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x07984000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x0799C000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x0849E000 \SystemRoot\system32\drivers\HTTP.sys
0x08567000 \SystemRoot\system32\DRIVERS\bowser.sys
0x08585000 \SystemRoot\System32\drivers\mpsdrv.sys
0x0859D000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x08400000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0844D000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0AC41000 \SystemRoot\system32\drivers\peauth.sys
0x0ACE7000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0ACF2000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x0AD23000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0AD35000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0B294000 \SystemRoot\System32\DRIVERS\srv.sys
0x0B32C000 \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
0x0B334000 \SystemRoot\System32\Drivers\N360x64\0501000.01D\SRTSP64.SYS
0x0BC02000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110611.006\EX64.SYS
0x0B200000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110611.006\ENG64.SYS
0x0B220000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x77270000 \Windows\System32\ntdll.dll
0x47C00000 \Windows\System32\smss.exe
0xFF590000 \Windows\System32\apisetschema.dll
0xFF740000 \Windows\System32\autochk.exe
0x77440000 \Windows\System32\normaliz.dll
0xFF530000 \Windows\System32\ws2_32.dll
0xFF4D0000 \Windows\System32\Wldap32.dll
0xFF4A0000 \Windows\System32\imm32.dll
0xFF3D0000 \Windows\System32\usp10.dll
0x77170000 \Windows\System32\user32.dll
0x77430000 \Windows\System32\psapi.dll
0xFF350000 \Windows\System32\difxapi.dll
0xFF140000 \Windows\System32\ole32.dll
0xFF060000 \Windows\System32\oleaut32.dll
0x77010000 \Windows\System32\wininet.dll
0xFEE80000 \Windows\System32\setupapi.dll
0x76EF0000 \Windows\System32\kernel32.dll
0xFEE00000 \Windows\System32\shlwapi.dll
0xFED60000 \Windows\System32\msvcrt.dll
0xFED50000 \Windows\System32\nsi.dll
0xFECE0000 \Windows\System32\gdi32.dll
0xFEC40000 \Windows\System32\clbcatq.dll
0xFEC20000 \Windows\System32\sechost.dll
0x76DA0000 \Windows\System32\urlmon.dll
0xFEC10000 \Windows\System32\lpk.dll
0x76B90000 \Windows\System32\iertutil.dll
0xFEBF0000 \Windows\System32\imagehlp.dll
0xFEAE0000 \Windows\System32\msctf.dll
0xFDD50000 \Windows\System32\shell32.dll
0xFDC20000 \Windows\System32\rpcrt4.dll
0xFDB40000 \Windows\System32\advapi32.dll
0xFDAA0000 \Windows\System32\comdlg32.dll
0xFDA60000 \Windows\System32\cfgmgr32.dll
0xFD9C0000 \Windows\System32\comctl32.dll
0xFD9A0000 \Windows\System32\devobj.dll
0xFD960000 \Windows\System32\wintrust.dll
0xFD7F0000 \Windows\System32\crypt32.dll
0xFD780000 \Windows\System32\KernelBase.dll
0xFD770000 \Windows\System32\msasn1.dll
0x757A0000 \Windows\SysWOW64\normaliz.dll

Processes (total 82):
0 System Idle Process
4 System
296 C:\Windows\System32\smss.exe
396 csrss.exe
456 C:\Windows\System32\wininit.exe
468 csrss.exe
504 C:\Windows\System32\services.exe
528 C:\Windows\System32\lsass.exe
536 C:\Windows\System32\lsm.exe
636 C:\Windows\System32\winlogon.exe
700 C:\Windows\System32\svchost.exe
764 C:\Windows\System32\nvvsvc.exe
804 C:\Windows\System32\svchost.exe
868 C:\Windows\System32\svchost.exe
944 C:\Windows\System32\svchost.exe
980 C:\Windows\System32\svchost.exe
1008 C:\Program Files\IDT\WDM\stacsv64.exe
472 C:\Windows\System32\audiodg.exe
716 C:\Windows\System32\svchost.exe
1096 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
1108 C:\Windows\System32\nvvsvc.exe
1264 C:\Windows\System32\svchost.exe
1556 C:\Windows\System32\spoolsv.exe
1588 C:\Windows\System32\svchost.exe
1680 C:\Program Files\IDT\WDM\AESTSr64.exe
1720 C:\xampp\apache\bin\httpd.exe
1772 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1804 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
1840 C:\Windows\SysWOW64\svchost.exe
1880 C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
1920 C:\Windows\System32\svchost.exe
1952 C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
1976 C:\Program Files (x86)\iTeleport\iTeleport Connect\iTeleportService.exe
1144 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
1220 C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
1500 C:\xampp\mysql\bin\mysqld.exe
1632 C:\Program Files\Norton 360\Engine\5.1.0.29\ccsvchst.exe
1824 C:\xampp\apache\bin\httpd.exe
2052 C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
2196 C:\Windows\System32\taskhost.exe
3256 C:\Program Files\Norton 360\Engine\5.1.0.29\ccsvchst.exe
3408 C:\Windows\System32\dwm.exe
3440 C:\Windows\explorer.exe
3732 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
3760 C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
3796 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
3876 C:\Windows\System32\svchost.exe
3916 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
3956 C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
4044 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
3684 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
4356 WmiPrvSE.exe
4468 C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
4852 C:\Windows\System32\rundll32.exe
4912 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
5056 C:\Windows\System32\SearchIndexer.exe
4328 C:\Windows\System32\svchost.exe
5076 C:\Windows\System32\SearchProtocolHost.exe
4432 C:\Windows\System32\SearchFilterHost.exe
3328 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
888 C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
5144 C:\Program Files\IDT\WDM\sttray64.exe
5152 C:\Program Files\Logitech\SetPointP\SetPoint.exe
5184 C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
5584 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
5592 C:\Program Files (x86)\iTeleport\iTeleport Connect\iTeleportConnect.exe
5744 C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
5752 C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
5764 C:\Program Files\iTunes\iTunesHelper.exe
5844 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
5880 WmiPrvSE.exe
6068 C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
6100 C:\PROGRA~2\Bitcoin\bitcoin.exe
5324 C:\Program Files\iPod\bin\iPodService.exe
3712 C:\Program Files\Windows Media Player\wmpnetwk.exe
5576 C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
4304 C:\Windows\System32\svchost.exe
6844 C:\Users\Megalomon\Desktop\MBRCheck.exe
6856 C:\Windows\System32\conhost.exe
6940 C:\Windows\System32\dllhost.exe
6968 dllhost.exe
6652 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000047`55000000 (NTFS)

PhysicalDrive0 Model Number: WDCWD3200BEVT-60ZCT1, Rev: 13.01A13

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79

Done!

GMER:
GMER Logfile:

Code:

ATTFilter

GMER 1.0.15.15640 - hxxp://www.gmer.net
Rootkit scan 2011-06-12 00:30:15
Windows 6.1.7601 Service Pack 1 
Running: 1208ky31.exe


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1                                                                  771343423
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2                                                                  285507792
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0                                                                  1
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                    
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                 C:\Program Files (x86)\DAEMON Tools Pro\
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                 0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                 0
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x4D 0x54 0x5E 0x06 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                           
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0xA0 0x02 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                     0x17 0xC2 0x0F 0x9E ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                      
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0x61 0x65 0x23 0xC5 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1                      
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12                0xDA 0x0A 0x48 0xAC ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2                      
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12                0x79 0x7D 0x0A 0x41 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3                      
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3@hdf12                0x57 0x56 0x05 0x6A ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                     C:\Program Files (x86)\DAEMON Tools Pro\
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                     0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                     0
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x4D 0x54 0x5E 0x06 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)       
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0xA0 0x02 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                         0x17 0xC2 0x0F 0x9E ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0x61 0x65 0x23 0xC5 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12                    0xDA 0x0A 0x48 0xAC ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq2@hdf12                    0x79 0x7D 0x0A 0x41 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3 (not active ControlSet)  
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq3@hdf12                    0x57 0x56 0x05 0x6A ...

---- EOF - GMER 1.0.15 ----

--- --- ---

cosinus · 13.06.2011, 18:35

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

megalomon · 14.06.2011, 14:43

Die Explorer.exe stürzt leider immernoch von Zeit zu Zeit ab.

11.06.2011, 01:17	#16
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	$Hive Cluster\49600\Megalomon_swarm - Standard$ Hive Cluster\49600\Megalomon_swarm Dann beende das mal. Starte Windows danach neu, lösch die alte cofi.exe, lade CF neu als cofi.exe runter und probier es bitte nochmal. __________________ Logfiles bitte immer in CODE-Tags posten

11.06.2011, 20:52	#22
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	$Hive Cluster\49600\Megalomon_swarm - Standard$ Hive Cluster\49600\Megalomon_swarm Nein, nimm lieber die ISO und brenn es. __________________ Logfiles bitte immer in CODE-Tags posten

Hive Cluster\49600\Megalomon_swarm

Plagegeister aller Art und deren Bekämpfung: Hive Cluster\49600\Megalomon_swarm