roter Bildschirm mit der Warnung "Windows System blockiert"

cosinus · 28.09.2011, 10:26

Ja, nach Möglichkeit alles mit diesem Benutzer ausführen.

Don92 · 28.09.2011, 16:59

Ich habe Kaspersky durchlaufen lassen. Der hat 1 infzierte Datei gefunden die habe ich gelöscht und dann Malwarebytes durchlaufen lassen.

Hier der Log:

Malwarebytes' Anti-Malware 1.51.2.1300
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 7817

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

28.09.2011 17:53:50
mbam-log-2011-09-28 (17-53-50).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 149130
Laufzeit: 5 Minute(n), 15 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Don92 · 28.09.2011, 17:17

Bin ich jetz wieder clean?

cosinus · 28.09.2011, 19:36

Nein. Log vom kaspersky fehlt. Sollte direkt auf C: zu finden sein.

Don92 · 28.09.2011, 19:46

Kaspersky Log:

17:43:36.0122 3336 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
17:43:36.0340 3336 ============================================================
17:43:36.0340 3336 Current date / time: 2011/09/28 17:43:36.0340
17:43:36.0340 3336 SystemInfo:
17:43:36.0340 3336
17:43:36.0340 3336 OS Version: 6.0.6000 ServicePack: 0.0
17:43:36.0340 3336 Product type: Workstation
17:43:36.0340 3336 ComputerName: PAPA-PC
17:43:36.0340 3336 UserName: Papa
17:43:36.0340 3336 Windows directory: C:\Windows
17:43:36.0340 3336 System windows directory: C:\Windows
17:43:36.0340 3336 Processor architecture: Intel x86
17:43:36.0340 3336 Number of processors: 2
17:43:36.0340 3336 Page size: 0x1000
17:43:36.0340 3336 Boot type: Normal boot
17:43:36.0340 3336 ============================================================
17:43:37.0510 3336 Initialize success
17:44:14.0170 2020 ============================================================
17:44:14.0170 2020 Scan started
17:44:14.0170 2020 Mode: Manual;
17:44:14.0170 2020 ============================================================
17:44:15.0855 2020 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
17:44:15.0886 2020 ACPI - ok
17:44:16.0027 2020 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
17:44:16.0089 2020 adp94xx - ok
17:44:16.0136 2020 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
17:44:16.0152 2020 adpahci - ok
17:44:16.0198 2020 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
17:44:16.0230 2020 adpu160m - ok
17:44:16.0245 2020 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
17:44:16.0276 2020 adpu320 - ok
17:44:16.0339 2020 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
17:44:16.0386 2020 AFD - ok
17:44:16.0417 2020 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
17:44:16.0432 2020 aic78xx - ok
17:44:16.0479 2020 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
17:44:16.0479 2020 aliide - ok
17:44:16.0542 2020 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
17:44:16.0573 2020 amdagp - ok
17:44:16.0604 2020 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
17:44:16.0620 2020 amdide - ok
17:44:16.0651 2020 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
17:44:16.0666 2020 AmdK7 - ok
17:44:16.0698 2020 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
17:44:16.0713 2020 AmdK8 - ok
17:44:16.0932 2020 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
17:44:16.0963 2020 arc - ok
17:44:17.0041 2020 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
17:44:17.0056 2020 arcsas - ok
17:44:17.0134 2020 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
17:44:17.0150 2020 AsyncMac - ok
17:44:17.0212 2020 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
17:44:17.0212 2020 atapi - ok
17:44:17.0290 2020 athr (fa642f0fd7999d0c1b8cd36a3e74ab31) C:\Windows\system32\DRIVERS\athr.sys
17:44:17.0337 2020 athr - ok
17:44:17.0400 2020 avgio (87828ecd657f81503465ac705e845076) C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
17:44:17.0415 2020 avgio - ok
17:44:17.0462 2020 avgntflt (fcb30820bed1d3feb55e3dd55a3f947f) C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
17:44:17.0462 2020 avgntflt - ok
17:44:17.0649 2020 avipbb (0b09df022250fb7ba91fb932eac6ea9b) C:\Windows\system32\DRIVERS\avipbb.sys
17:44:17.0665 2020 avipbb - ok
17:44:17.0727 2020 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
17:44:17.0727 2020 Beep - ok
17:44:17.0774 2020 blbdrive - ok
17:44:17.0852 2020 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
17:44:18.0008 2020 bowser - ok
17:44:18.0055 2020 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
17:44:18.0070 2020 BrFiltLo - ok
17:44:18.0102 2020 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
17:44:18.0102 2020 BrFiltUp - ok
17:44:18.0180 2020 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
17:44:18.0195 2020 Brserid - ok
17:44:18.0226 2020 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
17:44:18.0258 2020 BrSerWdm - ok
17:44:18.0273 2020 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
17:44:18.0289 2020 BrUsbMdm - ok
17:44:18.0320 2020 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
17:44:18.0336 2020 BrUsbSer - ok
17:44:18.0398 2020 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
17:44:18.0398 2020 BTHMODEM - ok
17:44:18.0445 2020 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
17:44:18.0460 2020 cdfs - ok
17:44:18.0492 2020 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
17:44:18.0507 2020 cdrom - ok
17:44:18.0554 2020 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
17:44:18.0601 2020 circlass - ok
17:44:18.0632 2020 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
17:44:18.0632 2020 CLFS - ok
17:44:18.0726 2020 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
17:44:18.0757 2020 cmdide - ok
17:44:18.0897 2020 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
17:44:18.0913 2020 Compbatt - ok
17:44:18.0975 2020 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
17:44:18.0991 2020 crcdisk - ok
17:44:19.0022 2020 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
17:44:19.0038 2020 Crusoe - ok
17:44:19.0116 2020 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
17:44:19.0147 2020 DfsC - ok
17:44:19.0334 2020 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
17:44:19.0350 2020 disk - ok
17:44:19.0474 2020 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
17:44:19.0490 2020 drmkaud - ok
17:44:19.0537 2020 DXGKrnl (a2b160c1bb13ee3303c342e551373c59) C:\Windows\System32\drivers\dxgkrnl.sys
17:44:19.0568 2020 DXGKrnl - ok
17:44:19.0630 2020 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
17:44:19.0646 2020 E1G60 - ok
17:44:19.0708 2020 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
17:44:19.0755 2020 Ecache - ok
17:44:19.0911 2020 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
17:44:19.0927 2020 elxstor - ok
17:44:20.0005 2020 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
17:44:20.0036 2020 fastfat - ok
17:44:20.0083 2020 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
17:44:20.0098 2020 fdc - ok
17:44:20.0145 2020 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
17:44:20.0161 2020 FileInfo - ok
17:44:20.0208 2020 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
17:44:20.0223 2020 Filetrace - ok
17:44:20.0239 2020 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
17:44:20.0270 2020 flpydisk - ok
17:44:20.0301 2020 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
17:44:20.0348 2020 FltMgr - ok
17:44:20.0379 2020 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
17:44:20.0379 2020 Fs_Rec - ok
17:44:20.0426 2020 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
17:44:20.0442 2020 gagp30kx - ok
17:44:20.0488 2020 GEARAspiWDM (4ac51459805264affd5f6fdfb9d9235f) C:\Windows\system32\Drivers\GEARAspiWDM.sys
17:44:20.0504 2020 GEARAspiWDM - ok
17:44:20.0691 2020 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:44:20.0707 2020 HDAudBus - ok
17:44:20.0738 2020 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
17:44:20.0754 2020 HidBth - ok
17:44:20.0785 2020 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
17:44:20.0785 2020 HidIr - ok
17:44:20.0832 2020 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
17:44:20.0863 2020 HidUsb - ok
17:44:20.0894 2020 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
17:44:20.0910 2020 HpCISSs - ok
17:44:20.0956 2020 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
17:44:20.0988 2020 HTTP - ok
17:44:21.0019 2020 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
17:44:21.0019 2020 i2omp - ok
17:44:21.0081 2020 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
17:44:21.0097 2020 i8042prt - ok
17:44:21.0144 2020 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
17:44:21.0206 2020 iaStorV - ok
17:44:21.0300 2020 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
17:44:21.0331 2020 iirsp - ok
17:44:21.0440 2020 IntcAzAudAddService (5d854cbac8b7b4b964406f9808c95fae) C:\Windows\system32\drivers\RTKVHDA.sys
17:44:21.0565 2020 IntcAzAudAddService - ok
17:44:21.0674 2020 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
17:44:21.0690 2020 intelide - ok
17:44:21.0736 2020 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
17:44:21.0736 2020 intelppm - ok
17:44:21.0768 2020 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:44:21.0783 2020 IpFilterDriver - ok
17:44:21.0814 2020 IpInIp - ok
17:44:21.0861 2020 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
17:44:21.0877 2020 IPMIDRV - ok
17:44:21.0908 2020 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
17:44:21.0924 2020 IPNAT - ok
17:44:21.0955 2020 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
17:44:21.0970 2020 IRENUM - ok
17:44:22.0002 2020 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
17:44:22.0017 2020 isapnp - ok
17:44:22.0064 2020 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
17:44:22.0064 2020 iScsiPrt - ok
17:44:22.0158 2020 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
17:44:22.0189 2020 iteatapi - ok
17:44:22.0236 2020 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
17:44:22.0251 2020 iteraid - ok
17:44:22.0282 2020 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
17:44:22.0298 2020 kbdclass - ok
17:44:22.0345 2020 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
17:44:22.0360 2020 kbdhid - ok
17:44:22.0438 2020 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
17:44:22.0470 2020 KSecDD - ok
17:44:22.0548 2020 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
17:44:22.0579 2020 lltdio - ok
17:44:22.0704 2020 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
17:44:22.0719 2020 LSI_FC - ok
17:44:22.0735 2020 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
17:44:22.0750 2020 LSI_SAS - ok
17:44:22.0797 2020 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
17:44:22.0828 2020 LSI_SCSI - ok
17:44:22.0875 2020 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
17:44:22.0875 2020 luafv - ok
17:44:22.0953 2020 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
17:44:22.0953 2020 MBAMProtector - ok
17:44:23.0031 2020 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
17:44:23.0047 2020 megasas - ok
17:44:23.0094 2020 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
17:44:23.0109 2020 Modem - ok
17:44:23.0203 2020 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
17:44:23.0203 2020 monitor - ok
17:44:23.0250 2020 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
17:44:23.0265 2020 mouclass - ok
17:44:23.0328 2020 mouhid (a3a6dff7e9e757db3df51a833bc28885) C:\Windows\system32\drivers\mouhid.sys
17:44:23.0359 2020 mouhid - ok
17:44:23.0390 2020 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
17:44:23.0406 2020 MountMgr - ok
17:44:23.0468 2020 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
17:44:23.0499 2020 mpio - ok
17:44:23.0593 2020 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
17:44:23.0624 2020 mpsdrv - ok
17:44:23.0655 2020 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
17:44:23.0686 2020 Mraid35x - ok
17:44:23.0718 2020 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
17:44:23.0733 2020 MRxDAV - ok
17:44:23.0764 2020 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:44:23.0780 2020 mrxsmb - ok
17:44:23.0827 2020 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:44:23.0842 2020 mrxsmb10 - ok
17:44:23.0874 2020 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:44:23.0889 2020 mrxsmb20 - ok
17:44:24.0045 2020 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
17:44:24.0092 2020 msahci - ok
17:44:24.0186 2020 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
17:44:24.0201 2020 msdsm - ok
17:44:24.0232 2020 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
17:44:24.0248 2020 Msfs - ok
17:44:24.0279 2020 msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
17:44:24.0295 2020 msisadrv - ok
17:44:24.0326 2020 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
17:44:24.0342 2020 MSKSSRV - ok
17:44:24.0373 2020 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
17:44:24.0373 2020 MSPCLOCK - ok
17:44:24.0435 2020 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
17:44:24.0435 2020 MSPQM - ok
17:44:24.0482 2020 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
17:44:24.0498 2020 MsRPC - ok
17:44:24.0576 2020 mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
17:44:24.0576 2020 mssmbios - ok
17:44:24.0622 2020 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
17:44:24.0638 2020 MSTEE - ok
17:44:24.0669 2020 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
17:44:24.0685 2020 Mup - ok
17:44:24.0763 2020 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
17:44:24.0778 2020 NativeWifiP - ok
17:44:24.0841 2020 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
17:44:24.0856 2020 NDIS - ok
17:44:24.0919 2020 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
17:44:24.0919 2020 NdisTapi - ok
17:44:24.0950 2020 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
17:44:24.0966 2020 Ndisuio - ok
17:44:25.0012 2020 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
17:44:25.0044 2020 NdisWan - ok
17:44:25.0090 2020 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
17:44:25.0106 2020 NDProxy - ok
17:44:25.0153 2020 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
17:44:25.0153 2020 NetBIOS - ok
17:44:25.0215 2020 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
17:44:25.0231 2020 netbt - ok
17:44:25.0309 2020 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
17:44:25.0324 2020 nfrd960 - ok
17:44:25.0387 2020 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
17:44:25.0402 2020 Npfs - ok
17:44:25.0465 2020 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
17:44:25.0465 2020 nsiproxy - ok
17:44:25.0558 2020 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
17:44:25.0621 2020 Ntfs - ok
17:44:25.0683 2020 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
17:44:25.0699 2020 ntrigdigi - ok
17:44:25.0761 2020 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
17:44:25.0792 2020 Null - ok
17:44:25.0855 2020 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
17:44:25.0870 2020 nvraid - ok
17:44:25.0917 2020 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
17:44:25.0933 2020 nvstor - ok
17:44:25.0948 2020 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
17:44:25.0980 2020 nv_agp - ok
17:44:26.0058 2020 NwlnkFlt - ok
17:44:26.0089 2020 NwlnkFwd - ok
17:44:26.0167 2020 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
17:44:26.0182 2020 ohci1394 - ok
17:44:27.0103 2020 PAC207 (dca942c0a19a0ad2abcd9acf94eb4b10) C:\Windows\system32\DRIVERS\PFC027.SYS
17:44:27.0337 2020 PAC207 - ok
17:44:27.0462 2020 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
17:44:27.0867 2020 Parport - ok
17:44:27.0914 2020 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
17:44:27.0961 2020 partmgr - ok
17:44:28.0008 2020 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
17:44:28.0054 2020 Parvdm - ok
17:44:28.0164 2020 pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
17:44:28.0179 2020 pci - ok
17:44:28.0257 2020 pciide (caba65e9c41cd2900d4c92d4f825c5f8) C:\Windows\system32\drivers\pciide.sys
17:44:28.0257 2020 pciide - ok
17:44:28.0304 2020 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
17:44:28.0351 2020 pcmcia - ok
17:44:28.0413 2020 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
17:44:28.0491 2020 PEAUTH - ok
17:44:28.0678 2020 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
17:44:28.0678 2020 PptpMiniport - ok
17:44:28.0725 2020 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
17:44:28.0741 2020 Processor - ok
17:44:28.0819 2020 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
17:44:28.0834 2020 PSched - ok
17:44:28.0866 2020 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
17:44:28.0881 2020 PxHelp20 - ok
17:44:28.0975 2020 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
17:44:29.0053 2020 ql2300 - ok
17:44:29.0084 2020 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
17:44:29.0100 2020 ql40xx - ok
17:44:29.0146 2020 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
17:44:29.0146 2020 QWAVEdrv - ok
17:44:29.0162 2020 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
17:44:29.0178 2020 RasAcd - ok
17:44:29.0224 2020 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:44:29.0240 2020 Rasl2tp - ok
17:44:29.0271 2020 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
17:44:29.0318 2020 RasPppoe - ok
17:44:29.0334 2020 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
17:44:29.0412 2020 rdbss - ok
17:44:29.0443 2020 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:44:29.0443 2020 RDPCDD - ok
17:44:29.0490 2020 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
17:44:29.0505 2020 rdpdr - ok
17:44:29.0552 2020 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
17:44:29.0568 2020 RDPENCDD - ok
17:44:29.0630 2020 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
17:44:29.0661 2020 RDPWD - ok
17:44:29.0848 2020 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
17:44:29.0864 2020 rspndr - ok
17:44:29.0926 2020 RTL8023xp (8de22fb05e4a0f797b1e442eb4b3b51c) C:\Windows\system32\DRIVERS\Rtnicxp.sys
17:44:29.0942 2020 RTL8023xp - ok
17:44:30.0082 2020 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
17:44:30.0098 2020 sbp2port - ok
17:44:30.0348 2020 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
17:44:30.0363 2020 secdrv - ok
17:44:30.0457 2020 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
17:44:30.0488 2020 Serenum - ok
17:44:30.0535 2020 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
17:44:30.0550 2020 Serial - ok
17:44:30.0613 2020 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
17:44:30.0628 2020 sermouse - ok
17:44:30.0691 2020 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
17:44:30.0706 2020 sffdisk - ok
17:44:30.0738 2020 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
17:44:30.0753 2020 sffp_mmc - ok
17:44:30.0769 2020 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
17:44:30.0784 2020 sffp_sd - ok
17:44:30.0800 2020 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
17:44:30.0800 2020 sfloppy - ok
17:44:31.0096 2020 SiS6350 (4d5e6ef27b9617184dbee8e664a4c68f) C:\Windows\system32\DRIVERS\SISGRKMD.sys
17:44:31.0112 2020 SiS6350 - ok
17:44:31.0346 2020 SISAGP (df1af7f5f1ec7800b3ac398acc06c754) C:\Windows\system32\DRIVERS\SISAGPX.sys
17:44:31.0362 2020 SISAGP - ok
17:44:31.0471 2020 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
17:44:31.0486 2020 SiSRaid2 - ok
17:44:31.0549 2020 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
17:44:31.0580 2020 SiSRaid4 - ok
17:44:31.0627 2020 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
17:44:31.0642 2020 Smb - ok
17:44:31.0705 2020 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
17:44:31.0720 2020 spldr - ok
17:44:31.0798 2020 sptd (d390675b8ce45e5fb359338e5e649329) C:\Windows\system32\Drivers\sptd.sys
17:44:31.0798 2020 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d390675b8ce45e5fb359338e5e649329
17:44:31.0798 2020 sptd ( LockedFile.Multi.Generic ) - warning
17:44:31.0814 2020 sptd - detected LockedFile.Multi.Generic (1)
17:44:31.0939 2020 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
17:44:32.0001 2020 srv - ok
17:44:32.0126 2020 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
17:44:32.0142 2020 srv2 - ok
17:44:32.0220 2020 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
17:44:32.0235 2020 srvnet - ok
17:44:32.0266 2020 ssmdrv (71d609c5dff067906d930bde031c4cfe) C:\Windows\system32\DRIVERS\ssmdrv.sys
17:44:32.0298 2020 ssmdrv - ok
17:44:32.0422 2020 swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
17:44:32.0422 2020 swenum - ok
17:44:32.0610 2020 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
17:44:32.0641 2020 Symc8xx - ok
17:44:32.0812 2020 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
17:44:32.0828 2020 Sym_hi - ok
17:44:32.0906 2020 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
17:44:32.0922 2020 Sym_u3 - ok
17:44:33.0078 2020 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
17:44:33.0374 2020 Tcpip - ok
17:44:33.0795 2020 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
17:44:33.0795 2020 Tcpip6 - ok
17:44:34.0170 2020 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
17:44:34.0201 2020 tcpipreg - ok
17:44:34.0528 2020 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
17:44:34.0560 2020 TDPIPE - ok
17:44:34.0840 2020 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
17:44:34.0872 2020 TDTCP - ok
17:44:34.0903 2020 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
17:44:34.0934 2020 tdx - ok
17:44:34.0965 2020 TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
17:44:34.0965 2020 TermDD - ok
17:44:35.0059 2020 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:44:35.0059 2020 tssecsrv - ok
17:44:35.0152 2020 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
17:44:35.0152 2020 tunmp - ok
17:44:35.0184 2020 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
17:44:35.0199 2020 tunnel - ok
17:44:35.0230 2020 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\DRIVERS\uagp35.sys
17:44:35.0246 2020 uagp35 - ok
17:44:35.0293 2020 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
17:44:35.0324 2020 udfs - ok
17:44:35.0386 2020 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
17:44:35.0402 2020 uliagpkx - ok
17:44:35.0433 2020 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
17:44:35.0496 2020 uliahci - ok
17:44:35.0558 2020 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
17:44:35.0574 2020 UlSata - ok
17:44:35.0636 2020 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
17:44:35.0667 2020 ulsata2 - ok
17:44:35.0698 2020 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
17:44:35.0714 2020 umbus - ok
17:44:35.0854 2020 usbccgp (b0ba9caffe9b0555ec0317f30cb79cd2) C:\Windows\system32\DRIVERS\usbccgp.sys
17:44:35.0901 2020 usbccgp - ok
17:44:35.0948 2020 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
17:44:35.0964 2020 usbcir - ok
17:44:36.0120 2020 usbehci (c9fcd05b0a80ea08c2768e5a279b14de) C:\Windows\system32\DRIVERS\usbehci.sys
17:44:36.0135 2020 usbehci - ok
17:44:36.0213 2020 usbhub (5e44f7d957f7560da06bfe6b84b58a35) C:\Windows\system32\DRIVERS\usbhub.sys
17:44:36.0229 2020 usbhub - ok
17:44:36.0244 2020 usbohci (9333e482a173938788cbde8f81ec52fb) C:\Windows\system32\DRIVERS\usbohci.sys
17:44:36.0260 2020 usbohci - ok
17:44:36.0291 2020 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
17:44:36.0307 2020 usbprint - ok
17:44:36.0338 2020 usbscan (b1f95285c08ddfe00c0b955462637ec7) C:\Windows\system32\DRIVERS\usbscan.sys
17:44:36.0354 2020 usbscan - ok
17:44:36.0432 2020 usbsermptxp (49106ee29074e6a3d3ac9e24c6d791d8) C:\Windows\system32\DRIVERS\usbsermptxp.sys
17:44:36.0447 2020 usbsermptxp - ok
17:44:36.0494 2020 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:44:36.0494 2020 USBSTOR - ok
17:44:36.0556 2020 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
17:44:36.0572 2020 usbuhci - ok
17:44:36.0634 2020 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
17:44:36.0650 2020 usbvideo - ok
17:44:36.0744 2020 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
17:44:36.0759 2020 vga - ok
17:44:36.0790 2020 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
17:44:36.0790 2020 VgaSave - ok
17:44:36.0822 2020 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
17:44:36.0837 2020 viaagp - ok
17:44:36.0868 2020 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
17:44:36.0884 2020 ViaC7 - ok
17:44:36.0946 2020 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
17:44:36.0962 2020 viaide - ok
17:44:36.0993 2020 volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
17:44:37.0024 2020 volmgr - ok
17:44:37.0071 2020 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
17:44:37.0102 2020 volmgrx - ok
17:44:37.0321 2020 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
17:44:37.0321 2020 volsnap - ok
17:44:37.0399 2020 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
17:44:37.0414 2020 vsmraid - ok
17:44:37.0477 2020 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
17:44:37.0508 2020 WacomPen - ok
17:44:37.0570 2020 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
17:44:37.0586 2020 Wanarp - ok
17:44:37.0602 2020 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
17:44:37.0617 2020 Wanarpv6 - ok
17:44:37.0680 2020 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
17:44:37.0695 2020 Wd - ok
17:44:37.0742 2020 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
17:44:37.0836 2020 Wdf01000 - ok
17:44:38.0054 2020 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
17:44:38.0054 2020 WmiAcpi - ok
17:44:38.0148 2020 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
17:44:38.0148 2020 WpdUsb - ok
17:44:38.0210 2020 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
17:44:38.0241 2020 ws2ifsl - ok
17:44:38.0335 2020 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:44:38.0382 2020 WUDFRd - ok
17:44:38.0444 2020 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
17:44:38.0460 2020 \Device\Harddisk0\DR0 - ok
17:44:38.0475 2020 Boot (0x1200) (03a23e0aad6aef5dd6425360d06d8f29) \Device\Harddisk0\DR0\Partition0
17:44:38.0475 2020 \Device\Harddisk0\DR0\Partition0 - ok
17:44:38.0475 2020 ============================================================
17:44:38.0475 2020 Scan finished
17:44:38.0475 2020 ============================================================
17:44:38.0506 4480 Detected object count: 1
17:44:38.0506 4480 Actual detected object count: 1
17:45:10.0549 4480 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
17:45:10.0564 4480 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot
17:45:10.0580 4480 C:\Windows\system32\Drivers\sptd.sys - will be deleted on reboot
17:45:10.0580 4480 sptd ( LockedFile.Multi.Generic ) - User select action: Delete
17:45:23.0949 5300 Deinitialize success

Don92 · 28.09.2011, 19:48

Ich konnte alle Dateien öffnen deshalb hab ich das Programm unhide.exe nicht runtergeladen

cosinus · 28.09.2011, 20:19

Du hast mit Kaspersky den SPTD-Treiber gelöscht. Der ist aber harmlos und für virtuelle CD/DVD Laufwerke notwendig.

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Don92 · 28.09.2011, 21:40

Combofix Logfile:

Code:

ATTFilter

ComboFix 11-09-28.03 - Papa 28.09.2011  21:27:47.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6000.0.1252.49.1031.18.1791.1076 [GMT 2:00]
ausgeführt von:: c:\users\Mama\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\google\common\google updater\googleupdaterservice.exe
c:\users\Mama\AppData\Local\ApplicationHistory
c:\users\Mama\AppData\Local\ApplicationHistory\EULA.exe.3bdc8327.ini
c:\users\Mama\AppData\Local\ApplicationHistory\EULALauncher.exe.61ab3c67.ini
c:\users\Papa\AppData\Local\ApplicationHistory
c:\users\Papa\AppData\Local\ApplicationHistory\EULA.exe.3bdc8327.ini
c:\users\Papa\AppData\Local\ApplicationHistory\EULALauncher.exe.61ab3c67.ini
c:\windows\system32\comct332.ocx
c:\windows\system32\spool\prtprocs\w32x86\ppbiPr.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-08-28 bis 2011-09-28  ))))))))))))))))))))))))))))))
.
.
2011-09-28 19:52 . 2011-09-28 19:53	--------	d-----w-	c:\users\Papa\AppData\Local\temp
2011-09-28 19:52 . 2011-09-28 19:52	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-09-28 18:16 . 2011-09-28 18:16	56200	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{7EC5BA5B-6F0F-4C43-8C0F-EF2D6B81D9BC}\offreg.dll
2011-09-27 20:12 . 2011-09-27 20:12	--------	d-----w-	C:\_OTL
2011-09-27 15:49 . 2011-09-12 23:14	7269712	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{7EC5BA5B-6F0F-4C43-8C0F-EF2D6B81D9BC}\mpengine.dll
2011-09-26 17:27 . 2011-09-26 17:27	--------	d-----w-	c:\users\Mama\AppData\Roaming\Malwarebytes
2011-09-25 20:34 . 2011-09-25 20:34	--------	d-----w-	c:\program files\ESET
2011-09-25 18:27 . 2011-09-25 18:27	--------	d-----w-	c:\users\Papa\AppData\Roaming\Malwarebytes
2011-09-25 18:27 . 2011-09-25 18:27	--------	d-----w-	c:\programdata\Malwarebytes
2011-09-25 18:27 . 2011-09-25 18:27	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-09-25 18:27 . 2011-08-31 15:00	22216	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-09-04 18:07 . 2011-09-04 18:07	--------	d-----w-	c:\users\Mama\AppData\Local\DDMSettings
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-10 06:16 . 2011-08-10 06:16	404640	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-10 16:00 . 2011-07-10 16:00	9232	----a-w-	c:\users\Papa\mqdmmdfl.sys
2011-07-10 16:00 . 2011-07-10 16:00	92064	----a-w-	c:\users\Papa\mqdmmdm.sys
2011-07-10 16:00 . 2011-07-10 16:00	79328	----a-w-	c:\users\Papa\mqdmserd.sys
2011-07-10 16:00 . 2011-07-10 16:00	66656	----a-w-	c:\users\Papa\mqdmbus.sys
2011-07-10 16:00 . 2011-07-10 16:00	6208	----a-w-	c:\users\Papa\mqdmcmnt.sys
2011-07-10 16:00 . 2011-07-10 16:00	5936	----a-w-	c:\users\Papa\mqdmwhnt.sys
2011-07-10 16:00 . 2011-07-10 16:00	4048	----a-w-	c:\users\Papa\mqdmcr.sys
2011-07-10 16:00 . 2011-07-10 16:00	25600	----a-w-	c:\windows\system32\drivers\usbsermptxp.sys
2011-07-10 16:00 . 2011-07-10 16:00	25600	----a-w-	c:\users\Papa\usbsermptxp.sys
2011-07-10 16:00 . 2011-07-10 16:00	22768	----a-w-	c:\users\Papa\usbsermpt.sys
2011-09-09 18:54 . 2011-05-07 09:28	134104	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
2010-06-20 12:33 . 2010-06-20 12:33	119808	----a-w-	c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2007-07-19 1120568]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2010-04-16 3872080]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-09-18 171464]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-24 68856]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-10 4468736]
"Skytel"="Skytel.exe" [2007-05-07 1826816]
"SiSTray"="c:\program files\SiS VGA Utilities\SiSTray.exe" [2007-06-14 548864]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-01-11 232184]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-06-20 30192]
"MSPService"="c:\program files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe" [2007-06-12 102400]
"toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-18 266497]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2004-03-09 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2004-03-09 40960]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-17 136176]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-20 30192]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-17 136176]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
S3 SiS6350;SiS6350;c:\windows\system32\DRIVERS\SISGRKMD.sys [2007-06-14 455032]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners
.
2011-09-28 c:\windows\Tasks\1-Klick-Wartung.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-02-18 03:36]
.
2011-09-28 c:\windows\Tasks\Erweiterte Garantie.job
- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-09-10 16:38]
.
2011-09-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-17 09:05]
.
2011-09-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-17 09:05]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = 
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\0x5j975u.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - 
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=827316&p=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
FF - user.js: browser.sessionstore.resume_from_crash - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-52448283.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-09-28 21:52
Windows 6.0.6000  NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2011-09-28  22:01:43
ComboFix-quarantined-files.txt  2011-09-28 20:01
.
Vor Suchlauf: 8 Verzeichnis(se), 72.469.745.664 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 72.398.458.880 Bytes frei
.
- - End Of File - - 0D53CC33F20E5A2A78F668119E24FC37

--- --- ---

cosinus · 28.09.2011, 21:56

Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

Don92 · 29.09.2011, 20:46

OSAM Logfile:

Code:

ATTFilter

Report of OSAM: Autorun Manager v5.0.11926.0
Online Solutions. Complex Protection for Information Systems
Saved at 21:46:07 on 29.09.2011

OS: Windows Vista Home Premium Edition (Build 6000), 32-bit
Default Browser: Mozilla Corporation Firefox 7.0

Scanner Settings
[ ] Rootkits detection (hidden registry)
[ ] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[AppInit DLLs]
-----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )-----
"AppInit_DLLs" - "Google" - C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll

[Common]
-----( %SystemRoot%\Tasks )-----
"1-Klick-Wartung.job" - ? - C:\Windows\Tasks\1-Klick-Wartung.job  (File is exclusively opened, access blocked)
"Erweiterte Garantie.job" - ? - C:\Windows\Tasks\Erweiterte Garantie.job  (File is exclusively opened, access blocked)
"GoogleUpdateTaskMachineCore.job" - ? - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job  (File is exclusively opened, access blocked)
"GoogleUpdateTaskMachineUA.job" - ? - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job  (File is exclusively opened, access blocked)

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
"ISUSPM.cpl" - "Macrovision Corporation" - C:\Windows\system32\ISUSPM.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL
"Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgio" (avgio) - "Avira GmbH" - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\Users\Papa\AppData\Local\Temp\catchme.sys  (File not found)
"GEARAspiWDM" (GEARAspiWDM) - "GEAR Software Inc." - C:\Windows\System32\Drivers\GEARAspiWDM.sys
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"kxldapow" (kxldapow) - ? - C:\Users\Papa\AppData\Local\Temp\kxldapow.sys  (File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"Motorola USB Modem Driver for MPT XP" (usbsermptxp) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\usbsermptxp.sys
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys
"ssmdrv" (ssmdrv) - "AVIRA GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL
{00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll
{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software GmbH" - C:\Program Files\TuneUp Utilities 2008\SDShelEx-win32.dll
{44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software GmbH" - C:\Windows\System32\uxtuneup.dll
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"ICQ7.4" - "ICQ, LLC." - C:\Users\Mama\AppData\Roaming\ICQ\Application\ICQ7.4\ICQ.exe
"ICQ7.5" - "ICQ, LLC." - C:\Users\Mama\AppData\Roaming\ICQ\Application\ICQ7.5\ICQ.exe
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBarLayout" - ? -   (File not found | COM-object registry key not found)
<binary data> "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
"ICQ6" - "ICQ, LLC." - C:\Program Files\ICQ6.5\ICQ.exe
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
{593DDEC6-7468-4cdd-90E1-42DADAA222E9} "DivX HiQ" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
{326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} "Search Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} "Windows Live Toolbar Helper" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll
{02478D38-C3F9-4efb-9B51-7695ECA05670} "{02478D38-C3F9-4efb-9B51-7695ECA05670}" - ? -   (File not found | COM-object registry key not found)

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" - "Nero AG" - "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"ICQ" - "ICQ, LLC." - "C:\Users\Mama\AppData\Roaming\ICQ\Application\ICQ7.5\ICQ.exe" silent loginmode=4
"ISUSPM" - "Macrovision Corporation" - "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"JavaControl" - ? - C:\Users\Mama\AppData\Roaming\Sun\Java\jqs.exe  (File not found)
"msnmsgr" - "Microsoft Corporation" - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
"swg" - "Google Inc." - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
"DivXUpdate" - ? - "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"Google Desktop Search" - "Google" - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"IndexSearch" - "ScanSoft, Inc." - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"Malwarebytes' Anti-Malware (reboot)" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
"MSPService" - ? - C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe  (File found, but it contains no detailed information)
"NeroFilterCheck" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
"PaperPort PTD" - "ScanSoft, Inc." - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
"QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
"RoxWatchTray" - "Sonic Solutions" - "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
"SiSTray" - "Silicon Integrated Systems Corporation" - %ProgramFiles%\SiS VGA Utilities\SiSTray.exe
"SSBkgdUpdate" - "Scansoft, Inc." - "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"toolbar_eula_launcher" - " " - C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@%SystemRoot%\System32\TuneUpDefragService.exe,-1" (TuneUp.Defrag) - "TuneUp Software GmbH" - C:\Windows\System32\TuneUpDefragService.exe
"@%SystemRoot%\System32\uxtuneup.dll,-4096" (UxTuneUp) - "TuneUp Software GmbH" - C:\Windows\System32\uxtuneup.dll
"AntiVir PersonalEdition Classic Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
"AntiVir PersonalEdition Classic Planer" (AntiVirScheduler) - "Avira GmbH" - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
"Google Desktop Manager 5.9.1005.12335" (GoogleDesktopManager-051210-111108) - "Google" - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
"Google Software Updater" (gusvc) - ? - "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"  (File not found)
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
"NBService" (NBService) - "Nero AG" - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
"NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Roxio Hard Drive Watcher 9" (RoxWatch9) - "Sonic Solutions" - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
"RoxMediaDB9" (RoxMediaDB9) - "Sonic Solutions" - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
"SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
"stllssvr" (stllssvr) - "MicroVision Development, Inc." - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
"Symantec Lic NetConnect service" (CLTNetCnService) - ? - "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon  (File not found)

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---
If You have questions or want to get some help, You can visit Online Solutions :: Index

Don92 · 29.09.2011, 21:05

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-09-29 21:49:01
-----------------------------
21:49:01.939 OS Version: Windows 6.0.6000
21:49:01.939 Number of processors: 2 586 0xF0D
21:49:01.939 ComputerName: PAPA-PC UserName: Papa
21:49:03.327 Initialize success
21:50:27.712 AVAST engine defs: 11092900
21:51:06.743 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
21:51:06.743 Disk 0 Vendor: ST3250820AS 3.AAD Size: 238475MB BusType: 3
21:51:08.771 Disk 0 MBR read successfully
21:51:08.787 Disk 0 MBR scan
21:51:08.802 Disk 0 Windows VISTA default MBR code
21:51:08.818 Disk 0 scanning sectors +488395120
21:51:08.912 Disk 0 scanning C:\Windows\system32\drivers
21:51:24.153 Service scanning
21:51:25.401 Modules scanning
21:51:35.010 Disk 0 trace - called modules:
21:51:35.042 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
21:51:35.042 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84c059c8]
21:51:35.057 3 ntkrnlpa.exe[81cb07e2] -> nt!IofCallDriver -> [0x838b34e0]
21:51:35.057 5 acpi.sys[8046932a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x838b35f8]
21:51:38.910 AVAST engine scan C:\Windows
21:51:51.328 AVAST engine scan C:\Windows\system32
21:55:10.150 AVAST engine scan C:\Windows\system32\drivers
21:55:24.393 AVAST engine scan C:\Users\Papa
22:00:17.018 AVAST engine scan C:\ProgramData
22:03:29.740 Scan finished successfully
22:03:44.856 Disk 0 MBR has been saved successfully to "C:\Users\Mama\Desktop\MBR.dat"
22:03:44.872 The log file has been saved successfully to "C:\Users\Mama\Desktop\aswMBR.txt"

cosinus · 29.09.2011, 21:57

Was ist mit GMER?

Don92 · 30.09.2011, 07:00

Ist immer abgestürzt.

cosinus · 30.09.2011, 09:43

Ok. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

28.09.2011, 10:26	#16
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	roter Bildschirm mit der Warnung "Windows System blockiert" Ja, nach Möglichkeit alles mit diesem Benutzer ausführen. __________________ Logfiles bitte immer in CODE-Tags posten

28.09.2011, 19:36	#19
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	roter Bildschirm mit der Warnung "Windows System blockiert" Nein. Log vom kaspersky fehlt. Sollte direkt auf C: zu finden sein. __________________ Logfiles bitte immer in CODE-Tags posten

29.09.2011, 21:57	#27
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	roter Bildschirm mit der Warnung "Windows System blockiert" Was ist mit GMER? __________________ Logfiles bitte immer in CODE-Tags posten

roter Bildschirm mit der Warnung "Windows System blockiert"

Log-Analyse und Auswertung: roter Bildschirm mit der Warnung "Windows System blockiert"